urlscan.io logo urlscan.io
SecurityTrails logo

zenwriting.net Open in urlscan Pro
2606:4700:3037::ac43:9747  Public Scan

Go To Rescan Add Verdict Report
URL: https://zenwriting.net/pizzahyena1/advertising-national-museum-of-american-history-fundamentals-explained
Submission: On February 12 via manual from US — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 14 domains to perform 29 HTTP transactions. The main IP is 2606:4700:3037::ac43:9747, located in United States and belongs to CLOUDFLARENET, US. The main domain is zenwriting.net. The Cisco Umbrella rank of the primary domain is 537925.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 14th 2021. Valid for: a year.
This is the only time zenwriting.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2606:4700:3037::ac43:9747 (United States)

ASN13335 (CLOUDFLARENET, US)
zenwriting.net
1    51.68.251.150 (France)

ASN16276 (OVH, FR)
PTR: ip150.ip-51-68-251.eu
arenco.com.sa
1    2606:4700:7::a29f:9904 (United States)

ASN13335 (CLOUDFLARENET, US)
miro.medium.com
1    2606:4700:3034::6815:acc (United States)

ASN13335 (CLOUDFLARENET, US)
www.smallbizgenius.net
1    34.71.62.60 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 60.62.71.34.bc.googleusercontent.com
8signal.com
9    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
4    104.18.138.190 (None, )

ASN13335 (CLOUDFLARENET, US)
static.typepad.com
bimandbeam.typepad.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:82b::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
2    89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
cdn.rawgit.com
2    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
Apex Domain
Subdomains		 Transfer
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 87
736 KB
4 typepad.com
static.typepad.com — Cisco Umbrella Rank: 117641
bimandbeam.typepad.com
100 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
static.doubleclick.net — Cisco Umbrella Rank: 309
1 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
32 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 401
2 KB
2 rawgit.com
cdn.rawgit.com — Cisco Umbrella Rank: 7537
1 KB
2 zenwriting.net
zenwriting.net — Cisco Umbrella Rank: 537925
6 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 103
31 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 213
979 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
14 KB
1 8signal.com
8signal.com
181 KB
1 smallbizgenius.net
www.smallbizgenius.net
1 medium.com
miro.medium.com — Cisco Umbrella Rank: 11300
2 MB
1 arenco.com.sa
arenco.com.sa
78 KB
29 14
Domain Requested by
9 www.youtube.com zenwriting.net
www.youtube.com
3 static.typepad.com zenwriting.net
static.typepad.com
2 cdn.jsdelivr.net static.typepad.com
2 cdn.rawgit.com 2 redirects
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 zenwriting.net zenwriting.net
1 bimandbeam.typepad.com zenwriting.net
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 fonts.gstatic.com www.youtube.com
1 8signal.com zenwriting.net
1 www.smallbizgenius.net zenwriting.net
1 miro.medium.com zenwriting.net
1 arenco.com.sa zenwriting.net
29 17

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-08-14 -
2022-08-13		 a year crt.sh
arenco.com.sa
cPanel, Inc. Certification Authority		 2022-01-16 -
2022-04-16		 3 months crt.sh
medium.com
Cloudflare Inc ECC CA-3		 2021-12-28 -
2022-03-28		 3 months crt.sh
8signal.com
R3		 2021-12-10 -
2022-03-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://zenwriting.net/pizzahyena1/advertising-national-museum-of-american-history-fundamentals-explained
Frame ID: 6F56A89F4A3299F73253DF14AA6C1D2D
Requests: 12 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ORnCEZD38IA
Frame ID: E9AABB7E0757600BC55389E17F4E709C
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Advertising - National Museum of American History Fundamentals Explained — pizzahyena1

Detected technologies

Overall confidence: 100%
Detected patterns
  • medium\.com
Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

29
Requests

90 %
HTTPS

75 %
IPv6

14
Domains

17
Subdomains

16
IPs

4
Countries

2864 kB
Transfer

4939 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 25
  • https://cdn.rawgit.com/noelboss/featherlight/1.7.13/release/featherlight.min.css HTTP 301
  • https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/featherlight.min.css
Request Chain 26
  • https://cdn.rawgit.com/noelboss/featherlight/1.7.13/release/featherlight.gallery.min.css HTTP 301
  • https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/featherlight.gallery.min.css

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request advertising-national-museum-of-american-history-fundamentals-explained
zenwriting.net/pizzahyena1/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zenwriting.net/pizzahyena1/advertising-national-museum-of-american-history-fundamentals-explained
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9747 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20e71014ca38d693c12a829992b930a66c4d6ca973a8dc5d800214fbbf54bf69

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9

Response headers

date
Sat, 12 Feb 2022 07:11:34 GMT
content-type
text/html; charset=utf-8
x-served-by
zenwriting.net
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2BKzokZtFMLLKy7sYJSzVgiQU7n9pu2YV6xAPVRsd9h2OM7hC%2FvsSSArbQcmv6ZIATVumMmb8FrGqaueGmpo%2BltEJ9msaNP1jfCe3T9Y8wbwvPR8Pc7o4%2B3dba0iiQsMfjS42QbAZJEVRiAD0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6dc400ef0e23839a-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
styles.css
zenwriting.net/bimandbeam/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zenwriting.net/bimandbeam/styles.css?v=6
Requested by
Host: zenwriting.net
URL: https://zenwriting.net/pizzahyena1/advertising-national-museum-of-american-history-fundamentals-explained
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9747 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09148a4e05354de72bf4419d6675b65620f2a4bbef7f93d8e2a81844204bde96

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://zenwriting.net/pizzahyena1/advertising-national-museum-of-american-history-fundamentals-explained
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 07:11:34 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 05 Aug 2021 09:52:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bWqY4irgF%2B5SzOPfzm6bgPnZm7GdFjWjPYzHMRVGwD1PSrp8EnyCxVk4AZUgKcqrGPKDwMoVF9xuOkMwgMfTyf3I2DANtmHh0Cb1SjHiUCk3PHqbI5myL%2F79vWYWltLASNUlzdZmwGkMhEV5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6dc400f008a1839a-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
zenwriting.net
Advertising-LED-Display.jpg
arenco.com.sa/wp-content/uploads/2017/10/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://arenco.com.sa/wp-content/uploads/2017/10/Advertising-LED-Display.jpg
Requested by
Host: zenwriting.net
URL: https://zenwriting.net/pizzahyena1/advertising-national-museum-of-american-history-fundamentals-explained
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.68.251.150 , France, ASN16276 (OVH, FR),
Reverse DNS
ip150.ip-51-68-251.eu
Software
Apache /
Resource Hash
9d4f717ec772115f05c9e5a3d4351b402edd8c1716680b0d8334dbc5bef9865b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://zenwriting.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 07:11:35 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 11 Feb 2020 11:30:37 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
image/jpeg
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
79567
X-XSS-Protection
1; mode=block
1*EYv8hdLqXMvY7P5NzkHT-g.jpeg
miro.medium.com/max/10944/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://miro.medium.com/max/10944/1*EYv8hdLqXMvY7P5NzkHT-g.jpeg
Requested by
Host: zenwriting.net
URL: https://zenwriting.net/pizzahyena1/advertising-national-museum-of-american-history-fundamentals-explained
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aee5d0834cf7b1f22b5d2a74dbcb810bb739a110096ef5ce11d28033aa8e30d8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://zenwriting.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 07:11:34 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-envoy-upstream-service-time
121
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1720909
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20211118-133226-0da3f823da
accept-ranges
bytes
cf-ray
6dc400f079c2f93b-MXP
expires
Mon, 14 Mar 2022 07:11:34 GMT
denys-nevozhai-N6t14kV_X68-unsplash_710x473-1.jpg
www.smallbizgenius.net/wp-content/uploads/2019/07/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.smallbizgenius.net/wp-content/uploads/2019/07/denys-nevozhai-N6t14kV_X68-unsplash_710x473-1.jpg
Requested by
Host: zenwriting.net
URL: https://zenwriting.net/pizzahyena1/advertising-national-museum-of-american-history-fundamentals-explained
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:acc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://zenwriting.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
types-of-advertisement.jpg
8signal.com/wp-content/uploads/2016/04/ 		180 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8signal.com/wp-content/uploads/2016/04/types-of-advertisement.jpg
Requested by
Host: zenwriting.net
URL: https://zenwriting.net/pizzahyena1/advertising-national-museum-of-american-history-fundamentals-explained
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.71.62.60 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
60.62.71.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
296f9196e6b0b7bb6914eebe1a28a8bcd07696289f8eded058a616412456fbd5

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://zenwriting.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 07:11:34 GMT
last-modified
Wed, 29 Sep 2021 03:11:30 GMT
server
nginx
etag
"6153d962-2d16e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
184686
ORnCEZD38IA
www.youtube.com/embed/ Frame E9AA 		60 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/ORnCEZD38IA
Requested by
Host: zenwriting.net
URL: https://zenwriting.net/pizzahyena1/advertising-national-museum-of-american-history-fundamentals-explained
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fcb6ca135dba21eb4386ad5c69a8312797cb9f60519a489a563421c51d299b1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://zenwriting.net/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 12 Feb 2022 07:11:34 GMT
strict-transport-security
max-age=31536000
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to
{"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=it for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
base-weblog.css
static.typepad.com/.shared/themes/common/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.typepad.com/.shared/themes/common/base-weblog.css?v=2
Requested by
Host: zenwriting.net
URL: https://zenwriting.net/bimandbeam/styles.css?v=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.138.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6eea8d407f0202d9259a6c90073ef4468302bc8849bbc385ae921c740cb52a88

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://zenwriting.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 07:11:35 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 09 Apr 2019 19:40:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/css
cache-control
public
cf-ray
6dc400f0fca93752-MXP
expires
Sun, 12 Feb 2023 07:11:35 GMT
tipjar.css
static.typepad.com/.shared/themes/common/ 		4 KB
731 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.typepad.com/.shared/themes/common/tipjar.css
Requested by
Host: zenwriting.net
URL: https://zenwriting.net/bimandbeam/styles.css?v=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.138.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c72d1f8931da5426f1684455f51fc1fba22ae78bc43f647c77924bea68d5d75d

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://zenwriting.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 07:11:35 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 09 Apr 2019 19:40:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/css
cache-control
public
cf-ray
6dc400f0fcac3752-MXP
expires
Sun, 12 Feb 2023 07:11:35 GMT
www-player-webp.css
www.youtube.com/s/player/96dcbc8c/ Frame E9AA 		342 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/96dcbc8c/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ORnCEZD38IA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b77abfeaea1a4ad2f58b86aa6b30e3c8b3bdc13c2732e89ad4c4ea5af427309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/ORnCEZD38IA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 17:36:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
48885
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47770
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 01:19:32 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 11 Feb 2023 17:36:49 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E9AA 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ORnCEZD38IA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 11:18:05 GMT
x-content-type-options
nosniff
age
330809
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Feb 2023 11:18:05 GMT
www-embed-player.js
www.youtube.com/s/player/96dcbc8c/www-embed-player.vflset/ Frame E9AA 		282 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/96dcbc8c/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ORnCEZD38IA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e8237174d7df397d5743d7809d2135cc46113bf5e01616719f8626e539683a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/ORnCEZD38IA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 15:55:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
54977
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86941
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 01:19:32 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 11 Feb 2023 15:55:17 GMT
base.js
www.youtube.com/s/player/96dcbc8c/player_ias.vflset/it_IT/ Frame E9AA 		2 MB
537 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/it_IT/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ORnCEZD38IA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff47c6ac32b3583fb1a1cd17061b0e3dc0e411807689ad60865b077114e5ee85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/ORnCEZD38IA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 16:49:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
224499
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
549475
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 01:19:32 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 Feb 2023 16:49:55 GMT
fetch-polyfill.js
www.youtube.com/s/player/96dcbc8c/fetch-polyfill.vflset/ Frame E9AA 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/96dcbc8c/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ORnCEZD38IA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/ORnCEZD38IA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 02:53:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
15455
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3338
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 01:19:32 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 12 Feb 2023 02:53:59 GMT
id
googleads.g.doubleclick.net/pagead/ Frame E9AA
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ORnCEZD38IA
Protocol
H3
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
479f883b9bbf807ba3f3c249719ed71fa08769d6f1ca626e45cba494728bdf26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 07:11:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 12 Feb 2022 07:11:34 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame E9AA 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:59:18 GMT
x-content-type-options
nosniff
age
736
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Feb 2022 07:14:18 GMT
remote.js
www.youtube.com/s/player/96dcbc8c/player_ias.vflset/it_IT/ Frame E9AA 		97 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/it_IT/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/it_IT/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34d185eba9d13c69e1265757555779b15b2e7aaf289f79cdc88f8921956f937b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/ORnCEZD38IA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 16:49:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
224499
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30787
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 01:19:32 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 Feb 2023 16:49:55 GMT
eoJv6XEgrlfJYoUuFwf3oM0KKtQoDnhHcUHTmpNJmLU.js
www.google.com/js/th/ Frame E9AA 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/eoJv6XEgrlfJYoUuFwf3oM0KKtQoDnhHcUHTmpNJmLU.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/it_IT/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a826fe97120ae57c962852e1707f7a0cd0a2ad4280e78477141d39a934998b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 09:08:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
338565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13708
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 13:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Feb 2023 09:08:49 GMT
embed.js
www.youtube.com/s/player/96dcbc8c/player_ias.vflset/it_IT/ Frame E9AA 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/it_IT/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/it_IT/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23ae30b486032e222bfe8f586cbd2e3f58a2d79bb0380230e55970e411754ccd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/ORnCEZD38IA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 16:49:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
224499
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7686
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 01:19:32 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 Feb 2023 16:49:55 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame E9AA 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/it_IT/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 07:11:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 12 Feb 2022 07:11:34 GMT
truncated
/ Frame E9AA 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AKedOLTjBGgGySHGi-ljHukLk8tHEVfSzaHzCT9u3w=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame E9AA 		595 B
979 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLTjBGgGySHGi-ljHukLk8tHEVfSzaHzCT9u3w=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ORnCEZD38IA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
fffe04268fc17ddaceec5f6655767fc2a1115b31c938d06fde306b8e07a0c5f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 07:11:33 GMT
x-content-type-options
nosniff
server
fife
age
2
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
595
x-xss-protection
0
expires
Sun, 13 Feb 2022 07:11:33 GMT
sddefault.webp
i.ytimg.com/vi_webp/ORnCEZD38IA/ Frame E9AA 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/ORnCEZD38IA/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ORnCEZD38IA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d5076fb23c2bbfd82c31bd22ed90697f9bc626047dac7accecf36d485646d5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 07:11:33 GMT
x-content-type-options
nosniff
age
2
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31722
x-xss-protection
0
server
sffe
etag
"1644645497"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=300
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 12 Feb 2022 07:16:33 GMT
generate_204
www.youtube.com/ Frame E9AA 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?rD8vqg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ORnCEZD38IA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/ORnCEZD38IA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 07:11:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/89/ Frame E9AA 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/89/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 18:11:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46785
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14262
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:19:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Sat, 12 Feb 2022 18:11:50 GMT
featherlight-gallery.css
static.typepad.com/.shared/css/ 		3 KB
709 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.typepad.com/.shared/css/featherlight-gallery.css
Requested by
Host: static.typepad.com
URL: https://static.typepad.com/.shared/themes/common/base-weblog.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.138.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ce32915eab5229db622223aeaecc7bd704160d4d3fde1d8d09b3c05a174b506

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://static.typepad.com/.shared/themes/common/base-weblog.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 07:11:35 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 09 Apr 2019 19:40:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/css
cache-control
public
cf-ray
6dc400f58ce03752-MXP
expires
Sun, 12 Feb 2023 07:11:35 GMT
featherlight.min.css
cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/
Redirect Chain
  • https://cdn.rawgit.com/noelboss/featherlight/1.7.13/release/featherlight.min.css
  • https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/featherlight.min.css
2 KB
808 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/featherlight.min.css
Requested by
Host: static.typepad.com
URL: https://static.typepad.com/.shared/css/featherlight-gallery.css
Protocol
H2
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc462b8920124b34fffa9f466debcfb0e097317ed6b76b73a547ad39c374fe34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://static.typepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 07:11:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
9455002
x-jsd-version
1.7.13
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19122-FRA, cache-mxp6940-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"74c-qn7jgwM1oqqgU91VxAG6wby5T0s"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6dc400f9fc0e59d1-MXP

Redirect headers

date
Sat, 12 Feb 2022 07:11:35 GMT
x-content-type-options
nosniff
cdn-edgestorageid
756
age
66341
access-control-expose-headers
*
x-cache
MISS, HIT
cdn-cachedat
02/12/2022 07:11:33
cdn-pullzone
201235
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
119
server
BunnyCDN-DE1-756
x-served-by
cache-fra19142-FRA, cache-chi-kigq8000122-LOT
access-control-allow-origin
*
cdn-proxyver
1.02
cdn-requestpullcode
301
location
https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/featherlight.min.css
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/plain; charset=utf-8
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=2592000
cdn-requestid
702e8b9ba587190834aa35f4e938a608
timing-allow-origin
*
cdn-requestcountrycode
IT
cdn-status
301
cdn-requestpullsuccess
True
featherlight.gallery.min.css
cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/
Redirect Chain
  • https://cdn.rawgit.com/noelboss/featherlight/1.7.13/release/featherlight.gallery.min.css
  • https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/featherlight.gallery.min.css
2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/featherlight.gallery.min.css
Requested by
Host: static.typepad.com
URL: https://static.typepad.com/.shared/css/featherlight-gallery.css
Protocol
H2
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
906daba3c69c8916903c60c8be7174649f9294db224ee5388ea29d40faf226b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://static.typepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 07:11:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
9454944
x-jsd-version
1.7.13
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19120-FRA, cache-mxp6942-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"6f6-uWXKx3271iZqaEhqpW3Julyb3c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6dc400f9fc0c59d1-MXP

Redirect headers

date
Sat, 12 Feb 2022 07:11:35 GMT
x-content-type-options
nosniff
cdn-edgestorageid
756
age
85456
access-control-expose-headers
*
x-cache
MISS, HIT
cdn-cachedat
02/12/2022 07:11:33
cdn-pullzone
201235
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
127
server
BunnyCDN-DE1-756
x-served-by
cache-fra19138-FRA, cache-chi-kigq8000152-LOT
access-control-allow-origin
*
cdn-proxyver
1.02
cdn-requestpullcode
301
location
https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/featherlight.gallery.min.css
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/plain; charset=utf-8
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=2592000
cdn-requestid
d293fd21ed64c6c07c5ddcb247b6fa4f
timing-allow-origin
*
cdn-requestcountrycode
IT
cdn-status
301
cdn-requestpullsuccess
True
6a00d83453439169e2010536c3482d970b-pi
bimandbeam.typepad.com/.a/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bimandbeam.typepad.com/.a/6a00d83453439169e2010536c3482d970b-pi
Requested by
Host: zenwriting.net
URL: https://zenwriting.net/bimandbeam/styles.css?v=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.138.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8de1b87948a0fe9c9a2711b2994d4e2afbad544d4e47bcb937ff14f2a4c35ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://zenwriting.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 07:11:36 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
age
151984
cf-ray
6dc400fa6e103752-MXP
content-disposition
inline; filename=6a00d83453439169e2010536c3482d970b.jpg
vary
cookie
content-length
94243
x-webserver
oak-tp-web065
last-modified
Tue, 13 Jan 2009 17:46:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
x-varnish
746156731 716263392
cache-control
s-maxage=14400
x-phapp
oak-tp-web065
accept-ranges
bytes
content-type
image/jpeg
log_event
www.youtube.com/youtubei/v1/ Frame E9AA 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/it_IT/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/ORnCEZD38IA
X-YouTube-Client-Version
1.20220208.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
Cgt6NXRiUFYtdXdCayimu52QBg%3D%3D
X-YouTube-Ad-Signals
dt=1644649894787&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date
Sat, 12 Feb 2022 07:11:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Sat, 12 Feb 2022 07:11:37 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone

3 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: DtXi4SG2Z2s
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: z5tbPV-uwBk
.medium.com/ Name: __cfruid
Value: da54f3bae7a5576894ba23ad7f6bff17b1790737-1644649894

1 Console Messages

Source Level URL
Text
network error URL: https://www.smallbizgenius.net/wp-content/uploads/2019/07/denys-nevozhai-N6t14kV_X68-unsplash_710x473-1.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8signal.com
arenco.com.sa
bimandbeam.typepad.com
cdn.jsdelivr.net
cdn.rawgit.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
miro.medium.com
static.doubleclick.net
static.typepad.com
www.google.com
www.gstatic.com
www.smallbizgenius.net
www.youtube.com
yt3.ggpht.com
zenwriting.net
104.18.138.190
2606:4700:3034::6815:acc
2606:4700:3037::ac43:9747
2606:4700:7::a29f:9904
2606:4700::6810:5814
2a00:1450:4001:801::2004
2a00:1450:4001:802::200e
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2006
2a00:1450:4001:827::2003
2a00:1450:4001:82b::2016
2a00:1450:4001:831::2001
34.71.62.60
51.68.251.150
89.187.169.47
09148a4e05354de72bf4419d6675b65620f2a4bbef7f93d8e2a81844204bde96
0e8237174d7df397d5743d7809d2135cc46113bf5e01616719f8626e539683a0
20e71014ca38d693c12a829992b930a66c4d6ca973a8dc5d800214fbbf54bf69
23ae30b486032e222bfe8f586cbd2e3f58a2d79bb0380230e55970e411754ccd
245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87
296f9196e6b0b7bb6914eebe1a28a8bcd07696289f8eded058a616412456fbd5
2ce32915eab5229db622223aeaecc7bd704160d4d3fde1d8d09b3c05a174b506
2d5076fb23c2bbfd82c31bd22ed90697f9bc626047dac7accecf36d485646d5b
34d185eba9d13c69e1265757555779b15b2e7aaf289f79cdc88f8921956f937b
3b77abfeaea1a4ad2f58b86aa6b30e3c8b3bdc13c2732e89ad4c4ea5af427309
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
479f883b9bbf807ba3f3c249719ed71fa08769d6f1ca626e45cba494728bdf26
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6eea8d407f0202d9259a6c90073ef4468302bc8849bbc385ae921c740cb52a88
7a826fe97120ae57c962852e1707f7a0cd0a2ad4280e78477141d39a934998b5
906daba3c69c8916903c60c8be7174649f9294db224ee5388ea29d40faf226b9
9d4f717ec772115f05c9e5a3d4351b402edd8c1716680b0d8334dbc5bef9865b
aee5d0834cf7b1f22b5d2a74dbcb810bb739a110096ef5ce11d28033aa8e30d8
bc462b8920124b34fffa9f466debcfb0e097317ed6b76b73a547ad39c374fe34
c72d1f8931da5426f1684455f51fc1fba22ae78bc43f647c77924bea68d5d75d
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f8de1b87948a0fe9c9a2711b2994d4e2afbad544d4e47bcb937ff14f2a4c35ee
fcb6ca135dba21eb4386ad5c69a8312797cb9f60519a489a563421c51d299b1d
ff47c6ac32b3583fb1a1cd17061b0e3dc0e411807689ad60865b077114e5ee85
fffe04268fc17ddaceec5f6655767fc2a1115b31c938d06fde306b8e07a0c5f4