Submitted URL: http://thewickeddays.com/
Effective URL: https://thewickeddays.com/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On September 10 via api from DE — Scanned from DE

Summary

This website contacted 17 IPs in 3 countries across 10 domains to perform 70 HTTP transactions. The main IP is 104.198.200.255, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is thewickeddays.com.
TLS certificate: Issued by R3 on July 12th 2023. Valid for: 3 months.
This is the only time thewickeddays.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
17 xsolla.net
cdn.xsolla.net — Cisco Umbrella Rank: 137572
1 MB
16 youtube.com
www.youtube.com — Cisco Umbrella Rank: 87
2 MB
10 xsolla.com
cdn3.xsolla.com — Cisco Umbrella Rank: 221830
secure.xsolla.com — Cisco Umbrella Rank: 83908
store.xsolla.com — Cisco Umbrella Rank: 193476
consent-api.xsolla.com — Cisco Umbrella Rank: 403386
datagather.xsolla.com — Cisco Umbrella Rank: 243289
3 MB
8 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 253
63 KB
8 gstatic.com
fonts.gstatic.com
www.gstatic.com
96 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 53
static.doubleclick.net — Cisco Umbrella Rank: 307
1 KB
3 thewickeddays.com
thewickeddays.com
68 KB
2 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 232
8 KB
2 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 105
218 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
29 KB
70 10
Domain Requested by
17 cdn.xsolla.net thewickeddays.com
cdn.xsolla.net
16 www.youtube.com thewickeddays.com
www.youtube.com
cdn.xsolla.net
8 jnn-pa.googleapis.com www.youtube.com
4 www.gstatic.com www.youtube.com
www.gstatic.com
4 googleads.g.doubleclick.net 2 redirects www.youtube.com
4 fonts.gstatic.com www.youtube.com
4 cdn3.xsolla.com thewickeddays.com
3 thewickeddays.com 1 redirects thewickeddays.com
2 datagather.xsolla.com 1 redirects thewickeddays.com
2 consent-api.xsolla.com cdn.xsolla.net
2 yt3.ggpht.com www.youtube.com
2 i.ytimg.com www.youtube.com
2 www.google.com www.youtube.com
2 static.doubleclick.net www.youtube.com
1 store.xsolla.com cdn.xsolla.net
1 secure.xsolla.com thewickeddays.com
70 16

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
twitter.com
discord.com
www.facebook.com
www.twitch.tv
xsolla.com
influencer.xsolla.com
Subject Issuer Validity Valid
thewickeddays.com
R3
2023-07-12 -
2023-10-10
3 months crt.sh
cdn.xsolla.net
DigiCert TLS RSA SHA256 2020 CA1
2023-07-30 -
2024-07-30
a year crt.sh
*.xsolla.com
DigiCert TLS RSA SHA256 2020 CA1
2023-07-08 -
2024-07-10
a year crt.sh
*.google.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
www.google.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
edgestatic.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh

This page contains 3 frames:

Primary Page: https://thewickeddays.com/
Frame ID: 3CC87DDD8BDD45555159703605380FFF
Requests: 28 HTTP requests in this frame

Frame: https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
Frame ID: 02733F27D20EFA2D6D084ADCB46C1D9E
Requests: 20 HTTP requests in this frame

Frame: https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
Frame ID: BA32269EAA3B5C6670D300A6CA93E10B
Requests: 20 HTTP requests in this frame

Screenshot

Page Title

The Wicked Days

Page URL History Show full URLs

  1. http://thewickeddays.com/ HTTP 301
    https://thewickeddays.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react

Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

70
Requests

96 %
HTTPS

56 %
IPv6

10
Domains

16
Subdomains

17
IPs

3
Countries

6625 kB
Transfer

16648 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://thewickeddays.com/ HTTP 301
    https://thewickeddays.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 49
  • https://datagather.xsolla.com/hit HTTP 307
  • https://datagather.xsolla.com/hit_check?_xm=301272274395201550
Request Chain 56
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

70 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
thewickeddays.com/
Redirect Chain
  • http://thewickeddays.com/
  • https://thewickeddays.com/
53 KB
15 KB
Document
General
Full URL
https://thewickeddays.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.198.200.255 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
255.200.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
70f668444cc131ed8f4ff5ba8f3e7445ab93a2731c566a798bfadd6be791e73f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 10 Sep 2023 09:11:05 GMT
Server
nginx
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Sun, 10 Sep 2023 09:11:05 GMT
Location
https://thewickeddays.com/
Server
nginx
5b0f57bf0c89ad398c5ed5945edfc059.js
cdn.xsolla.net/site-builder/landings/
3 MB
611 KB
Script
General
Full URL
https://cdn.xsolla.net/site-builder/landings/5b0f57bf0c89ad398c5ed5945edfc059.js
Requested by
Host: thewickeddays.com
URL: https://thewickeddays.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.192.163.38 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-163-38.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c83ed5829763b4b0b45b68164b50e735682b528b7f4a7e29a78723cb54a92115
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thewickeddays.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
date
Sun, 10 Sep 2023 09:11:06 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
xsolla-icons-old-3KNbxHBK.woff2
cdn.xsolla.net/site-builder/landings/
6 KB
7 KB
Font
General
Full URL
https://cdn.xsolla.net/site-builder/landings/xsolla-icons-old-3KNbxHBK.woff2
Requested by
Host: thewickeddays.com
URL: https://thewickeddays.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.192.163.38 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-163-38.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e93e1e2e22b41aa6a3c04aedb37614fc8ecae2eb572b9e37188816f0085da88f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://thewickeddays.com/
Origin
https://thewickeddays.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
date
Sun, 10 Sep 2023 09:11:06 GMT
last-modified
Tue, 02 Jun 2020 04:16:30 GMT
server
nginx
etag
"5ed5d29e-1964"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
6500
expires
Thu, 31 Dec 2037 23:55:55 GMT
GraphikLCG-Bold-1apsBmkq.woff2
cdn.xsolla.net/site-builder/landings/
52 KB
52 KB
Font
General
Full URL
https://cdn.xsolla.net/site-builder/landings/GraphikLCG-Bold-1apsBmkq.woff2
Requested by
Host: thewickeddays.com
URL: https://thewickeddays.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.192.163.38 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-163-38.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9228f3e8cd2e6a195b040ef63d6c0eca8bd8c4aceecc5aa736e1358d1ecb8c80
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://thewickeddays.com/
Origin
https://thewickeddays.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
date
Sun, 10 Sep 2023 09:11:06 GMT
last-modified
Wed, 21 Aug 2019 03:56:40 GMT
server
nginx
etag
"5d5cc0f8-d0ac"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
53420
expires
Thu, 31 Dec 2037 23:55:55 GMT
GraphikLCG-Regular-6Qq9tN7b.woff2
cdn.xsolla.net/site-builder/landings/
47 KB
48 KB
Font
General
Full URL
https://cdn.xsolla.net/site-builder/landings/GraphikLCG-Regular-6Qq9tN7b.woff2
Requested by
Host: thewickeddays.com
URL: https://thewickeddays.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.192.163.38 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-163-38.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
45a73968fc531f083a063cf59d32b721bced6c876d3527dc98bc08f185b0a3ff
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://thewickeddays.com/
Origin
https://thewickeddays.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
date
Sun, 10 Sep 2023 09:11:06 GMT
last-modified
Wed, 21 Aug 2019 03:56:40 GMT
server
nginx
etag
"5d5cc0f8-bdd0"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
48592
expires
Thu, 31 Dec 2037 23:55:55 GMT
GraphikLCG-Medium-23z0N68C.woff2
cdn.xsolla.net/site-builder/landings/
51 KB
51 KB
Font
General
Full URL
https://cdn.xsolla.net/site-builder/landings/GraphikLCG-Medium-23z0N68C.woff2
Requested by
Host: thewickeddays.com
URL: https://thewickeddays.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.192.163.38 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-163-38.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b6cadf10d450d4d3ac4bb60a784b7d29716d5f049e47af741c68df5fcc1cdfc5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://thewickeddays.com/
Origin
https://thewickeddays.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
date
Sun, 10 Sep 2023 09:11:06 GMT
last-modified
Wed, 21 Aug 2019 03:56:40 GMT
server
nginx
etag
"5d5cc0f8-cadc"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
51932
expires
Thu, 31 Dec 2037 23:55:55 GMT
1306e9a759d17c2ecd9316a542977eda.css
cdn.xsolla.net/site-builder/landings/
80 KB
13 KB
Stylesheet
General
Full URL
https://cdn.xsolla.net/site-builder/landings/1306e9a759d17c2ecd9316a542977eda.css
Requested by
Host: thewickeddays.com
URL: https://thewickeddays.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.192.163.38 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-163-38.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
29bfa92bee539f897ba00f495b35cf44ad3548178c8ac4cb56e6b20427cc3af8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thewickeddays.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
date
Sun, 10 Sep 2023 09:11:06 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, public
timing-allow-origin
*
content-length
12920
expires
Thu, 31 Dec 2037 23:55:55 GMT
7b4594183d0c3f3e8f033b1dde9577ab.css
cdn.xsolla.net/site-builder/landings/
231 KB
39 KB
Stylesheet
General
Full URL
https://cdn.xsolla.net/site-builder/landings/7b4594183d0c3f3e8f033b1dde9577ab.css
Requested by
Host: thewickeddays.com
URL: https://thewickeddays.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.192.163.38 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-163-38.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
09b5e6b45df98138ce1292d28fffdec886402ab0ab1390466fca2c7c0f1ba652
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thewickeddays.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
date
Sun, 10 Sep 2023 09:11:06 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, public
timing-allow-origin
*
content-length
39374
expires
Thu, 31 Dec 2037 23:55:55 GMT
3293a865cdc752a66c0ec8091270aca7.js
cdn.xsolla.net/site-builder/static/
27 KB
10 KB
Script
General
Full URL
https://cdn.xsolla.net/site-builder/static/3293a865cdc752a66c0ec8091270aca7.js
Requested by
Host: thewickeddays.com
URL: https://thewickeddays.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.192.163.38 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-163-38.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
606cf8285136b5bb21e092a09202d93be6738c2c9f5ea4e30fe6d3f4044d4416
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thewickeddays.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
date
Sun, 10 Sep 2023 09:11:06 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
timing-allow-origin
*
content-length
9605
expires
Thu, 31 Dec 2037 23:55:55 GMT
bundle.min.js
cdn.xsolla.net/site-builder/static/
50 KB
16 KB
Script
General
Full URL
https://cdn.xsolla.net/site-builder/static/bundle.min.js
Requested by
Host: thewickeddays.com
URL: https://thewickeddays.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.192.163.38 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-163-38.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8c04755395b8f232c57d062a7669c3c414658299d29c6b6f83f1f30185d94ecb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://thewickeddays.com/
Origin
https://thewickeddays.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
date
Sun, 10 Sep 2023 09:11:06 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
timing-allow-origin
*
content-length
16451
expires
Thu, 31 Dec 2037 23:55:55 GMT
widget.min.js
cdn.xsolla.net/embed/pay2play/3.0.2/
283 KB
80 KB
Script
General
Full URL
https://cdn.xsolla.net/embed/pay2play/3.0.2/widget.min.js
Requested by
Host: thewickeddays.com
URL: https://thewickeddays.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.192.163.38 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-163-38.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f2a95ffd70ad9eab8985d9a6b772cff763dc904c67c8260fbfb874b75d643bfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thewickeddays.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:11:06 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
link
<https://secure.xsolla.com/favicon.ico>; rel=preload; as=image, <https://cdn.xsolla.net/img/favicon.ico>; rel=preload; as=image
content-length
81420
expires
Thu, 31 Dec 2037 23:55:55 GMT
widget.min.js
cdn.xsolla.net/embed/paystation/1.2.0/
39 KB
13 KB
Script
General
Full URL
https://cdn.xsolla.net/embed/paystation/1.2.0/widget.min.js
Requested by
Host: thewickeddays.com
URL: https://thewickeddays.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.192.163.38 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-163-38.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0aca6d779c00ad9fa00fc264d06ba005776b823465d978fb6531509e56a991ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thewickeddays.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:11:06 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
link
<https://secure.xsolla.com/favicon.ico>; rel=preload; as=image, <https://cdn.xsolla.net/img/favicon.ico>; rel=preload; as=image
content-length
13124
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-3.6.0.min.js
cdn.xsolla.net/site-builder/static/
87 KB
31 KB
Script
General
Full URL
https://cdn.xsolla.net/site-builder/static/jquery-3.6.0.min.js
Requested by
Host: thewickeddays.com
URL: https://thewickeddays.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.192.163.38 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-163-38.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thewickeddays.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
date
Sun, 10 Sep 2023 09:11:06 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
timing-allow-origin
*
content-length
31142
expires
Thu, 31 Dec 2037 23:55:55 GMT
7f3f565aa62b376095ff51eb7856cfb1.png
cdn3.xsolla.com/files/uploaded/156418/
85 KB
86 KB
Image
General
Full URL
https://cdn3.xsolla.com/files/uploaded/156418/7f3f565aa62b376095ff51eb7856cfb1.png
Requested by
Host: thewickeddays.com
URL: https://thewickeddays.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.2.224.186 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-224-186.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
010cd827bfd9af973a522342a61b32e699745755b4168aa564504f5e4c4b13e2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thewickeddays.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
date
Sun, 10 Sep 2023 09:11:07 GMT
last-modified
Wed, 16 Jun 2021 07:50:11 GMT
server
nginx
etag
"60c9ad33-155d7"
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
content-length
87511
expires
Mon, 11 Sep 2023 09:11:07 GMT
favicon.ico
secure.xsolla.com/
32 KB
3 KB
Image
General
Full URL
https://secure.xsolla.com/favicon.ico
Requested by
Host: thewickeddays.com
URL: https://thewickeddays.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.30.21.21 , United States, ASN60527 (XSOLLA-AS, US),
Reverse DNS
Software
nginx /
Resource Hash
6096c75480b69d48d95d4fac4d3011e4a1d1ba3438886b713ae6d76287523389
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thewickeddays.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Sep 2023 09:11:07 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/x-icon
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
favicon.ico
cdn.xsolla.net/img/
1 KB
1 KB
Image
General
Full URL
https://cdn.xsolla.net/img/favicon.ico
Requested by
Host: thewickeddays.com
URL: https://thewickeddays.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.192.163.38 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-163-38.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8644480307d609cba80a33f9e6e11527600895cfb8fabfa7738aeac5badd79a3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thewickeddays.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
date
Sun, 10 Sep 2023 09:11:06 GMT
last-modified
Sat, 13 Jul 2013 20:17:30 GMT
server
nginx
etag
W/"51e1b5da-57e"
vary
Accept-Encoding
content-type
image/x-icon
access-control-allow-origin
*
cache-control
max-age=315360000, public
timing-allow-origin
*
content-length
821
expires
Thu, 31 Dec 2037 23:55:55 GMT
widget.min.js
cdn.xsolla.net/embed/buy-button/3.1.4/
284 KB
80 KB
Script
General
Full URL
https://cdn.xsolla.net/embed/buy-button/3.1.4/widget.min.js
Requested by
Host: cdn.xsolla.net
URL: https://cdn.xsolla.net/site-builder/static/3293a865cdc752a66c0ec8091270aca7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.192.163.38 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-163-38.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2e0ff8d4582b4adb65421dc651691065481a0b4d1029e63d3935c2b53932a9e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thewickeddays.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:11:06 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
link
<https://secure.xsolla.com/favicon.ico>; rel=preload; as=image, <https://cdn.xsolla.net/img/favicon.ico>; rel=preload; as=image
content-length
81500
expires
Thu, 31 Dec 2037 23:55:55 GMT
z4PNXfzlTaU
www.youtube.com/embed/ Frame 0273
87 KB
38 KB
Document
General
Full URL
https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
Requested by
Host: thewickeddays.com
URL: https://thewickeddays.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
db4c34610fdddf58fdedfe7ff8f334a2e563e78286d0693754887130a1aaf4a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thewickeddays.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 09:11:07 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
7b4594183d0c3f3e8f033b1dde9577ab.css
cdn.xsolla.net/site-builder/landings/
231 KB
231 KB
Image
General
Full URL
https://cdn.xsolla.net/site-builder/landings/7b4594183d0c3f3e8f033b1dde9577ab.css
Requested by
Host: cdn.xsolla.net
URL: https://cdn.xsolla.net/site-builder/landings/7b4594183d0c3f3e8f033b1dde9577ab.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.192.163.38 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-163-38.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.xsolla.net/site-builder/landings/7b4594183d0c3f3e8f033b1dde9577ab.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
date
Sun, 10 Sep 2023 09:11:06 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, public
timing-allow-origin
*
content-length
39374
expires
Thu, 31 Dec 2037 23:55:55 GMT
init
store.xsolla.com/api/v2/project/80334/widget/
1022 B
1 KB
XHR
General
Full URL
https://store.xsolla.com/api/v2/project/80334/widget/init
Requested by
Host: cdn.xsolla.net
URL: https://cdn.xsolla.net/site-builder/static/3293a865cdc752a66c0ec8091270aca7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.30.21.51 , United States, ASN60527 (XSOLLA-AS, US),
Reverse DNS
Software
nginx /
Resource Hash
6fef7e4e57016f5aa4a037a0a06fdfa6fe0b4c12e36df7de044742c457fde8bb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://thewickeddays.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Sun, 10 Sep 2023 09:11:07 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=15724800; includeSubDomains
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type, Accept, Origin, Authorization, x-unauthorized-id,x-user,x-xsolla-product-tag
www-player.css
www.youtube.com/s/player/7ee36b0e/ Frame 0273
383 KB
48 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/7ee36b0e/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebd9916f73aea2ae814451af5fa1ce5fad205d534409877fd10bd6ffb43dd3c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 04:29:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
16903
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49339
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 01:11:43 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 09 Sep 2024 04:29:24 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0273
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 08:35:58 GMT
x-content-type-options
nosniff
age
88509
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Sep 2024 08:35:58 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0273
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 17:41:40 GMT
x-content-type-options
nosniff
age
401367
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Sep 2024 17:41:40 GMT
embed.js
www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/ Frame 0273
49 KB
15 KB
Script
General
Full URL
https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4dcfd138ab21b6f3679e81114be6f752b478552c6e8c39af2c1436e49865841
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:38:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
437552
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15596
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 01:11:43 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 04 Sep 2024 07:38:35 GMT
www-embed-player.js
www.youtube.com/s/player/7ee36b0e/www-embed-player.vflset/ Frame 0273
314 KB
94 KB
Script
General
Full URL
https://www.youtube.com/s/player/7ee36b0e/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
785272c9b1033897a81797962645fa74e7da0c63dd7208bae2ef171ecba275ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 08:57:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
819
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96199
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 01:11:43 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 09 Sep 2024 08:57:28 GMT
base.js
www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/ Frame 0273
2 MB
778 KB
Script
General
Full URL
https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c9a8bf4daf539463f609b2d8c45c1f138658dfdb9f6b776f2a20da40c92e152
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
248892
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
796229
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 01:11:43 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 06 Sep 2024 12:02:55 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 0273
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
Protocol
H2
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7a6d541ec1c2a49bd71cc6be2f4dcdaf87e6d98ed982cd504df0118ced3fb8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:11:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 10 Sep 2023 09:11:07 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 0273
29 B
495 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 08:59:24 GMT
x-content-type-options
nosniff
age
703
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Sep 2023 09:14:24 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 10 Sep 2023 09:11:07 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0273
68 KB
31 KB
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
baa640f314ded95993356ee34c462ef4f15009857837ab105f7ac09bba65986e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sun, 10 Sep 2023 09:11:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31834
x-xss-protection
0
remote.js
www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/ Frame 0273
116 KB
33 KB
Script
General
Full URL
https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97a159e488477400a41c43897dc257375cf9bdabd184e67c79ca01a13c051647
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 22:09:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
298920
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33687
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 01:11:43 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 05 Sep 2024 22:09:07 GMT
vLWvie6NndK1N8lmZZLZw3_XDa3lWEGgTi-cy_5Sdzk.js
www.google.com/js/th/ Frame 0273
37 KB
15 KB
Script
General
Full URL
https://www.google.com/js/th/vLWvie6NndK1N8lmZZLZw3_XDa3lWEGgTi-cy_5Sdzk.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcb5af89ee8d9dd2b537c9666592d9c37fd70dade55841a04e2f9ccbfe527739
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 15:14:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
237405
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14649
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 10:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Sep 2024 15:14:22 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/z4PNXfzlTaU/ Frame 0273
109 KB
109 KB
Image
General
Full URL
https://i.ytimg.com/vi_webp/z4PNXfzlTaU/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb991122d9dd5b0b71a8d864d78370d8114c354acd5583d43917c4d44f17dbf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:11:07 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111378
x-xss-protection
0
server
sffe
etag
"1625664668"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 10 Sep 2023 11:11:07 GMT
truncated
/ Frame 0273
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
AOPolaQ5HjzNZwGmquR3_SIx8JKyha2bAicdpmUuYEXW=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 0273
4 KB
4 KB
Image
General
Full URL
https://yt3.ggpht.com/ytc/AOPolaQ5HjzNZwGmquR3_SIx8JKyha2bAicdpmUuYEXW=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e9d9576b520f8d39cc2fb1514103bc649d4aed66ec2e3e843d29721b75846218
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:11:08 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3899
x-xss-protection
0
server
fife
etag
"v14"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 11 Sep 2023 09:11:08 GMT
d59c72c9966bf33adcc8f44d5406ab28.jpg
cdn3.xsolla.com/img/misc/images/
18 KB
18 KB
Image
General
Full URL
https://cdn3.xsolla.com/img/misc/images/d59c72c9966bf33adcc8f44d5406ab28.jpg
Requested by
Host: thewickeddays.com
URL: https://thewickeddays.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.2.224.186 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-224-186.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
24d1f159fa77557a6bcd87e76d49d6d1e7a39750e7c73f0e7dd31c76c65a66eb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thewickeddays.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
date
Sun, 10 Sep 2023 09:11:08 GMT
last-modified
Fri, 09 Jul 2021 10:40:35 GMT
server
nginx
etag
"60e827a3-4876"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86377
accept-ranges
bytes
timing-allow-origin
*
content-length
18550
expires
Mon, 11 Sep 2023 09:10:45 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 0273
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:11:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 10 Sep 2023 09:11:07 GMT
generate_204
www.youtube.com/ Frame 0273
0
10 B
Image
General
Full URL
https://www.youtube.com/generate_204?NSW3xw
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:11:08 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 10 Sep 2023 09:11:08 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0273
90 B
134 B
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5721e5bc8427a0e703b3ad60973f3ca7933d5025dad223866b4cd065fce85795
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sun, 10 Sep 2023 09:11:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
cast_sender.js
www.gstatic.com/eureka/clank/116/ Frame 0273
51 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/116/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:20:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64263
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15373
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 15:06:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sun, 10 Sep 2023 15:20:05 GMT
consent
consent-api.xsolla.com/v2/ Frame
0
0
Preflight
General
Full URL
https://consent-api.xsolla.com/v2/consent
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.30.21.72 , United States, ASN60527 (XSOLLA-AS, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://thewickeddays.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Length,Content-Type
access-control-allow-methods
PUT,GET,OPTIONS
access-control-allow-origin
https://thewickeddays.com
access-control-max-age
43200
content-length
0
date
Sun, 10 Sep 2023 09:11:09 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
swiper.min.js
cdn.xsolla.net/site-builder/static/
122 KB
32 KB
Script
General
Full URL
https://cdn.xsolla.net/site-builder/static/swiper.min.js
Requested by
Host: cdn.xsolla.net
URL: https://cdn.xsolla.net/site-builder/static/3293a865cdc752a66c0ec8091270aca7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.192.163.38 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-163-38.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6d7dd97b1b8f9a6dd66cc9025d3b6603d371173712d103fa273e20a3013a5370
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thewickeddays.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
date
Sun, 10 Sep 2023 09:11:08 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
timing-allow-origin
*
content-length
32790
expires
Thu, 31 Dec 2037 23:55:55 GMT
consent
consent-api.xsolla.com/v2/
225 B
548 B
XHR
General
Full URL
https://consent-api.xsolla.com/v2/consent
Requested by
Host: cdn.xsolla.net
URL: https://cdn.xsolla.net/site-builder/static/3293a865cdc752a66c0ec8091270aca7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.30.21.72 , United States, ASN60527 (XSOLLA-AS, US),
Reverse DNS
Software
nginx /
Resource Hash
d3ec3c1c6190dda8ab8ddcb40464f1a06e57bd464485f0b0e57832671d05f002
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://thewickeddays.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 10 Sep 2023 09:11:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
nginx
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thewickeddays.com
access-control-allow-credentials
true
x-geoip-country
SE
content-length
225
watch.js
cdn.xsolla.net/sitebuilder/
39 KB
8 KB
Script
General
Full URL
https://cdn.xsolla.net/sitebuilder/watch.js
Requested by
Host: cdn.xsolla.net
URL: https://cdn.xsolla.net/site-builder/static/3293a865cdc752a66c0ec8091270aca7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.192.163.38 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-163-38.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b9aee216eb8279b6c18f2a66801954d42ed60c769103f1990b30bc70cef4a5ec
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thewickeddays.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
date
Sun, 10 Sep 2023 09:11:08 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
timing-allow-origin
*
content-length
8194
expires
Thu, 31 Dec 2037 23:55:55 GMT
8eb984609e03b8912d12c11d4a2adf4b.png
cdn3.xsolla.com/files/uploaded/156418/
3 MB
3 MB
Image
General
Full URL
https://cdn3.xsolla.com/files/uploaded/156418/8eb984609e03b8912d12c11d4a2adf4b.png
Requested by
Host: thewickeddays.com
URL: https://thewickeddays.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.2.224.186 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-224-186.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f9ff311e02b8cf7c8c816d027fd2fae33dfcf1b469967c89b202b5f7d711b324
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thewickeddays.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
date
Sun, 10 Sep 2023 09:11:09 GMT
last-modified
Wed, 07 Jul 2021 11:50:12 GMT
server
nginx
etag
"60e594f4-2a2873"
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
content-length
2762867
expires
Mon, 11 Sep 2023 09:11:09 GMT
b09f232e62b749b8d7245d5e9bfac118.gif
cdn3.xsolla.com/files/uploaded/156418/
2 MB
0
Image
General
Full URL
https://cdn3.xsolla.com/files/uploaded/156418/b09f232e62b749b8d7245d5e9bfac118.gif
Requested by
Host: thewickeddays.com
URL: https://thewickeddays.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.2.224.186 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-224-186.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thewickeddays.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
date
Sun, 10 Sep 2023 09:11:09 GMT
last-modified
Wed, 16 Jun 2021 08:20:25 GMT
server
nginx
etag
"60c9b449-8551c5"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
content-length
8737221
expires
Mon, 11 Sep 2023 09:11:09 GMT
/
thewickeddays.com/
53 KB
53 KB
Image
General
Full URL
https://thewickeddays.com/
Requested by
Host: thewickeddays.com
URL: https://thewickeddays.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.198.200.255 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
255.200.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thewickeddays.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Sun, 10 Sep 2023 09:11:08 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
z4PNXfzlTaU
www.youtube.com/embed/ Frame BA32
87 KB
37 KB
Document
General
Full URL
https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
Requested by
Host: cdn.xsolla.net
URL: https://cdn.xsolla.net/site-builder/static/3293a865cdc752a66c0ec8091270aca7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0f0bdfd220b99aeb71bf180c4db726350aa09ddcbf96a153fbfc1c720c76b86f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thewickeddays.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 09:11:08 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
truncated
/
758 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bcf4b7b21d29589dd35be222eaf1bbcd7cf24da7cf7402f432a77b4ab378a4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/jpeg
hit_check
datagather.xsolla.com/
Redirect Chain
  • https://datagather.xsolla.com/hit
  • https://datagather.xsolla.com/hit_check?_xm=301272274395201550
0
84 B
XHR
General
Full URL
https://datagather.xsolla.com/hit_check?_xm=301272274395201550
Requested by
Host: thewickeddays.com
URL: https://thewickeddays.com/
Protocol
H2
Server
130.211.39.91 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
91.39.211.130.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thewickeddays.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:11:09 GMT
via
1.1 google
server
nginx
content-type
text/plain
access-control-allow-origin
https://thewickeddays.com
cache-control
max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 10 Sep 2023 09:11:09 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:11:08 GMT
via
1.1 google
server
nginx
content-type
text/html
location
/hit_check?_xm=301272274395201550
access-control-allow-origin
https://thewickeddays.com
cache-control
max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Sun, 10 Sep 2023 09:11:08 GMT
www-player.css
www.youtube.com/s/player/7ee36b0e/ Frame BA32
383 KB
48 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/7ee36b0e/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebd9916f73aea2ae814451af5fa1ce5fad205d534409877fd10bd6ffb43dd3c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 04:29:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
16904
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49339
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 01:11:43 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 09 Sep 2024 04:29:24 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BA32
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 08:35:58 GMT
x-content-type-options
nosniff
age
88510
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Sep 2024 08:35:58 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BA32
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 17:41:40 GMT
x-content-type-options
nosniff
age
401368
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Sep 2024 17:41:40 GMT
embed.js
www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/ Frame BA32
49 KB
15 KB
Script
General
Full URL
https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4dcfd138ab21b6f3679e81114be6f752b478552c6e8c39af2c1436e49865841
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:38:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
437553
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15596
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 01:11:43 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 04 Sep 2024 07:38:35 GMT
www-embed-player.js
www.youtube.com/s/player/7ee36b0e/www-embed-player.vflset/ Frame BA32
314 KB
94 KB
Script
General
Full URL
https://www.youtube.com/s/player/7ee36b0e/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
785272c9b1033897a81797962645fa74e7da0c63dd7208bae2ef171ecba275ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 08:57:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
820
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96199
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 01:11:43 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 09 Sep 2024 08:57:28 GMT
base.js
www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/ Frame BA32
2 MB
778 KB
Script
General
Full URL
https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c9a8bf4daf539463f609b2d8c45c1f138658dfdb9f6b776f2a20da40c92e152
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
248893
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
796229
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 01:11:43 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 06 Sep 2024 12:02:55 GMT
id
googleads.g.doubleclick.net/pagead/ Frame BA32
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
Protocol
H3
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ef3875ec44418854736020e671e6c2e6f00c0d9df40556eca57befe10e7492d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:11:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 10 Sep 2023 09:11:09 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame BA32
29 B
93 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 08:59:24 GMT
x-content-type-options
nosniff
age
705
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Sep 2023 09:14:24 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 10 Sep 2023 09:11:09 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BA32
68 KB
31 KB
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d26e86d9980941bffc665c1d0b9696cb2c46953fbe33dd0c9549b83a1edc6bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sun, 10 Sep 2023 09:11:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31882
x-xss-protection
0
remote.js
www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/ Frame BA32
116 KB
33 KB
Script
General
Full URL
https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97a159e488477400a41c43897dc257375cf9bdabd184e67c79ca01a13c051647
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 22:09:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
298922
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33687
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 01:11:43 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 05 Sep 2024 22:09:07 GMT
vLWvie6NndK1N8lmZZLZw3_XDa3lWEGgTi-cy_5Sdzk.js
www.google.com/js/th/ Frame BA32
37 KB
14 KB
Script
General
Full URL
https://www.google.com/js/th/vLWvie6NndK1N8lmZZLZw3_XDa3lWEGgTi-cy_5Sdzk.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcb5af89ee8d9dd2b537c9666592d9c37fd70dade55841a04e2f9ccbfe527739
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 15:14:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
237407
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14649
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 10:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Sep 2024 15:14:22 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/z4PNXfzlTaU/ Frame BA32
109 KB
109 KB
Image
General
Full URL
https://i.ytimg.com/vi_webp/z4PNXfzlTaU/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb991122d9dd5b0b71a8d864d78370d8114c354acd5583d43917c4d44f17dbf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:11:07 GMT
x-content-type-options
nosniff
age
2
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111378
x-xss-protection
0
server
sffe
etag
"1625664668"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 10 Sep 2023 11:11:07 GMT
truncated
/ Frame BA32
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
AOPolaQ5HjzNZwGmquR3_SIx8JKyha2bAicdpmUuYEXW=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame BA32
4 KB
4 KB
Image
General
Full URL
https://yt3.ggpht.com/ytc/AOPolaQ5HjzNZwGmquR3_SIx8JKyha2bAicdpmUuYEXW=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e9d9576b520f8d39cc2fb1514103bc649d4aed66ec2e3e843d29721b75846218
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:11:08 GMT
x-content-type-options
nosniff
age
1
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3899
x-xss-protection
0
server
fife
etag
"v14"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 11 Sep 2023 09:11:08 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame BA32
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:11:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 10 Sep 2023 09:11:09 GMT
generate_204
www.youtube.com/ Frame BA32
0
10 B
Image
General
Full URL
https://www.youtube.com/generate_204?LreM4w
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:11:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 10 Sep 2023 09:11:09 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BA32
90 B
134 B
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6ee24dc720f1ef586497bc189800eacaae9c9a368562fbea4ff5f7c5e6e7889b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sun, 10 Sep 2023 09:11:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
cast_sender.js
www.gstatic.com/eureka/clank/116/ Frame BA32
51 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/116/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 15:20:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64264
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15373
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 15:06:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sun, 10 Sep 2023 15:20:05 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 0273
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
X-Goog-Request-Time
1694337069685
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
X-YouTube-Client-Version
1.20230904.00.00
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
Cgs3dHdaOXZrbmZUUSirkPanBjIGCgJERRIA
X-YouTube-Ad-Signals
dt=1694337067484&flash=0&frm=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1598%2C1078&vis=1&wgl=true&ca_type=image

Response headers

date
Sun, 10 Sep 2023 09:11:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Sun, 10 Sep 2023 09:11:09 GMT
log_event
www.youtube.com/youtubei/v1/ Frame BA32
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
X-Goog-Request-Time
1694337071251
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/z4PNXfzlTaU?rel=0&showinfo=0&enablejsapi=1&iv_load_policy=3
X-YouTube-Client-Version
1.20230904.00.00
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
Cgs3dHdaOXZrbmZUUSiskPanBjIGCgJERRIA
X-YouTube-Ad-Signals
dt=1694337069063&flash=0&frm=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1598%2C1078&vis=1&wgl=true&ca_type=image

Response headers

date
Sun, 10 Sep 2023 09:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Sun, 10 Sep 2023 09:11:11 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture object| NREUM object| newrelic function| __nr_require object| Sentry object| __SENTRY__ object| dataLayer object| SB function| $ function| jQuery object| options object| s object| head object| __PRELOADED_STATE__ object| __TRANSLATIONS__ string| __USER_TYPE__ object| XBuyButtonWidget object| regeneratorRuntime function| setImmediate function| clearImmediate function| Swiper function| XsollaAnalytics object| XA

11 Cookies

Domain/Path Name / Value
.thewickeddays.com/ Name: sb_country_code
Value: SE
.thewickeddays.com/ Name: sb_country_code3
Value: SWE
.thewickeddays.com/ Name: sb_country_name
Value: Sweden
thewickeddays.com/ Name: sb-landing-locale
Value: en-US
.youtube.com/ Name: YSC
Value: _N9Ek4AgoK8
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 7twZ9vknfTQ
.thewickeddays.com/ Name: _mm_uid_20978
Value: 1694337069245073453
.thewickeddays.com/ Name: _mm_vid_20978
Value: 1694337069119484490
.xsolla.com/ Name: xsollauid
Value: 301272274395201550
.thewickeddays.com/ Name: xsollauid
Value: 301272274395201550
.xsolla.com/ Name: consent_id
Value: 4cdb3991-67b4-4058-953e-014e95f8af24

2 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.xsolla.net
cdn3.xsolla.com
consent-api.xsolla.com
datagather.xsolla.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
secure.xsolla.com
static.doubleclick.net
store.xsolla.com
thewickeddays.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.198.200.255
130.211.39.91
185.30.21.21
185.30.21.51
185.30.21.72
23.192.163.38
23.2.224.186
2a00:1450:4001:803::200e
2a00:1450:4001:811::2003
2a00:1450:4001:812::200a
2a00:1450:4001:813::2016
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::2006
010cd827bfd9af973a522342a61b32e699745755b4168aa564504f5e4c4b13e2
09b5e6b45df98138ce1292d28fffdec886402ab0ab1390466fca2c7c0f1ba652
0aca6d779c00ad9fa00fc264d06ba005776b823465d978fb6531509e56a991ee
0c9a8bf4daf539463f609b2d8c45c1f138658dfdb9f6b776f2a20da40c92e152
0f0bdfd220b99aeb71bf180c4db726350aa09ddcbf96a153fbfc1c720c76b86f
24d1f159fa77557a6bcd87e76d49d6d1e7a39750e7c73f0e7dd31c76c65a66eb
29bfa92bee539f897ba00f495b35cf44ad3548178c8ac4cb56e6b20427cc3af8
2d26e86d9980941bffc665c1d0b9696cb2c46953fbe33dd0c9549b83a1edc6bb
2e0ff8d4582b4adb65421dc651691065481a0b4d1029e63d3935c2b53932a9e8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
45a73968fc531f083a063cf59d32b721bced6c876d3527dc98bc08f185b0a3ff
5721e5bc8427a0e703b3ad60973f3ca7933d5025dad223866b4cd065fce85795
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ef3875ec44418854736020e671e6c2e6f00c0d9df40556eca57befe10e7492d
606cf8285136b5bb21e092a09202d93be6738c2c9f5ea4e30fe6d3f4044d4416
6096c75480b69d48d95d4fac4d3011e4a1d1ba3438886b713ae6d76287523389
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6bcf4b7b21d29589dd35be222eaf1bbcd7cf24da7cf7402f432a77b4ab378a4d
6d7dd97b1b8f9a6dd66cc9025d3b6603d371173712d103fa273e20a3013a5370
6ee24dc720f1ef586497bc189800eacaae9c9a368562fbea4ff5f7c5e6e7889b
6fef7e4e57016f5aa4a037a0a06fdfa6fe0b4c12e36df7de044742c457fde8bb
70f668444cc131ed8f4ff5ba8f3e7445ab93a2731c566a798bfadd6be791e73f
785272c9b1033897a81797962645fa74e7da0c63dd7208bae2ef171ecba275ea
8644480307d609cba80a33f9e6e11527600895cfb8fabfa7738aeac5badd79a3
8c04755395b8f232c57d062a7669c3c414658299d29c6b6f83f1f30185d94ecb
9228f3e8cd2e6a195b040ef63d6c0eca8bd8c4aceecc5aa736e1358d1ecb8c80
97a159e488477400a41c43897dc257375cf9bdabd184e67c79ca01a13c051647
9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8
b6cadf10d450d4d3ac4bb60a784b7d29716d5f049e47af741c68df5fcc1cdfc5
b9aee216eb8279b6c18f2a66801954d42ed60c769103f1990b30bc70cef4a5ec
baa640f314ded95993356ee34c462ef4f15009857837ab105f7ac09bba65986e
bcb5af89ee8d9dd2b537c9666592d9c37fd70dade55841a04e2f9ccbfe527739
c7a6d541ec1c2a49bd71cc6be2f4dcdaf87e6d98ed982cd504df0118ced3fb8a
c83ed5829763b4b0b45b68164b50e735682b528b7f4a7e29a78723cb54a92115
d3ec3c1c6190dda8ab8ddcb40464f1a06e57bd464485f0b0e57832671d05f002
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
db4c34610fdddf58fdedfe7ff8f334a2e563e78286d0693754887130a1aaf4a1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4dcfd138ab21b6f3679e81114be6f752b478552c6e8c39af2c1436e49865841
e93e1e2e22b41aa6a3c04aedb37614fc8ecae2eb572b9e37188816f0085da88f
e9d9576b520f8d39cc2fb1514103bc649d4aed66ec2e3e843d29721b75846218
ebd9916f73aea2ae814451af5fa1ce5fad205d534409877fd10bd6ffb43dd3c2
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f2a95ffd70ad9eab8985d9a6b772cff763dc904c67c8260fbfb874b75d643bfa
f9ff311e02b8cf7c8c816d027fd2fae33dfcf1b469967c89b202b5f7d711b324
fb991122d9dd5b0b71a8d864d78370d8114c354acd5583d43917c4d44f17dbf6
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e