thesadtimes.typeform.com Open in urlscan Pro
104.18.41.163 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://thesadtimes.typeform.com/sheep-lication
Submission: On November 06 via api (November 6th 2022, 2:19:30 pm UTC) from RU — Scanned from DE

Summary HTTP 52 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 9 domains to perform 52 HTTP transactions. The main IP is 104.18.41.163, located in Shahr, Iran, Islamic Republic Of and belongs to CLOUDFLARENET, US. The main domain is thesadtimes.typeform.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 27th 2022. Valid for: a year.

This is the only time thesadtimes.typeform.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	104.18.41.163 104.18.41.163	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:205... 2600:9000:2057:2000:9:b3c8:b180:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:21f... 2600:9000:21f3:c800:8:2495:5540:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:20e... 2600:9000:20eb:ee00:4:f6ce:61c0:93a1	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:231... 2600:9000:2315:9c00:16:a497:9700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	18.204.168.92 18.204.168.92	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
8	52.4.109.84 52.4.109.84	14618 (AMAZON-AES) (AMAZON-AES)
52	17

5 104.18.41.163 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

thesadtimes.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:2000:9:b3c8:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)

font.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21f3:c800:8:2495:5540:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:20eb:ee00:4:f6ce:61c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

renderer-assets.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:9c00:16:a497:9700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.rudderlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.204.168.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-168-92.compute-1.amazonaws.com

rudderstack-control-plane.cdp.prod.data.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.4.109.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-109-84.compute-1.amazonaws.com

rudderstack.cdp.prod.data.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	typeform.com thesadtimes.typeform.com font.typeform.com — Cisco Umbrella Rank: 68853 images.typeform.com — Cisco Umbrella Rank: 65650 renderer-assets.typeform.com — Cisco Umbrella Rank: 57277 rudderstack-control-plane.cdp.prod.data.typeform.com — Cisco Umbrella Rank: 62229 rudderstack.cdp.prod.data.typeform.com — Cisco Umbrella Rank: 60162	1 MB
11	youtube.com www.youtube.com — Cisco Umbrella Rank: 94	845 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 349	30 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	48 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 static.doubleclick.net — Cisco Umbrella Rank: 421	1 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 106	96 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 202	1 KB
1	google.com www.google.com — Cisco Umbrella Rank: 17	15 KB
1	rudderlabs.com cdn.rudderlabs.com — Cisco Umbrella Rank: 21432	116 KB
52	9

	Domain	Requested by
11	www.youtube.com	renderer-assets.typeform.com www.youtube.com
8	rudderstack.cdp.prod.data.typeform.com	renderer-assets.typeform.com
6	renderer-assets.typeform.com	thesadtimes.typeform.com renderer-assets.typeform.com
5	thesadtimes.typeform.com	thesadtimes.typeform.com renderer-assets.typeform.com
4	jnn-pa.googleapis.com	www.youtube.com
3	images.typeform.com	thesadtimes.typeform.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	fonts.gstatic.com	www.youtube.com
2	rudderstack-control-plane.cdp.prod.data.typeform.com	renderer-assets.typeform.com
2	font.typeform.com	thesadtimes.typeform.com font.typeform.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	cdn.rudderlabs.com	renderer-assets.typeform.com
52	16

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.typeform.com

Subject Issuer	Validity	Valid
typeform.com Cloudflare Inc ECC CA-3	`2022-06-27` - `2023-06-26`	a year	crt.sh
*.typeform.com Amazon	`2022-09-30` - `2023-10-29`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.rudderlabs.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
cdp.prod.data.typeform.com Amazon	`2022-02-01` - `2023-03-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://thesadtimes.typeform.com/sheep-lication
Frame ID: 33FFF39F9AF12EE27D3F1E77DA36ED62
Requests: 23 HTTP requests in this frame

Frame: https://thesadtimes.typeform.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1667736000
Frame ID: 7373AB0576A8A6E4F5B8370159E8EB33
Requests: 3 HTTP requests in this frame

Frame: https://www.youtube.com/embed/FW_Lrlpe6zI?autoplay=0&disablekb=1&modestbranding=1&origin=https%3A%2F%2Fthesadtimes.typeform.com&rel=0&loop=1&enablejsapi=1&widgetid=1
Frame ID: CFB82260B66347CF641905F55FA4DB75
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sheep Job Application

Detected technologies

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Page Statistics

52
Requests

96 %
HTTPS

81 %
IPv6

9
Domains

16
Subdomains

17
IPs

3
Countries

2495 kB
Transfer

6489 kB
Size

16
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/thesadtimesnft
Title: @thesadstimesnft

Search URL Search Domain Scan URL

URL: https://www.typeform.com/explore/?utm_campaign=qOh5UGHz&utm_source=typeform.com-21704084-business&utm_medium=typeform&utm_content=typeform-footer&utm_term=EN
Title: Powered by Typeform

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

52 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request sheep-lication Show response
thesadtimes.typeform.com/ 115 KB
38 KB 615ms
559ms Document
text/html 104.18.41.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thesadtimes.typeform.com/sheep-lication

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.41.163 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / 7374-6.24.9

Resource Hash

332ad1c170b8eb77cb0701cbf40166f0bb527903815fcc5049b6c3674f4ec82f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: X-Typeform-Key, Content-Type, Authorization, Typeform-Version
access-control-allow-methods: GET, OPTIONS, POST, PUT, PATCH, DELETE
access-control-expose-headers: Location, X-Request-Id
age: 228896
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 765e76bb3fb8692e-FRA
content-encoding: gzip
content-security-policy-report-only: report-uri https://typeformforms.report-uri.com/r/t/csp/reportOnly; default-src 'self' https: data: blob: chrome-extension: moz-extension: safari-extension:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' https:; worker-src 'self' blob:; manifest-src public-assets.typeform.com; form-action 'none'; frame-ancestors 'self' http://localhost:* capacitor: iconic: https:; base-uri 'self'; child-src wvjbscheme: https:; connect-src 'self' wss: https: chrome-extension: moz-extension: safari-extension:; style-src 'self' 'unsafe-inline' https:
content-type: text/html; charset=utf-8
date: Sun, 06 Nov 2022 14:19:23 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hc6AM9M6OtoSSY%2Bno8LtxgiGYlyGIEiVRNmr1FHKUvDULVPpI76mB6AI9MMgrDhiebZGHbR%2B7BRbrl17XJBg%2FGVlZ10Bvcs3uMEZzLfh3KTIqhWhyZyQRbrwv0UyGg9DJfJbO6ds%2BC%2B3xg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-cache-lookup: HIT
x-envoy-upstream-service-time: 1
x-powered-by: 7374-6.24.9
x-varnish: 110509470 20884600

GET
H2 200 index.css
font.typeform.com/dist/google/baskervville/ 868 B
1 KB 72ms
9ms Stylesheet
text/css 2600:9000:2057:2000:9:b3c8:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://font.typeform.com/dist/google/baskervville/index.css
Requested by: Host: thesadtimes.typeform.com
URL: https://thesadtimes.typeform.com/sheep-lication
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2000:9:b3c8:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0dbc518a0e138e70951db5b5ffcea4832ebff67a3f7c8019ff113e1c7b23f1cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesadtimes.typeform.com/sheep-lication
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 03:28:41 GMT
x-amz-version-id: PZtl8OoiNKLIHl5TwB0Vt2o9oQCDVYh1
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 125442
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 868
last-modified: Fri, 08 Jul 2022 07:39:01 GMT
server: AmazonS3
etag: "43918e8b95abf176e0db20d2f0548889"
content-type: text/css
cache-control: max-age=432000
accept-ranges: bytes
x-amz-cf-id: BTYTRYtCkjXppmDD-fmdFBAAdloQt5Uo-D9cdNYbnqMf5909yUqyoA==

GET
H2 200 large
images.typeform.com/images/jUWQEneHkBZy/background/ 77 KB
78 KB 61ms
11ms Image
image/jpeg 2600:9000:21f3:c800:8:2495:5540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.typeform.com/images/jUWQEneHkBZy/background/large

Requested by

Host: thesadtimes.typeform.com
URL: https://thesadtimes.typeform.com/sheep-lication

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:c800:8:2495:5540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e052dcdfc89aff56e2beaa2adeab4cb970a6e1be9903e0c0137d9baf08dd158e

Security Headers

Name	Value
Content-Security-Policy	script-src 'self'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesadtimes.typeform.com/sheep-lication
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:12:35 GMT
content-security-policy: script-src 'self'
via: 1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront), 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7, FRA2-C2
age: 1123608
x-amzn-requestid: 35d1e82f-3979-4566-9e5e-a5a0641c2aa1
x-amzn-trace-id: Root=1-63569d52-33f8957d338b32b104dd7de9;Sampled=0
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1296000
x-amz-apigw-id: ag2E-GiVoAMFU7Q=
content-length: 79260
x-amz-cf-id: EV86RTqTvI-OakoygOe4VlPzNeZxm-6IWfZR8bDctiZbSm4Tp3_3EQ==

GET
H2 200 VQprKHb2xTbP
images.typeform.com/images/ 91 KB
92 KB 45ms
11ms Image
image/png 2600:9000:21f3:c800:8:2495:5540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.typeform.com/images/VQprKHb2xTbP

Requested by

Host: thesadtimes.typeform.com
URL: https://thesadtimes.typeform.com/sheep-lication

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:c800:8:2495:5540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

27c5b2539a57f2b4a8471b2ec971094b45f60a3305ba6ffa1b51639bffe7d4b5

Security Headers

Name	Value
Content-Security-Policy	script-src 'self'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesadtimes.typeform.com/sheep-lication
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:12:35 GMT
content-security-policy: script-src 'self'
via: 1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront), 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7, FRA2-C2
age: 1123608
x-amzn-requestid: 1d39fddb-44c9-4588-a828-95c92a41eaa7
x-amzn-trace-id: Root=1-63569d52-0fe29229055182680593c693;Sampled=0
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1296000
x-amz-apigw-id: ag2E_Fi4IAMFQ8w=
content-length: 93317
x-amz-cf-id: 8Wcs-aZAqr7MAMm1HkqDz5n_THL_Bcuwm2B3H_QuVGf5Q2-KyZQFeg==

GET
H2 200 modern-renderer.89df2b24b0cbb9c54913.js Show response
renderer-assets.typeform.com/ 741 KB
215 KB 69ms
10ms Script
application/x-javascript 2600:9000:20eb:ee00:4:f6ce:61c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://renderer-assets.typeform.com/modern-renderer.89df2b24b0cbb9c54913.js
Requested by: Host: thesadtimes.typeform.com
URL: https://thesadtimes.typeform.com/sheep-lication
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ee00:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: caf0237e9e47058fd47e60b787847cb501148ffbd50d5db98a11b057690f8d4f

Request headers

Referer: https://thesadtimes.typeform.com/sheep-lication
Origin: https://thesadtimes.typeform.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: IINj7cpR9ASsXcqJrNR5C478HtNJoksZ
content-encoding: gzip
via: 1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
date: Sun, 06 Nov 2022 06:46:02 GMT
x-amz-cf-pop: FRA2-C1
age: 27202
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 02 Nov 2022 14:14:48 GMT
server: AmazonS3
etag: W/"ac6e0952e7a3d1b5660357df4266bb91"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: max-age=2419200
x-amz-cf-id: RQFX2jPLUFyuyXBqrG2q8IxGgUd9Ffvm5rnHRn3Ezl48Ak1VysiEhw==

GET
H2 200 invisible.js Show response
thesadtimes.typeform.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 7373 37 KB
18 KB 15ms
14ms Script
application/javascript 104.18.41.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thesadtimes.typeform.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1667736000

Requested by

Host: thesadtimes.typeform.com
URL: https://thesadtimes.typeform.com/sheep-lication

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.41.163 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

841c7ed1c75e955b2426316c8f6cd1068d8cbed4bd80be1511d320695bd7384a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 14:19:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JI8rgkVsbo%2FGK2DFmXd1AOazOAL%2BGJr5Q3EsK330iB6%2FXPHpTWeHyll3cZcjfQoz4Z33WpqqyGcGrvvQOE3s7SRwOPHMG2%2FT1kQycP%2FYwHGEP6Cts79cx5cnjoIlLDRVpq9FbVhVGZaQnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 765e76bf6fc4692e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
thesadtimes.typeform.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 7373 20 KB
10 KB 18ms
17ms Other
application/javascript 104.18.41.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thesadtimes.typeform.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js

Requested by

Host: thesadtimes.typeform.com
URL: https://thesadtimes.typeform.com/sheep-lication

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.41.163 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a2a2e76bb4409c537c674c4013e9ecd6070db8cf2b2a3f112fb5eb85d521dc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 14:19:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pb8JPaA13vLyXY9TrDaqoVYWfCKlK5u9qDuB7i15y1CedC3FvWc4MPIriHAAqDnwr%2Fb48kySM5KG62OWtgmPO%2FaME%2Fx8o24CRN9Nn08LTn0q4p%2BUkddcbJ7GyjEQhpl3EUMEbL9FIPBO8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 765e76bf8fb5914a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 765e76bb3fb8692e Show response
thesadtimes.typeform.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 7373 2 B
746 B 36ms
36ms XHR
text/plain 104.18.41.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thesadtimes.typeform.com/cdn-cgi/challenge-platform/h/g/cv/result/765e76bb3fb8692e

Requested by

Host: thesadtimes.typeform.com
URL: https://thesadtimes.typeform.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1667736000

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.41.163 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 06 Nov 2022 14:19:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9C%2FEC3F0RtpRcT4EsvVSXjvLDIgOVxCnZ%2FEgbrz%2Bmdb0coHEl52B2imQwNNwBh4KWmqbOZYXy88mcjHFHN6y%2BXhxK%2FPEBxzksaHNKdYqrBraw2YjWrPPy5LRcpvWV7sXSKR1vh0h5QTFHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 765e76c16c1e914a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 vendors~form~blocks-validation-phone_number~blocks-renderer-contact_info~blocks-renderer-phone_number.0c35a1c1193305df993f.renderer.js Show response
renderer-assets.typeform.com/ 107 KB
28 KB 33ms
20ms Script
application/x-javascript 2600:9000:20eb:ee00:4:f6ce:61c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://renderer-assets.typeform.com/vendors~form~blocks-validation-phone_number~blocks-renderer-contact_info~blocks-renderer-phone_number.0c35a1c1193305df993f.renderer.js
Requested by: Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.89df2b24b0cbb9c54913.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:20eb:ee00:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c683a0b24c9732c0eaa4f0e9552d815dde7e4e5eea1270da99e81dd703c950dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesadtimes.typeform.com/sheep-lication
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: lr3cGfZY54Mcia3DdwJtgzj.dWS.5qTY
content-encoding: gzip
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
date: Sun, 06 Nov 2022 04:44:57 GMT
age: 34466
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 04 Nov 2022 18:21:46 GMT
server: AmazonS3
etag: W/"84ed4a4c21dda7b34914967639b12068"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2419200
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: gOZo0UK3ZP_xY-ilEohvFHHZt3MVNuWvfUbrLz1BJ0AVm0qrkMJa3Q==

GET
H3 200 vendors~form~attachment.59afaea937ac09d6b679.renderer.js Show response
renderer-assets.typeform.com/ 11 KB
5 KB 24ms
12ms Script
application/x-javascript 2600:9000:20eb:ee00:4:f6ce:61c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://renderer-assets.typeform.com/vendors~form~attachment.59afaea937ac09d6b679.renderer.js
Requested by: Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.89df2b24b0cbb9c54913.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:20eb:ee00:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 308e25a382c626fb4de05bb52ed95fa55d11b0d79aa9784d997b41a31f5cafad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesadtimes.typeform.com/sheep-lication
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: gnvmIOg_DlAVXEH81NTjdYRMqpJJIy7G
content-encoding: gzip
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
date: Sun, 06 Nov 2022 11:12:56 GMT
age: 11188
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 04 Nov 2022 18:21:46 GMT
server: AmazonS3
etag: W/"a9aefc68fb37a8beff1319120843c747"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2419200
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: CL8FCIdiR9qS0NlJI76fC18iqKpocQr0gYpDfR9GxrZiJjQbDXc9fw==

GET
H3 200 vendors~form.ad1771f16303cb0fea85.renderer.js Show response
renderer-assets.typeform.com/ 622 KB
190 KB 25ms
13ms Script
application/x-javascript 2600:9000:20eb:ee00:4:f6ce:61c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://renderer-assets.typeform.com/vendors~form.ad1771f16303cb0fea85.renderer.js
Requested by: Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.89df2b24b0cbb9c54913.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:20eb:ee00:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a76f850a30ee26172eb932ef87ee9af86f594efa4706f0989662e84dd752ee54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesadtimes.typeform.com/sheep-lication
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: 4JYqOBSnvgBybiqu76xRQpQo605UGk1H
content-encoding: gzip
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
date: Sun, 06 Nov 2022 12:09:27 GMT
age: 7797
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 03 Nov 2022 09:09:40 GMT
server: AmazonS3
etag: W/"41f8c8ef17228e711ce1bc01569e4743"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2419200
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: AY-LBn2_PGC-a6SXFdvLJeApZsadeycd0apVs5gu32Sn_4Eyhv3zOg==

GET
H3 200 form.a0ca867fa32939bbbd5b.renderer.js Show response
renderer-assets.typeform.com/ 235 KB
69 KB 31ms
19ms Script
application/x-javascript 2600:9000:20eb:ee00:4:f6ce:61c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://renderer-assets.typeform.com/form.a0ca867fa32939bbbd5b.renderer.js
Requested by: Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.89df2b24b0cbb9c54913.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:20eb:ee00:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1e82f7673df189c8dad742963305279d5773a14abad51df686469fb7b145fd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesadtimes.typeform.com/sheep-lication
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: 71YmpN0G.n_R4TLZYQAHdRyOXrD1FF7U
content-encoding: gzip
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
date: Sun, 06 Nov 2022 03:38:48 GMT
age: 38436
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 02 Nov 2022 14:14:48 GMT
server: AmazonS3
etag: W/"609d3dca7ebf97d8181ce1d4ec5db388"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2419200
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: FWe_RYMgZZOo7h-48cz6kZkr6Yr9BirylO0d8d6QnS942jjg3Aw4JA==

GET
H3 200 vendors~attachment.ca393d35bfb71bb8a68c.renderer.js Show response
renderer-assets.typeform.com/ 56 KB
18 KB 12ms
11ms Script
application/x-javascript 2600:9000:20eb:ee00:4:f6ce:61c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://renderer-assets.typeform.com/vendors~attachment.ca393d35bfb71bb8a68c.renderer.js
Requested by: Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.89df2b24b0cbb9c54913.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:20eb:ee00:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5612ad57a399738afde2937d5b005c2bb9131b3fb5558e086ac49cf4760ef303

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesadtimes.typeform.com/sheep-lication
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: ElG1Nu4nL.5Bp4gfN3dyoVE2k43f_09f
content-encoding: gzip
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
date: Sun, 06 Nov 2022 06:19:52 GMT
age: 29324
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 03 Nov 2022 09:09:40 GMT
server: AmazonS3
etag: W/"a322bdcac8543ae02e8e074b97ccf9f0"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2419200
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: F5QSW2Wz3tiUYiGxyjofv7wNLQ8ucQ8aFMq2oZ8FT0piYFpR8AYJFw==

GET
H3 200 baskervville-latin-400-normal.woff2
font.typeform.com/dist/google/baskervville/files/ 24 KB
24 KB 24ms
10ms Font
binary/octet-stream 2600:9000:2057:2000:9:b3c8:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://font.typeform.com/dist/google/baskervville/files/baskervville-latin-400-normal.woff2
Requested by: Host: font.typeform.com
URL: https://font.typeform.com/dist/google/baskervville/index.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2057:2000:9:b3c8:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb1f7d3a4bade80285c7d75b2f1468041ab7c5ee6bb4b9adfc2d9f4652ee3fdf

Request headers

Referer: https://font.typeform.com/dist/google/baskervville/index.css
Origin: https://thesadtimes.typeform.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: mbXm9PAfktue3yA5BV.UhJqdYpb2QCRu
date: Sat, 05 Nov 2022 19:43:33 GMT
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
age: 66951
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 24440
last-modified: Fri, 08 Jul 2022 07:39:01 GMT
server: AmazonS3
etag: "699789114c0c82d9624596de81d34336"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=432000
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: YESnE3ECeJKYpqPqznL-s0pt1e097Kiopd9hXj0EV20BOh5ea7gnbA==

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 49ms
25ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/vendors~attachment.ca393d35bfb71bb8a68c.renderer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cde8f6c5c17d8059141a5c9541ed63cc47519f29d9bb2dceed4562372ab7c643

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesadtimes.typeform.com/sheep-lication
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 14:19:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sun, 06 Nov 2022 14:19:23 GMT

POST
H3 200 view-form-open Show response
thesadtimes.typeform.com/forms/qOh5UGHz/insights/events/ 2 B
1 KB 429ms
428ms Fetch
application/json 104.18.41.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thesadtimes.typeform.com/forms/qOh5UGHz/insights/events/view-form-open

Requested by

Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/vendors~form.ad1771f16303cb0fea85.renderer.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.41.163 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://thesadtimes.typeform.com/sheep-lication
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 06 Nov 2022 14:19:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-backend: papi
x-release: 3219166862
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2
x-build-date: 2022-10-10T12:04:15+0000
server: cloudflare
access-control-allow-methods: GET, OPTIONS, POST, PUT, PATCH, DELETE
content-type: application/json
access-control-allow-origin: https://thesadtimes.typeform.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eDkhAFyJ4LEOdAfhvVDcbLUnabXVqRFVTI%2BFApHMSsOhsxX%2FtmWlL7gHaS%2FBJ%2F4MupKbCKzC5JjIC5F52j5Wg9QKSo%2Fxouk3B%2F9Ym%2B1Gv%2BKoc10%2BIBo%2BIx782Nv0H7ljp8TtrKbvZ2hGJg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Location, X-Request-Id
x-service: insights-3.0
x-commit-sha: 47470726fef1a9218c188de713a412d08f3a1a63
cf-ray: 765e76c2bebf914a-FRA
access-control-allow-headers: X-Typeform-Key, Content-Type, Authorization, Typeform-Version

GET
H2 200 rudder-analytics.min.js Show response
cdn.rudderlabs.com/v1/ 407 KB
116 KB 79ms
18ms Script
application/javascript 2600:9000:2315:9c00:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/v1/rudder-analytics.min.js
Requested by: Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/vendors~form.ad1771f16303cb0fea85.renderer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:9c00:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f4d47dfbb1b87ca3117bb7411a94c166892a93f3bead39761b714f71b9c11c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesadtimes.typeform.com/sheep-lication
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 13:53:53 GMT
content-encoding: gzip
via: 1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
last-modified: Mon, 31 Oct 2022 09:58:27 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 1532
etag: W/"537c66e3180a0ff2ad2dafe0ac5f8b66"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: U1gW0jB_cEX1tubwy_qWsC0y9Nkk4F6Z5Kmr4CPxWxZsHk2Wkh8qxA==

GET default-firstframe.png
images.typeform.com/images/bwjLhrj3PU24/image/ 0
0

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 default
images.typeform.com/images/bwjLhrj3PU24/image/ 554 KB
555 KB 15ms
14ms Image
image/gif 2600:9000:21f3:c800:8:2495:5540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.typeform.com/images/bwjLhrj3PU24/image/default

Requested by

Host: thesadtimes.typeform.com
URL: https://thesadtimes.typeform.com/sheep-lication

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:c800:8:2495:5540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b5486834841a408ee47261b19b5b52ef02c36dabb1e55a0715996ecc7aa35663

Security Headers

Name	Value
Content-Security-Policy	script-src 'self'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesadtimes.typeform.com/sheep-lication
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 06:16:26 GMT
content-security-policy: script-src 'self'
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront), 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1, FRA2-C2
age: 633778
x-amzn-requestid: b0207266-97ab-400c-b7d2-4925afb1ce7d
x-amzn-trace-id: Root=1-635e16ba-5231547b1173ba4675a0c3a3;Sampled=0
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=1296000
x-amz-apigw-id: azh9GH13oAMFWWg=
content-length: 566792
x-amz-cf-id: YWBpHULtGC7NKSIzQh6802ymNk9i54gb5hsRR6j16kXHp2iAov4LuQ==

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/03bec62d/www-widgetapi.vflset/ 157 KB
52 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/03bec62d/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1842dc54075526177baf143339a4aa374b1712bd07aebc45d59651b96ce76d52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesadtimes.typeform.com/sheep-lication
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 07:16:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25358
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52800
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 00:17:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Nov 2023 07:16:46 GMT

GET
H3 200 FW_Lrlpe6zI Show response
www.youtube.com/embed/ Frame CFB8 68 KB
27 KB 72ms
71ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/FW_Lrlpe6zI?autoplay=0&disablekb=1&modestbranding=1&origin=https%3A%2F%2Fthesadtimes.typeform.com&rel=0&loop=1&enablejsapi=1&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/03bec62d/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7395749cf9a4ee0ed6203f0649ed44cd78b049955c3a52a07d718d4aa5c7551f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thesadtimes.typeform.com/sheep-lication
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Sun, 06 Nov 2022 14:19:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/ 610 B
744 B 102ms
101ms XHR
application/json 18.204.168.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/?p=cdn&v=1.20.0
Requested by: Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/vendors~form.ad1771f16303cb0fea85.renderer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.204.168.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-168-92.compute-1.amazonaws.com
Software: uvicorn /
Resource Hash: 1e1bfbb50209ae8693353623fab7eeeef5ae1c0ca5d128a40c3be54099e59028

Request headers

Referer: https://thesadtimes.typeform.com/sheep-lication
accept-language: de-DE,de;q=0.9
Authorization: Basic MjJLTUZoSEpiY3pnR1cwZ0pWM1NCcnpCbE5lOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 06 Nov 2022 14:19:24 GMT
access-control-allow-credentials: true
server: uvicorn
content-length: 610
content-type: application/json

OPTIONS
H2 200 /
rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/ Frame 0
0 344ms
102ms Preflight
text/plain 18.204.168.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/?p=cdn&v=1.20.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.204.168.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-168-92.compute-1.amazonaws.com
Software: uvicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://thesadtimes.typeform.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://thesadtimes.typeform.com
access-control-max-age: 600
content-length: 2
content-type: text/plain; charset=utf-8
date: Sun, 06 Nov 2022 14:19:24 GMT
server: uvicorn
vary: Origin

GET
H3 200 www-player.css
www.youtube.com/s/player/03bec62d/ Frame CFB8 359 KB
49 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/03bec62d/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/FW_Lrlpe6zI?autoplay=0&disablekb=1&modestbranding=1&origin=https%3A%2F%2Fthesadtimes.typeform.com&rel=0&loop=1&enablejsapi=1&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b5aeaf9d1fd6e90788e5238257f2dea0d3d4704476e3fa6f287f9a7a8d0ef70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/FW_Lrlpe6zI?autoplay=0&disablekb=1&modestbranding=1&origin=https%3A%2F%2Fthesadtimes.typeform.com&rel=0&loop=1&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 17:52:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 159992
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49793
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 00:17:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 04 Nov 2023 17:52:52 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/03bec62d/www-embed-player.vflset/ Frame CFB8 306 KB
95 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/03bec62d/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6aac4b7c20a6113b3c3c3a57efd343377401ffb7b030af99ed5c75e2cd9bb2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/FW_Lrlpe6zI?autoplay=0&disablekb=1&modestbranding=1&origin=https%3A%2F%2Fthesadtimes.typeform.com&rel=0&loop=1&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 23:36:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 484963
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97445
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 00:17:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 31 Oct 2023 23:36:41 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/03bec62d/player_ias.vflset/de_DE/ Frame CFB8 2 MB
573 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/03bec62d/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e514b01b53e1005ee9ca83530630042c47702526841ea01484243c87ac17c16c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/FW_Lrlpe6zI?autoplay=0&disablekb=1&modestbranding=1&origin=https%3A%2F%2Fthesadtimes.typeform.com&rel=0&loop=1&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:11:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 212878
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 587027
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 00:17:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 04 Nov 2023 03:11:26 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/03bec62d/fetch-polyfill.vflset/ Frame CFB8 9 KB
3 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/03bec62d/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/FW_Lrlpe6zI?autoplay=0&disablekb=1&modestbranding=1&origin=https%3A%2F%2Fthesadtimes.typeform.com&rel=0&loop=1&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 16:21:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79081
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 00:17:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 Nov 2023 16:21:23 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CFB8 15 KB
16 KB 32ms
8ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 442879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Nov 2023 11:18:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CFB8 15 KB
15 KB 34ms
9ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 415176
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Nov 2023 18:59:48 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame CFB8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

35ms
18ms

XHR
application/json

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5a388589df37bba6abd14e77735d363f4da927b51df903e3d8f52c0d7c566dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 14:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 06 Nov 2022 14:19:24 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame CFB8 29 B
587 B 29ms
7ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/03bec62d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 14:09:12 GMT
x-content-type-options: nosniff
age: 612
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 06 Nov 2022 14:24:12 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 39ms
16ms Preflight
text/html 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sun, 06 Nov 2022 14:19:24 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CFB8 66 KB
30 KB 44ms
28ms XHR
application/json+protobuf 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/03bec62d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ee193bb22516db63b25bab05af92b9e188074e56c1de09fa2f6ebf8feaecfac5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 06 Nov 2022 14:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31007
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/03bec62d/player_ias.vflset/de_DE/ Frame CFB8 118 KB
36 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/03bec62d/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/03bec62d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d6672237a6a68fdc09de21c248c1fec37933bc83e769b432b2785cab0674a70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/FW_Lrlpe6zI?autoplay=0&disablekb=1&modestbranding=1&origin=https%3A%2F%2Fthesadtimes.typeform.com&rel=0&loop=1&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 23:45:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 484409
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37087
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 00:17:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 31 Oct 2023 23:45:55 GMT

GET
H2 200 gMsH84TQuiDEVfr1BCtG5xcdN73b4dVBHpnGqNHnahs.js Show response
www.google.com/js/th/ Frame CFB8 36 KB
15 KB 35ms
8ms Script
text/javascript 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/gMsH84TQuiDEVfr1BCtG5xcdN73b4dVBHpnGqNHnahs.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/03bec62d/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80cb07f384d0ba20c455faf5042b46e7171d37bddbe1d5411e99c6a8d1e76a1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 07:56:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 109379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14294
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 05 Nov 2023 07:56:25 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/03bec62d/player_ias.vflset/de_DE/ Frame CFB8 26 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/03bec62d/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/03bec62d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91aefcd7d969d4db2e3ee5a6e7a0780bb5241bb696bfdf0453f31a18ba212475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/FW_Lrlpe6zI?autoplay=0&disablekb=1&modestbranding=1&origin=https%3A%2F%2Fthesadtimes.typeform.com&rel=0&loop=1&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 01:45:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 304463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8268
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 00:17:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 03 Nov 2023 01:45:01 GMT

GET
DATA 200
OK truncated
/ Frame CFB8 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu_Nqh9De6smo4nTH-l1AQFUId_-qqJIyjXvqSk=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame CFB8 1015 B
1 KB 30ms
7ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu_Nqh9De6smo4nTH-l1AQFUId_-qqJIyjXvqSk=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

59d29ee68010294b53a0c4979992fd0fd6fe9c3a35a8f5c44a8862443a7064d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 13:35:56 GMT
x-content-type-options: nosniff
age: 2608
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1015
x-xss-protection: 0
server: fife
etag: "v5"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 28 Oct 2022 11:14:52 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/FW_Lrlpe6zI/ Frame CFB8 95 KB
96 KB 48ms
19ms Image
image/jpeg 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/FW_Lrlpe6zI/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgZShlMA8=&rs=AOn4CLDZjwfwnjLhZh6M0rFzZwF-Vy0mIg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e3c6138bf00a5728050ca544c93fa9440f0c06f930a112380246f3cc0762c3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 14:19:24 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97269
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 06 Nov 2022 16:19:24 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame CFB8 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?_BeDJQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/FW_Lrlpe6zI?autoplay=0&disablekb=1&modestbranding=1&origin=https%3A%2F%2Fthesadtimes.typeform.com&rel=0&loop=1&enablejsapi=1&widgetid=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/FW_Lrlpe6zI?autoplay=0&disablekb=1&modestbranding=1&origin=https%3A%2F%2Fthesadtimes.typeform.com&rel=0&loop=1&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 14:19:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame CFB8 4 KB
3 KB 55ms
29ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/03bec62d/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 14:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 14:19:24 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CFB8 90 B
134 B 21ms
21ms XHR
application/json+protobuf 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/03bec62d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bbdf5c1a5923969c3abffa9e85e60fac0b86bae540c1476702d46adeb0db3cb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 06 Nov 2022 14:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 16ms
16ms Preflight
text/html 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sun, 06 Nov 2022 14:19:24 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/107/ Frame CFB8 52 KB
15 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/107/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:55:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 15:03:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 07 Nov 2022 10:55:54 GMT

POST
H2 200 track Show response
rudderstack.cdp.prod.data.typeform.com/v1/ 2 B
162 B 102ms
102ms XHR
text/plain 52.4.109.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack.cdp.prod.data.typeform.com/v1/track
Requested by: Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/vendors~form.ad1771f16303cb0fea85.renderer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.109.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-109-84.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://thesadtimes.typeform.com/sheep-lication
accept-language: de-DE,de;q=0.9
Authorization: Basic MjJLTUZoSEpiY3pnR1cwZ0pWM1NCcnpCbE5lOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
AnonymousId: ZTk2NTY0NTQtMzQwMS00M2Y1LTlhNmEtNWZiYmFlYzYwNjJi
Content-Type: application/json

Response headers

access-control-allow-origin: https://thesadtimes.typeform.com
date: Sun, 06 Nov 2022 14:19:24 GMT
access-control-allow-credentials: true
content-length: 2
vary: Origin
content-type: text/plain; charset=utf-8

OPTIONS
H2 200 track
rudderstack.cdp.prod.data.typeform.com/v1/ Frame 0
0 341ms
95ms Preflight 52.4.109.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack.cdp.prod.data.typeform.com/v1/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.109.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-109-84.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://thesadtimes.typeform.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://thesadtimes.typeform.com
access-control-max-age: 900
content-length: 0
date: Sun, 06 Nov 2022 14:19:24 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 track
rudderstack.cdp.prod.data.typeform.com/v1/ Frame 0
0 96ms
96ms Preflight 52.4.109.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack.cdp.prod.data.typeform.com/v1/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.109.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-109-84.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://thesadtimes.typeform.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://thesadtimes.typeform.com
access-control-max-age: 900
content-length: 0
date: Sun, 06 Nov 2022 14:19:26 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 track
rudderstack.cdp.prod.data.typeform.com/v1/ Frame 0
0 96ms
96ms Preflight 52.4.109.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack.cdp.prod.data.typeform.com/v1/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.109.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-109-84.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://thesadtimes.typeform.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://thesadtimes.typeform.com
access-control-max-age: 900
content-length: 0
date: Sun, 06 Nov 2022 14:19:26 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 track Show response
rudderstack.cdp.prod.data.typeform.com/v1/ 2 B
162 B 104ms
104ms XHR
text/plain 52.4.109.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack.cdp.prod.data.typeform.com/v1/track
Requested by: Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/vendors~form.ad1771f16303cb0fea85.renderer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.109.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-109-84.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://thesadtimes.typeform.com/sheep-lication
accept-language: de-DE,de;q=0.9
Authorization: Basic MjJLTUZoSEpiY3pnR1cwZ0pWM1NCcnpCbE5lOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
AnonymousId: ZTk2NTY0NTQtMzQwMS00M2Y1LTlhNmEtNWZiYmFlYzYwNjJi
Content-Type: application/json

Response headers

access-control-allow-origin: https://thesadtimes.typeform.com
date: Sun, 06 Nov 2022 14:19:26 GMT
access-control-allow-credentials: true
content-length: 2
vary: Origin
content-type: text/plain; charset=utf-8

POST
H2 200 track Show response
rudderstack.cdp.prod.data.typeform.com/v1/ 2 B
162 B 110ms
109ms XHR
text/plain 52.4.109.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack.cdp.prod.data.typeform.com/v1/track
Requested by: Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/vendors~form.ad1771f16303cb0fea85.renderer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.109.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-109-84.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://thesadtimes.typeform.com/sheep-lication
accept-language: de-DE,de;q=0.9
Authorization: Basic MjJLTUZoSEpiY3pnR1cwZ0pWM1NCcnpCbE5lOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
AnonymousId: ZTk2NTY0NTQtMzQwMS00M2Y1LTlhNmEtNWZiYmFlYzYwNjJi
Content-Type: application/json

Response headers

access-control-allow-origin: https://thesadtimes.typeform.com
date: Sun, 06 Nov 2022 14:19:26 GMT
access-control-allow-credentials: true
content-length: 2
vary: Origin
content-type: text/plain; charset=utf-8

POST
H2 200 track Show response
rudderstack.cdp.prod.data.typeform.com/v1/ 2 B
162 B 99ms
98ms XHR
text/plain 52.4.109.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack.cdp.prod.data.typeform.com/v1/track
Requested by: Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/vendors~form.ad1771f16303cb0fea85.renderer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.109.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-109-84.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://thesadtimes.typeform.com/sheep-lication
accept-language: de-DE,de;q=0.9
Authorization: Basic MjJLTUZoSEpiY3pnR1cwZ0pWM1NCcnpCbE5lOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
AnonymousId: ZTk2NTY0NTQtMzQwMS00M2Y1LTlhNmEtNWZiYmFlYzYwNjJi
Content-Type: application/json

Response headers

access-control-allow-origin: https://thesadtimes.typeform.com
date: Sun, 06 Nov 2022 14:19:26 GMT
access-control-allow-credentials: true
content-length: 2
vary: Origin
content-type: text/plain; charset=utf-8

OPTIONS
H2 200 track
rudderstack.cdp.prod.data.typeform.com/v1/ Frame 0
0 95ms
95ms Preflight 52.4.109.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack.cdp.prod.data.typeform.com/v1/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.109.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-109-84.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://thesadtimes.typeform.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://thesadtimes.typeform.com
access-control-max-age: 900
content-length: 0
date: Sun, 06 Nov 2022 14:19:26 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame CFB8 28 B
54 B 21ms
20ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/03bec62d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
X-Goog-Request-Time: 1667744366504
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/FW_Lrlpe6zI?autoplay=0&disablekb=1&modestbranding=1&origin=https%3A%2F%2Fthesadtimes.typeform.com&rel=0&loop=1&enablejsapi=1&widgetid=1
X-YouTube-Client-Version: 1.20221030.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtEbVFMZVNmTTF6USjshJ-bBg%3D%3D
X-YouTube-Ad-Signals: dt=1667744364156&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C720%2C405&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 06 Nov 2022 14:19:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Sun, 06 Nov 2022 14:19:26 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: images.typeform.com
URL: https://images.typeform.com/images/bwjLhrj3PU24/image/default-firstframe.png

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.typeform.com/	1970-01-20 07:15:46	Name: __cf_bm Value: owhWEwCBAFHXIaIrr9fxEh76nhvFjN6IDMwZatJjUrE-1667744363-0-ASUfsYNsTtAigD72MzTMeaatGLQNnMPkeb5dTaJPckpjN4/28D91MPM33odqJp4dkT+3XlQmKZMrYydcaY17gImYqZNa617fwBP41pOD8DjNO7eCBKitUEYiHSlejSIVdwTd0Nx4eeBOvpJyFjcRpgQ+hsmXQRXMNa9cWyqKBr0G
.typeform.com/	1970-01-20 11:39:15	Name: tf_respondent_cc Value: {%22groups%22:[%22SC%22]%2C%22timestamp%22:%222022-11-06T14:19:23.900Z%22%2C%22implicitConsent%22:true}
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: AFWCDG7KPY4
.youtube.com/	1970-01-20 11:34:56	Name: VISITOR_INFO1_LIVE Value: DmQLeSfM1zQ
.typeform.com/	1970-01-20 16:01:20	Name: attribution_user_id Value: f714ffc8-e429-49a8-98f7-9041dddeaac2
.typeform.com/	1970-01-20 16:01:20	Name: rl_user_id Value: RudderEncrypt%3AU2FsdGVkX1%2BUSAVPXOL464l3AUhEdHa9oC3gLpsITkY%3D
.typeform.com/	1970-01-20 16:01:20	Name: rl_anonymous_id Value: RudderEncrypt%3AU2FsdGVkX182NWO40w8gk2dgwYmwtrY%2BWftFx2KJjgMWV5F%2FBM3YHJbB9qU3l2dxR1aAN0UoBNp73rwuM0Z27A%3D%3D
.typeform.com/	1970-01-20 16:01:20	Name: rl_group_id Value: RudderEncrypt%3AU2FsdGVkX18rCH48vzD6j%2B3imNoEOh%2FxEdetZF1p0Yg%3D
.typeform.com/	1970-01-20 16:01:20	Name: rl_trait Value: RudderEncrypt%3AU2FsdGVkX19A1v90Pnd%2FiYVzgHecpF%2BEfH6bZ2NU3CM%3D
.typeform.com/	1970-01-20 16:01:20	Name: rl_group_trait Value: RudderEncrypt%3AU2FsdGVkX19BKXGWrNj3VecHDp7UlWX7tRqqbqUyhHE%3D
.typeform.com/	1970-01-20 16:01:20	Name: rl_page_init_referrer Value: RudderEncrypt%3AU2FsdGVkX18sCY6vu62w4TMTgj59CAjMcUzcd8h7YjE%3D
.typeform.com/	1970-01-20 16:01:20	Name: rl_page_init_referring_domain Value: RudderEncrypt%3AU2FsdGVkX1%2FQi9dUwCe9rIvW0BurAOxc0waOkHj4rgQ%3D
thesadtimes.typeform.com/	1970-01-20 07:25:49	Name: AWSALBTG Value: 8JVrP6G8cpOfoMrk1qJuyYod7XhYqiwyhU59Eqccy421lSiBwxB+Oo/MOAinwGALDUb0v+I5GPdaTDRRdL2RMSXFjE+MqjRiQB7gBGOmcU+WK2coP+xeKgjqDXgDABjOJBzEt26uAmijXESSKG4Z7GQF1vBFV7oaHdlMHEriF+aZ
thesadtimes.typeform.com/	1970-01-20 07:25:49	Name: AWSALBTGCORS Value: 8JVrP6G8cpOfoMrk1qJuyYod7XhYqiwyhU59Eqccy421lSiBwxB+Oo/MOAinwGALDUb0v+I5GPdaTDRRdL2RMSXFjE+MqjRiQB7gBGOmcU+WK2coP+xeKgjqDXgDABjOJBzEt26uAmijXESSKG4Z7GQF1vBFV7oaHdlMHEriF+aZ
.typeform.com/	1970-01-20 16:01:20	Name: rl_session Value: RudderEncrypt%3AU2FsdGVkX19iaLopQTkffVIReFKlE6Q7Y5FgnR%2F0sNW9wKRlGS7qshlnFunAlexPodXZ8jiQeQWQSWCHMS%2BAnyamOKewvae8gdb3nzraWMkf0As3NJYZshVdZQcD7En%2BJtCQdtdjQpQ34Oprtdh5Kg%3D%3D
thesadtimes.typeform.com/	1970-01-20 07:15:45	Name: _dd_s Value: logs=1&id=374c0158-dafd-4aee-8207-2a7107aeba30&created=1667744363943&expire=1667745263943

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.rudderlabs.com
font.typeform.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
images.typeform.com
jnn-pa.googleapis.com
renderer-assets.typeform.com
rudderstack-control-plane.cdp.prod.data.typeform.com
rudderstack.cdp.prod.data.typeform.com
static.doubleclick.net
thesadtimes.typeform.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
images.typeform.com
104.18.41.163
18.204.168.92
2600:9000:2057:2000:9:b3c8:b180:93a1
2600:9000:20eb:ee00:4:f6ce:61c0:93a1
2600:9000:21f3:c800:8:2495:5540:93a1
2600:9000:2315:9c00:16:a497:9700:93a1
2a00:1450:4001:803::200a
2a00:1450:4001:806::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:80f::2006
2a00:1450:4001:810::2016
2a00:1450:4001:811::2001
2a00:1450:4001:828::2003
52.4.109.84
0dbc518a0e138e70951db5b5ffcea4832ebff67a3f7c8019ff113e1c7b23f1cb
1842dc54075526177baf143339a4aa374b1712bd07aebc45d59651b96ce76d52
1e1bfbb50209ae8693353623fab7eeeef5ae1c0ca5d128a40c3be54099e59028
1f4d47dfbb1b87ca3117bb7411a94c166892a93f3bead39761b714f71b9c11c5
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27c5b2539a57f2b4a8471b2ec971094b45f60a3305ba6ffa1b51639bffe7d4b5
2b5aeaf9d1fd6e90788e5238257f2dea0d3d4704476e3fa6f287f9a7a8d0ef70
2e3c6138bf00a5728050ca544c93fa9440f0c06f930a112380246f3cc0762c3a
308e25a382c626fb4de05bb52ed95fa55d11b0d79aa9784d997b41a31f5cafad
332ad1c170b8eb77cb0701cbf40166f0bb527903815fcc5049b6c3674f4ec82f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4d6672237a6a68fdc09de21c248c1fec37933bc83e769b432b2785cab0674a70
5612ad57a399738afde2937d5b005c2bb9131b3fb5558e086ac49cf4760ef303
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
59d29ee68010294b53a0c4979992fd0fd6fe9c3a35a8f5c44a8862443a7064d3
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
7395749cf9a4ee0ed6203f0649ed44cd78b049955c3a52a07d718d4aa5c7551f
7a2a2e76bb4409c537c674c4013e9ecd6070db8cf2b2a3f112fb5eb85d521dc7
80cb07f384d0ba20c455faf5042b46e7171d37bddbe1d5411e99c6a8d1e76a1b
841c7ed1c75e955b2426316c8f6cd1068d8cbed4bd80be1511d320695bd7384a
91aefcd7d969d4db2e3ee5a6e7a0780bb5241bb696bfdf0453f31a18ba212475
a5a388589df37bba6abd14e77735d363f4da927b51df903e3d8f52c0d7c566dc
a76f850a30ee26172eb932ef87ee9af86f594efa4706f0989662e84dd752ee54
b5486834841a408ee47261b19b5b52ef02c36dabb1e55a0715996ecc7aa35663
bb1f7d3a4bade80285c7d75b2f1468041ab7c5ee6bb4b9adfc2d9f4652ee3fdf
bbdf5c1a5923969c3abffa9e85e60fac0b86bae540c1476702d46adeb0db3cb4
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
c683a0b24c9732c0eaa4f0e9552d815dde7e4e5eea1270da99e81dd703c950dc
caf0237e9e47058fd47e60b787847cb501148ffbd50d5db98a11b057690f8d4f
cde8f6c5c17d8059141a5c9541ed63cc47519f29d9bb2dceed4562372ab7c643
d6aac4b7c20a6113b3c3c3a57efd343377401ffb7b030af99ed5c75e2cd9bb2c
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e052dcdfc89aff56e2beaa2adeab4cb970a6e1be9903e0c0137d9baf08dd158e
e1e82f7673df189c8dad742963305279d5773a14abad51df686469fb7b145fd4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e514b01b53e1005ee9ca83530630042c47702526841ea01484243c87ac17c16c
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee193bb22516db63b25bab05af92b9e188074e56c1de09fa2f6ebf8feaecfac5
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

thesadtimes.typeform.com Open in urlscan Pro 104.18.41.163 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

52 Requests

96 %HTTPS

81 %IPv6

9 Domains

16 Subdomains

17 IPs

3 Countries

2495 kBTransfer

6489 kBSize

16 Cookies

2 Outgoing links

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

thesadtimes.typeform.com Open in urlscan Pro
104.18.41.163 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

96 %
HTTPS

81 %
IPv6

9
Domains

16
Subdomains

17
IPs

3
Countries

2495 kB
Transfer

6489 kB
Size

16
Cookies

52 HTTP transactions
2 data transactions