postheaven.net Open in urlscan Pro
2606:4700:3030::ac43:99aa Public Scan

Go To Rescan
Add Verdict Report

URL:
https://postheaven.net/quilthammer37/how-tikka-t3-in-hunting-accessories-for-sale-ebay-can-save-you-time
Submission: On November 22 via manual (November 22nd 2021, 6:08:16 am UTC) from US — Scanned from IT

Summary HTTP 32 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 14 domains to perform 32 HTTP transactions. The main IP is 2606:4700:3030::ac43:99aa, located in United States and belongs to CLOUDFLARENET, US. The main domain is postheaven.net.
TLS certificate: Issued by R3 on October 11th 2021. Valid for: 3 months.

This is the only time postheaven.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3030::ac43:99aa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	173.254.30.236 173.254.30.236	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1 2	2404:8280:a22... 2404:8280:a222:bbbb:bba1:66:ffff:ffff	38719 (DREAMSCAP...) (DREAMSCAPE-AS-AP Dreamscape Networks Limited)
1	151.101.12.193 151.101.12.193	54113 (FASTLY) (FASTLY)
1	104.26.9.152 104.26.9.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
7	104.18.136.190 104.18.136.190	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2016	15169 (GOOGLE) (GOOGLE)
2 2	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	16

2 2606:4700:3030::ac43:99aa (United States)

ASN13335 (CLOUDFLARENET, US)

postheaven.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.254.30.236 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: just2006.justhost.com

www.katiecortese.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:8280:a222:bbbb:bba1:66:ffff:ffff (Australia) 1 redirects

ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU)

highvelocityhuntingaustralia.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.9.152 (United States)

ASN13335 (CLOUDFLARENET, US)

www.scopelist.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.136.190 (None, )

ASN13335 (CLOUDFLARENET, US)

static.typepad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
harrietdevine.typepad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.187.169.47 (Frankfurt am Main, Germany) 2 redirects

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	youtube.com www.youtube.com	702 KB
7	typepad.com static.typepad.com harrietdevine.typepad.com	33 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net static.doubleclick.net	1 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	32 KB
2	jsdelivr.net cdn.jsdelivr.net	2 KB
2	rawgit.com 2 redirects cdn.rawgit.com	1 KB
2	highvelocityhuntingaustralia.com.au 1 redirects highvelocityhuntingaustralia.com.au	8 KB
2	postheaven.net postheaven.net	4 KB
1	ytimg.com i.ytimg.com	11 KB
1	ggpht.com yt3.ggpht.com	2 KB
1	google.com www.google.com	14 KB
1	scopelist.com www.scopelist.com	12 KB
1	imgur.com i.imgur.com	1012 KB
1	katiecortese.com www.katiecortese.com	7 KB
32	14

	Domain	Requested by
9	www.youtube.com	postheaven.net www.youtube.com
6	static.typepad.com	postheaven.net static.typepad.com
2	cdn.jsdelivr.net	static.typepad.com
2	cdn.rawgit.com	2 redirects
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	highvelocityhuntingaustralia.com.au	1 redirects postheaven.net
2	postheaven.net	postheaven.net
1	harrietdevine.typepad.com	postheaven.net
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	fonts.gstatic.com	www.youtube.com
1	www.scopelist.com	postheaven.net
1	i.imgur.com	postheaven.net
1	www.katiecortese.com	postheaven.net
32	17

This site contains links to these domains. Also see Links.

Domain
blogfreely.net

Subject Issuer	Validity	Valid
*.postheaven.net R3	`2021-10-11` - `2022-01-09`	3 months	crt.sh
www.katiecortese.com R3	`2021-11-10` - `2022-02-08`	3 months	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2020-01-15` - `2022-03-16`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-28` - `2022-09-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://postheaven.net/quilthammer37/how-tikka-t3-in-hunting-accessories-for-sale-ebay-can-save-you-time
Frame ID: B4740EE62C963620B39D24782F685765
Requests: 15 HTTP requests in this frame

Frame: https://www.youtube.com/embed/jh5Ht1QqPOA
Frame ID: C7C0173C7F1F5A7F1452BA58C60A837B
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

How Tikka T3 in Hunting Accessories for sale - eBay can Save You Time, Stress, and Money. — quilthammer37

Page Statistics

32
Requests

88 %
HTTPS

69 %
IPv6

14
Domains

17
Subdomains

16
IPs

4
Countries

1840 kB
Transfer

3795 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://blogfreely.net/rotateflight84/an-unbiased-view-of-rifles-and-accessories-shooting-sports-uk
Title: Mountain Tactical

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://highvelocityhuntingaustralia.com.au/wp-content/uploads/2018/10/Tikka-T3x-Rifled-Handle-1.jpg HTTP 301
https://highvelocityhuntingaustralia.com.au/

Request Chain 14

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 26

https://cdn.rawgit.com/noelboss/featherlight/1.7.13/release/featherlight.min.css HTTP 301
https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/featherlight.min.css

Request Chain 27

https://cdn.rawgit.com/noelboss/featherlight/1.7.13/release/featherlight.gallery.min.css HTTP 301
https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/featherlight.gallery.min.css

32 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request how-tikka-t3-in-hunting-accessories-for-sale-ebay-can-save-you-time Show response
postheaven.net/quilthammer37/ 7 KB
3 KB 174ms
126ms Document
text/html 2606:4700:3030::ac43:99aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://postheaven.net/quilthammer37/how-tikka-t3-in-hunting-accessories-for-sale-ebay-can-save-you-time
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:99aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9547c3a7a2cb732d0269141a2d324e3e50b5ecaed6ed4c34966e1814316ae20

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9

Response headers

date: Mon, 22 Nov 2021 06:08:10 GMT
content-type: text/html; charset=utf-8
x-served-by: postheaven.net
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAG3SfwQtecr985Xss1bWmFEzFFbdkIAXjv9g4GyE0SF8deSOM2NfnRYUV%2FkZx6untGipeEx0MK4R%2Bz8ysnSutWKznVkGMIWan9zPdCEJnVeORKAjPgQOzA83PTyvKHqCroYR0QImON4ZZF3%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b1ffb531b3e5a0d-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 styles.css
postheaven.net/harrietdevine/ 724 B
647 B 117ms
115ms Stylesheet
text/css 2606:4700:3030::ac43:99aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://postheaven.net/harrietdevine/styles.css?v=6
Requested by: Host: postheaven.net
URL: https://postheaven.net/quilthammer37/how-tikka-t3-in-hunting-accessories-for-sale-ebay-can-save-you-time
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:99aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddfb3ee118b2ee2c853114a8f90d6c79a0e52afc9af75cfe7a37a4c60f17efad

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://postheaven.net/quilthammer37/how-tikka-t3-in-hunting-accessories-for-sale-ebay-can-save-you-time
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 06:08:10 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 05 Aug 2021 09:52:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2B1FC%2BrvUAOwkWWmHzKbqWzHp9cW%2BpXx8o4pkp2DVJZI0Rr%2F2JxPIZbm7ZPat%2Bjr8YDgFQhgGkQJRMWDafnOhF7IK2ZfXRcFqvf94eI0dk66psum76JShBMs2AJLT%2FLW%2Fvka%2F9tV%2FYli4zpKRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b1ffb540cbc5a0d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: postheaven.net

GET
H2 200 texas-tech-logo-2-150x150.jpg
www.katiecortese.com/wp-content/uploads/2012/10/ 7 KB
7 KB 931ms
171ms Image
image/jpeg 173.254.30.236
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.katiecortese.com/wp-content/uploads/2012/10/texas-tech-logo-2-150x150.jpg
Requested by: Host: postheaven.net
URL: https://postheaven.net/quilthammer37/how-tikka-t3-in-hunting-accessories-for-sale-ebay-can-save-you-time
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.254.30.236 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: just2006.justhost.com
Software: Apache /
Resource Hash: 4649859d7a7a5f5bd3b66e2e63588bc172da1f553eece4ba8d0b2b3f5626c73c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://postheaven.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 06:08:11 GMT
last-modified: Mon, 04 Mar 2013 17:02:31 GMT
server: Apache
accept-ranges: bytes
content-length: 7336
content-type: image/jpeg

GET
H/1.1

200
OK

/
highvelocityhuntingaustralia.com.au/
Redirect Chain

https://highvelocityhuntingaustralia.com.au/wp-content/uploads/2018/10/Tikka-T3x-Rifled-Handle-1.jpg
https://highvelocityhuntingaustralia.com.au/

8 KB
8 KB

1605ms
1605ms

Image
text/html

2404:8280:a222:bbbb:bba1:66:ffff:ffff
DREAMSCAPE-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://highvelocityhuntingaustralia.com.au/
Requested by: Host: postheaven.net
URL: https://postheaven.net/quilthammer37/how-tikka-t3-in-hunting-accessories-for-sale-ebay-can-save-you-time
Protocol: HTTP/1.1
Server: 2404:8280:a222:bbbb:bba1:66:ffff:ffff , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://postheaven.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 06:08:13 GMT
Server: Apache
X-Powered-By: PHP/7.3.29
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Link: <https://highvelocityhuntingaustralia.com.au/wp-json/>; rel="https://api.w.org/", <https://highvelocityhuntingaustralia.com.au/wp-json/wp/v2/pages/21>; rel="alternate"; type="application/json", <https://highvelocityhuntingaustralia.com.au/>; rel=shortlink
Keep-Alive: timeout=5, max=99

Redirect headers

Date: Mon, 22 Nov 2021 06:08:11 GMT
Server: Apache
X-Powered-By: PHP/7.3.29
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Location: https://highvelocityhuntingaustralia.com.au
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
X-Redirect-By: Rank Math
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 6ZARQ1i.jpg
i.imgur.com/ 1011 KB
1012 KB 205ms
139ms Image
image/jpeg 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/6ZARQ1i.jpg

Requested by

Host: postheaven.net
URL: https://postheaven.net/quilthammer37/how-tikka-t3-in-hunting-accessories-for-sale-ebay-can-save-you-time

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

a4cd8b514983dcdca773d745d8cbb1718082b72a803fca7f3dcb1ee6b1815742

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://postheaven.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 06:08:11 GMT
x-content-type-options: nosniff
age: 1337128
x-cache: HIT, MISS
x-amz-storage-class: STANDARD_IA
content-length: 1035636
x-served-by: cache-bwi5176-BWI, cache-fra19179-FRA
last-modified: Mon, 05 Oct 2020 00:16:24 GMT
server: cat factory 1.0
x-timer: S1637561291.958638,VS0,VE111
etag: "586d26ab6626d0a0b146ea82bd1a3e98"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 JRTAC416L-Tikka_2.jpg
www.scopelist.com/Images/Tikka/ 12 KB
12 KB 508ms
462ms Image
image/jpeg 104.26.9.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.scopelist.com/Images/Tikka/JRTAC416L-Tikka_2.jpg
Requested by: Host: postheaven.net
URL: https://postheaven.net/quilthammer37/how-tikka-t3-in-hunting-accessories-for-sale-ebay-can-save-you-time
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2998890fd427c777228ac88ce63949e4e8430505dc4f5af0e9168c08c5ebea5d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://postheaven.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 06:08:11 GMT
cf-cache-status: MISS
last-modified: Tue, 18 Aug 2020 12:27:21 GMT
server: cloudflare
etag: "c67879eb5a75d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KnFn2FcvKStZTQKpQN2lo4AmQbKOdRvhQ0ceL9KnzUp%2FhK09apnPVnzWSWa%2BU58ROKbqkn9nyGoWVHa7180fXTLzMAhXiSsmex6p65x%2F%2BksYBLJACstpU2qCcDPM5%2FgKkyUo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b1ffb5459f70f86-MXP
content-length: 11969

GET
H2 200 jh5Ht1QqPOA Show response
www.youtube.com/embed/ Frame C7C0 58 KB
25 KB 145ms
73ms Document
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/jh5Ht1QqPOA

Requested by

Host: postheaven.net
URL: https://postheaven.net/quilthammer37/how-tikka-t3-in-hunting-accessories-for-sale-ebay-can-save-you-time

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

50220c772191f6d500a70fbb6deecf0e0f2e99c7867278d0239a64d9f76e6814

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://postheaven.net/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 22 Nov 2021 06:08:11 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=it for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 base-weblog.css
static.typepad.com/.shared/themes/common/ 27 KB
6 KB 658ms
619ms Stylesheet
text/css 104.18.136.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.typepad.com/.shared/themes/common/base-weblog.css
Requested by: Host: postheaven.net
URL: https://postheaven.net/harrietdevine/styles.css?v=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.136.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6eea8d407f0202d9259a6c90073ef4468302bc8849bbc385ae921c740cb52a88

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://postheaven.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 06:08:11 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 09 Apr 2019 19:40:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/css
cache-control: public
cf-ray: 6b1ffb550dac5a19-MXP
expires: Tue, 22 Nov 2022 06:08:11 GMT

GET
H2 200 tipjar.css
static.typepad.com/.shared/themes/common/ 4 KB
923 B 595ms
557ms Stylesheet
text/css 104.18.136.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.typepad.com/.shared/themes/common/tipjar.css
Requested by: Host: postheaven.net
URL: https://postheaven.net/harrietdevine/styles.css?v=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.136.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c72d1f8931da5426f1684455f51fc1fba22ae78bc43f647c77924bea68d5d75d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://postheaven.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 06:08:11 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 09 Apr 2019 19:40:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/css
cache-control: public
cf-ray: 6b1ffb550daf5a19-MXP
expires: Tue, 22 Nov 2022 06:08:11 GMT

GET
H2 200 mosaic.css
static.typepad.com/.shared/themes/jim/mosaic/ 15 KB
3 KB 596ms
559ms Stylesheet
text/css 104.18.136.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.typepad.com/.shared/themes/jim/mosaic/mosaic.css
Requested by: Host: postheaven.net
URL: https://postheaven.net/harrietdevine/styles.css?v=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.136.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eced529491570841aed3809921126305b7bafe7c86be4a3ffe69529ba318bba1

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://postheaven.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 06:08:11 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 09 Apr 2019 19:40:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/css
cache-control: public
cf-ray: 6b1ffb550db15a19-MXP
expires: Tue, 22 Nov 2022 06:08:11 GMT

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/4c89207b/ Frame C7C0 336 KB
46 KB 60ms
26ms Stylesheet
text/css 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4c89207b/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jh5Ht1QqPOA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6aaf90b8a7792c137daa8a324bfc07b5bf47a1b4c71bdb4e2b8675008b48afee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/jh5Ht1QqPOA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 14:56:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54690
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47193
x-xss-protection: 0
last-modified: Sun, 21 Nov 2021 03:00:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 21 Nov 2022 14:56:41 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/4c89207b/www-embed-player.vflset/ Frame C7C0 214 KB
70 KB 57ms
25ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4c89207b/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jh5Ht1QqPOA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d59215215ab74c1db96fd8ab0ab80ca05ebbbae6afc8ba156c5ae53b83fd652a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/jh5Ht1QqPOA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 14:56:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71869
x-xss-protection: 0
last-modified: Sun, 21 Nov 2021 03:00:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 21 Nov 2022 14:56:15 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/4c89207b/player_ias.vflset/it_IT/ Frame C7C0 2 MB
522 KB 96ms
64ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4c89207b/player_ias.vflset/it_IT/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jh5Ht1QqPOA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4eef34b0e66a5bab6adee952cbe8038c86d72b34d7d6b0e9a31656d9c55fc2e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/jh5Ht1QqPOA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 15:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54080
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 534058
x-xss-protection: 0
last-modified: Sun, 21 Nov 2021 03:00:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 21 Nov 2022 15:06:51 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4c89207b/fetch-polyfill.vflset/ Frame C7C0 8 KB
3 KB 84ms
53ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4c89207b/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jh5Ht1QqPOA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/jh5Ht1QqPOA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 14:56:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Sun, 21 Nov 2021 03:00:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 21 Nov 2022 14:56:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C7C0 15 KB
16 KB 98ms
36ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jh5Ht1QqPOA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 11:18:05 GMT
x-content-type-options: nosniff
age: 499806
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 16 Nov 2022 11:18:05 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame C7C0
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

85ms
50ms

XHR
application/json

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jh5Ht1QqPOA

Protocol

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1226f871e7cdd4fa3c21981f0b81da542043c03333064a99a1c424e19139eb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 06:08:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Nov 2021 06:08:11 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame C7C0 29 B
588 B 87ms
26ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4c89207b/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 05:57:28 GMT
x-content-type-options: nosniff
age: 643
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 Nov 2021 06:12:28 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4c89207b/player_ias.vflset/it_IT/ Frame C7C0 94 KB
29 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4c89207b/player_ias.vflset/it_IT/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4c89207b/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe8f61cc924b7273c7e3c61dafc9bdd7a7b5c66ae06e3d76cfdf849f04095d5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/jh5Ht1QqPOA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 15:06:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54076
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29811
x-xss-protection: 0
last-modified: Sun, 21 Nov 2021 03:00:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 21 Nov 2022 15:06:55 GMT

GET
H2 200 TEwuquBp3QwJuFHIV_KXdL761CQTMLpoUpbSVkNeo80.js Show response
www.google.com/js/th/ Frame C7C0 35 KB
14 KB 101ms
36ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/TEwuquBp3QwJuFHIV_KXdL761CQTMLpoUpbSVkNeo80.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4c89207b/player_ias.vflset/it_IT/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c4c2eaae069dd0c09b851c857f29774befad4241330ba685296d256435ea3cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:40:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 232065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13375
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Nov 2022 13:40:26 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4c89207b/player_ias.vflset/it_IT/ Frame C7C0 24 KB
7 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4c89207b/player_ias.vflset/it_IT/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4c89207b/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c626130502778b72255f2d8d8d83d9f268182a51a6f6ccce9c464ecb9fba6f36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/jh5Ht1QqPOA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 15:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54080
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7345
x-xss-protection: 0
last-modified: Sun, 21 Nov 2021 03:00:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 21 Nov 2022 15:06:51 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame C7C0 4 KB
3 KB 100ms
40ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4c89207b/player_ias.vflset/it_IT/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 06:08:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Nov 2021 06:08:11 GMT

GET
DATA 200
OK truncated
/ Frame C7C0 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLQuFTmvu6KDV2knPB1tOuTDEstsX9EmrsvlfH4=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame C7C0 1 KB
2 KB 91ms
25ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQuFTmvu6KDV2knPB1tOuTDEstsX9EmrsvlfH4=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jh5Ht1QqPOA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d61bf6250f706bad5e099846ead215625261306a51c4722b67a2fb5a94fe86cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 05:33:07 GMT
x-content-type-options: nosniff
age: 2104
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1225
x-xss-protection: 0
server: fife
etag: "v1e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 13 Nov 2021 07:52:24 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/jh5Ht1QqPOA/ Frame C7C0 11 KB
11 KB 103ms
30ms Image
image/jpeg 2a00:1450:4001:82a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/jh5Ht1QqPOA/hqdefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jh5Ht1QqPOA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a90a900cad4b0f17bf9e6ac63949a583b267d9b572a7b441af650c5d7a580ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 05:36:11 GMT
x-content-type-options: nosniff
age: 1920
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10889
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 Nov 2021 07:36:11 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame C7C0 0
9 B 26ms
25ms Image
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?IspLFw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/jh5Ht1QqPOA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/jh5Ht1QqPOA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 06:08:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/89/ Frame C7C0 48 KB
14 KB 63ms
30ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/89/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 16:02:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50724
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14262
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:19:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Mon, 22 Nov 2021 16:02:47 GMT

GET
H2 200 featherlight-gallery.css
static.typepad.com/.shared/css/ 3 KB
795 B 548ms
548ms Stylesheet
text/css 104.18.136.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.typepad.com/.shared/css/featherlight-gallery.css
Requested by: Host: static.typepad.com
URL: https://static.typepad.com/.shared/themes/common/base-weblog.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.136.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ce32915eab5229db622223aeaecc7bd704160d4d3fde1d8d09b3c05a174b506

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://static.typepad.com/.shared/themes/common/base-weblog.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 06:08:12 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 09 Apr 2019 19:40:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/css
cache-control: public
cf-ray: 6b1ffb59cd9c5a19-MXP
expires: Tue, 22 Nov 2022 06:08:12 GMT

GET
H2

200

featherlight.min.css
cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/
Redirect Chain

https://cdn.rawgit.com/noelboss/featherlight/1.7.13/release/featherlight.min.css
https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/featherlight.min.css

2 KB
1 KB

61ms
23ms

Stylesheet
text/css

2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/featherlight.min.css

Requested by

Host: static.typepad.com
URL: https://static.typepad.com/.shared/css/featherlight-gallery.css

Protocol

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc462b8920124b34fffa9f466debcfb0e097317ed6b76b73a547ad39c374fe34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://static.typepad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 06:08:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2366398
x-jsd-version: 1.7.13
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19122-FRA, cache-mxp6940-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"74c-qn7jgwM1oqqgU91VxAG6wby5T0s"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6b1ffb5e1c7c3763-MXP

Redirect headers

date: Mon, 22 Nov 2021 06:08:12 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 756
age: 34507
access-control-expose-headers: *
x-cache: MISS, HIT
cdn-cachedat: 11/22/2021 07:08:11
cdn-pullzone: 201235
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 119
server: BunnyCDN-DE1-756
x-served-by: cache-fra19142-FRA, cache-pwk4950-PWK
access-control-allow-origin: *
cdn-proxyver: 1.0
cdn-requestpullcode: 301
location: https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/featherlight.min.css
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=2592000
cdn-requestid: 52558c530dbce1d8dca1925e7cabc93c
timing-allow-origin: *
cdn-requestcountrycode: IT
cdn-status: 301
cdn-requestpullsuccess: True

GET
H2

200

featherlight.gallery.min.css
cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/
Redirect Chain

https://cdn.rawgit.com/noelboss/featherlight/1.7.13/release/featherlight.gallery.min.css
https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/featherlight.gallery.min.css

2 KB
734 B

61ms
24ms

Stylesheet
text/css

2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/featherlight.gallery.min.css

Requested by

Host: static.typepad.com
URL: https://static.typepad.com/.shared/css/featherlight-gallery.css

Protocol

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

906daba3c69c8916903c60c8be7174649f9294db224ee5388ea29d40faf226b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://static.typepad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 06:08:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2366340
x-jsd-version: 1.7.13
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19120-FRA, cache-mxp6942-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"6f6-uWXKx3271iZqaEhqpW3Julyb3c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6b1ffb5e1c7d3763-MXP

Redirect headers

date: Mon, 22 Nov 2021 06:08:12 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 756
age: 81844
access-control-expose-headers: *
x-cache: MISS, HIT
cdn-cachedat: 11/22/2021 07:08:08
cdn-pullzone: 201235
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 127
server: BunnyCDN-DE1-756
x-served-by: cache-fra19163-FRA, cache-pwk4932-PWK
access-control-allow-origin: *
cdn-proxyver: 1.0
cdn-requestpullcode: 301
location: https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/featherlight.gallery.min.css
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=2592000
cdn-requestid: eb797ee4c3aedc0b168bdb66df3888f2
timing-allow-origin: *
cdn-requestcountrycode: IT
cdn-status: 301
cdn-requestpullsuccess: True

GET
H2 200 6a00d8341c69f653ef022ad3be037b200b-250hi
harrietdevine.typepad.com/.a/ 21 KB
22 KB 616ms
605ms Image
image/jpeg 104.18.136.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://harrietdevine.typepad.com/.a/6a00d8341c69f653ef022ad3be037b200b-250hi

Requested by

Host: postheaven.net
URL: https://postheaven.net/harrietdevine/styles.css?v=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.136.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ae13620697bf14d1d358d1b0abac75b78ed50bac73c2f2e10b7b219d165e5f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://postheaven.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 06:08:13 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 363
cf-ray: 6b1ffb5e5c285a19-MXP
content-disposition: inline; filename=6a00d8341c69f653ef022ad3be037b200b-250hi.jpg
vary: cookie
content-length: 21836
x-webserver: oak-tp-web075
last-modified: Tue, 06 Nov 2018 09:17:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-varnish: 4290982459 4290924104
cache-control: s-maxage=14400
x-phapp: oak-tp-web075
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 pagebody-bg.gif
static.typepad.com/.shared/themes/jim/mosaic/ 62 B
238 B 28ms
27ms Image
image/webp 104.18.136.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.typepad.com/.shared/themes/jim/mosaic/pagebody-bg.gif
Requested by: Host: static.typepad.com
URL: https://static.typepad.com/.shared/themes/jim/mosaic/mosaic.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.136.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26647658872734d49650fb3d81e6fe2a22470ec06f4932b658a8b82ea457d881

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://static.typepad.com/.shared/themes/jim/mosaic/mosaic.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 06:08:12 GMT
cf-cache-status: HIT
age: 4831887
cf-polished: origFmt=gif, origSize=134
content-disposition: inline; filename="pagebody-bg.webp"
content-length: 62
last-modified: Tue, 09 Apr 2019 19:40:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 27 Sep 2022 07:56:45 GMT
cache-control: public, max-age=26704113
accept-ranges: bytes
cf-ray: 6b1ffb5e4c135a19-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 date-header-bg2.gif
static.typepad.com/.shared/themes/jim/mosaic/ 119 B
300 B 27ms
27ms Image
image/gif 104.18.136.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.typepad.com/.shared/themes/jim/mosaic/date-header-bg2.gif
Requested by: Host: static.typepad.com
URL: https://static.typepad.com/.shared/themes/jim/mosaic/mosaic.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.136.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6fc6b281a747a799780b6bbc42fec7a1eb36d2e77663689421447980f0d92a8

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://static.typepad.com/.shared/themes/jim/mosaic/mosaic.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 06:08:12 GMT
cf-cache-status: HIT
last-modified: Tue, 09 Apr 2019 19:40:39 GMT
server: cloudflare
age: 4610636
cf-polished: status=not_needed
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
expires: Thu, 29 Sep 2022 21:24:16 GMT
cache-control: public, max-age=26925364
accept-ranges: bytes
cf-ray: 6b1ffb5e4c155a19-MXP
content-length: 119
cf-bgj: imgq:100,h2pri

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame C7C0 28 B
54 B 39ms
38ms XHR
application/json 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4c89207b/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/jh5Ht1QqPOA
X-YouTube-Client-Version: 1.20211117.01.02
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtmYzhMOUpjOHp5ZyjK5-yMBg%3D%3D
X-YouTube-Ad-Signals: dt=1637561291308&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 22 Nov 2021 06:08:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 22 Nov 2021 06:08:13 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: EeRk4ODLHpM
			.youtube.com/	1970-01-20 03:11:53	Name: VISITOR_INFO1_LIVE Value: fc8L9Jc8zyg

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://postheaven.net/quilthammer37/how-tikka-t3-in-hunting-accessories-for-sale-ebay-can-save-you-time Message: Mixed Content: The page at 'https://postheaven.net/quilthammer37/how-tikka-t3-in-hunting-accessories-for-sale-ebay-can-save-you-time' was loaded over HTTPS, but requested an insecure element 'http://www.katiecortese.com/wp-content/uploads/2012/10/texas-tech-logo-2-150x150.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://postheaven.net/quilthammer37/how-tikka-t3-in-hunting-accessories-for-sale-ebay-can-save-you-time Message: Mixed Content: The page at 'https://postheaven.net/quilthammer37/how-tikka-t3-in-hunting-accessories-for-sale-ebay-can-save-you-time' was loaded over HTTPS, but requested an insecure element 'http://www.katiecortese.com/wp-content/uploads/2012/10/texas-tech-logo-2-150x150.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdn.rawgit.com
fonts.gstatic.com
googleads.g.doubleclick.net
harrietdevine.typepad.com
highvelocityhuntingaustralia.com.au
i.imgur.com
i.ytimg.com
postheaven.net
static.doubleclick.net
static.typepad.com
www.google.com
www.gstatic.com
www.katiecortese.com
www.scopelist.com
www.youtube.com
yt3.ggpht.com
104.18.136.190
104.26.9.152
151.101.12.193
173.254.30.236
2404:8280:a222:bbbb:bba1:66:ffff:ffff
2606:4700:3030::ac43:99aa
2606:4700::6810:5814
2a00:1450:4001:803::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2003
2a00:1450:4001:827::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2016
2a00:1450:4001:830::2004
89.187.169.47
26647658872734d49650fb3d81e6fe2a22470ec06f4932b658a8b82ea457d881
2998890fd427c777228ac88ce63949e4e8430505dc4f5af0e9168c08c5ebea5d
2ce32915eab5229db622223aeaecc7bd704160d4d3fde1d8d09b3c05a174b506
3a90a900cad4b0f17bf9e6ac63949a583b267d9b572a7b441af650c5d7a580ec
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4649859d7a7a5f5bd3b66e2e63588bc172da1f553eece4ba8d0b2b3f5626c73c
4c4c2eaae069dd0c09b851c857f29774befad4241330ba685296d256435ea3cd
4eef34b0e66a5bab6adee952cbe8038c86d72b34d7d6b0e9a31656d9c55fc2e1
50220c772191f6d500a70fbb6deecf0e0f2e99c7867278d0239a64d9f76e6814
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6aaf90b8a7792c137daa8a324bfc07b5bf47a1b4c71bdb4e2b8675008b48afee
6eea8d407f0202d9259a6c90073ef4468302bc8849bbc385ae921c740cb52a88
7ae13620697bf14d1d358d1b0abac75b78ed50bac73c2f2e10b7b219d165e5f2
906daba3c69c8916903c60c8be7174649f9294db224ee5388ea29d40faf226b9
a4cd8b514983dcdca773d745d8cbb1718082b72a803fca7f3dcb1ee6b1815742
b6fc6b281a747a799780b6bbc42fec7a1eb36d2e77663689421447980f0d92a8
bc462b8920124b34fffa9f466debcfb0e097317ed6b76b73a547ad39c374fe34
c626130502778b72255f2d8d8d83d9f268182a51a6f6ccce9c464ecb9fba6f36
c72d1f8931da5426f1684455f51fc1fba22ae78bc43f647c77924bea68d5d75d
c9547c3a7a2cb732d0269141a2d324e3e50b5ecaed6ed4c34966e1814316ae20
d59215215ab74c1db96fd8ab0ab80ca05ebbbae6afc8ba156c5ae53b83fd652a
d61bf6250f706bad5e099846ead215625261306a51c4722b67a2fb5a94fe86cc
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
ddfb3ee118b2ee2c853114a8f90d6c79a0e52afc9af75cfe7a37a4c60f17efad
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e1226f871e7cdd4fa3c21981f0b81da542043c03333064a99a1c424e19139eb6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80
eced529491570841aed3809921126305b7bafe7c86be4a3ffe69529ba318bba1
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
fe8f61cc924b7273c7e3c61dafc9bdd7a7b5c66ae06e3d76cfdf849f04095d5b

postheaven.net Open in urlscan Pro 2606:4700:3030::ac43:99aa Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

32 Requests

88 %HTTPS

69 %IPv6

14 Domains

17 Subdomains

16 IPs

4 Countries

1840 kBTransfer

3795 kBSize

2 Cookies

1 Outgoing links

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

postheaven.net Open in urlscan Pro
2606:4700:3030::ac43:99aa Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

88 %
HTTPS

69 %
IPv6

14
Domains

17
Subdomains

16
IPs

4
Countries

1840 kB
Transfer

3795 kB
Size

2
Cookies

32 HTTP transactions
1 data transactions