urlscan.io logo urlscan.io
SecurityTrails logo

zenwriting.net Open in urlscan Pro
2606:4700:3037::ac43:9747  Public Scan

Go To Rescan Add Verdict Report
URL: https://zenwriting.net/geminigrill38/die-faszinierende-welt-der-pokale-von-trophaen-und-siegen
Submission: On December 13 via manual from CA — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3037::ac43:9747, located in United States and belongs to CLOUDFLARENET, US. The main domain is zenwriting.net.
TLS certificate: Issued by GTS CA 1P5 on December 8th 2023. Valid for: 3 months.
This is the only time zenwriting.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2606:4700:3037::ac43:9747 (United States)

ASN13335 (CLOUDFLARENET, US)
zenwriting.net
1    94.130.20.217 (Augsburg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: pokal-kaufen.de
pokal-kaufen.de
1    87.118.90.250 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: host15.gn2-server.de
www.diedruckdienstleister.de
7    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
4    104.18.116.121 (None, )

ASN13335 (CLOUDFLARENET, US)
static.typepad.com
ancienthebrewpoetry.typepad.com
2    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)
cdn.rawgit.com
2    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
Apex Domain
Subdomains		 Transfer
7 youtube.com
www.youtube.com — Cisco Umbrella Rank: 71
3 MB
4 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 203
40 KB
4 typepad.com
static.typepad.com — Cisco Umbrella Rank: 145984
ancienthebrewpoetry.typepad.com
105 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
static.doubleclick.net — Cisco Umbrella Rank: 248
1 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
2 KB
2 rawgit.com
cdn.rawgit.com — Cisco Umbrella Rank: 11597
1 KB
2 gstatic.com
fonts.gstatic.com
31 KB
2 zenwriting.net
zenwriting.net
7 KB
1 diedruckdienstleister.de
www.diedruckdienstleister.de
82 KB
1 pokal-kaufen.de
pokal-kaufen.de
3 MB
25 10
Domain Requested by
7 www.youtube.com zenwriting.net
www.youtube.com
4 jnn-pa.googleapis.com www.youtube.com
3 static.typepad.com zenwriting.net
static.typepad.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 cdn.jsdelivr.net static.typepad.com
2 cdn.rawgit.com 2 redirects
2 fonts.gstatic.com www.youtube.com
2 zenwriting.net zenwriting.net
1 ancienthebrewpoetry.typepad.com zenwriting.net
1 static.doubleclick.net www.youtube.com
1 www.diedruckdienstleister.de zenwriting.net
1 pokal-kaufen.de zenwriting.net
25 12

This site contains links to these domains. Also see Links.

Domain
www.pomeki.de
Subject Issuer Validity Valid
zenwriting.net
GTS CA 1P5		 2023-12-08 -
2024-03-07		 3 months crt.sh
pokal-kaufen.de
Sectigo RSA Domain Validation Secure Server CA		 2023-09-27 -
2024-09-26		 a year crt.sh
www.diedruckdienstleister.de
R3		 2023-11-21 -
2024-02-19		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-31 -
2024-07-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://zenwriting.net/geminigrill38/die-faszinierende-welt-der-pokale-von-trophaen-und-siegen
Frame ID: ED0974E7CC6B94EB0DE0125E6209DECE
Requests: 10 HTTP requests in this frame

Frame: https://www.youtube.com/embed/2B7VvJyPfVo
Frame ID: 3C9A700249B6BC83152589C2DF23D329
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Die faszinierende Welt der Pokale: Von Trophäen und Siegen — geminigrill38

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

25
Requests

88 %
HTTPS

73 %
IPv6

10
Domains

12
Subdomains

11
IPs

3
Countries

5538 kB
Transfer

6248 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://cdn.rawgit.com/noelboss/featherlight/1.7.13/release/featherlight.min.css HTTP 301
  • https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/featherlight.min.css
Request Chain 14
  • https://cdn.rawgit.com/noelboss/featherlight/1.7.13/release/featherlight.gallery.min.css HTTP 301
  • https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/featherlight.gallery.min.css
Request Chain 15
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request die-faszinierende-welt-der-pokale-von-trophaen-und-siegen
zenwriting.net/geminigrill38/ 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zenwriting.net/geminigrill38/die-faszinierende-welt-der-pokale-von-trophaen-und-siegen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9747 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91038ac70b4e099c57109aead95d27132f9e79db1a49c8a2a33787e4a0c0566f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
834e7270fb030e0d-MXP
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 13 Dec 2023 13:10:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4krLLBg8zVoLE4BvuL9nrblchzXMS9vpC2m1%2B7tbGvNM8wqKtjf27OSGcFOWGfCrAzDb1YiW9EodsOPOj%2B3BjOWHZoCbRgEik2xPD0WMQ6fTbYr1fw3oBSswokl5KIBIINUeLp%2B%2F9dAbKgTpg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-served-by
zenwriting.net
styles.css
zenwriting.net/ancienthebrewpoetry/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zenwriting.net/ancienthebrewpoetry/styles.css?v=6
Requested by
Host: zenwriting.net
URL: https://zenwriting.net/geminigrill38/die-faszinierende-welt-der-pokale-von-trophaen-und-siegen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9747 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c4b0d3d84f6b362c3e03e5dae8df9935d48ec6facbcaa22790ab1b76ce10d3f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://zenwriting.net/geminigrill38/die-faszinierende-welt-der-pokale-von-trophaen-und-siegen
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:10:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Aug 2021 09:52:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4264
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxtUZaNCqQA1niG9wE89DrTvYuYzMPOWdWRqCuXLexPFwN9R4UWvLdK%2BHeKvWj04b6lT0gCanLvBsV8Fsanb3RNvlk7WA6VdX4G8eUpwzFmENjuSGTntl8cgzu%2FkLi5yKEkb8KKDXLS%2BKB9w0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=14400
cf-ray
834e7271dc3e0e0d-MXP
alt-svc
h3=":443"; ma=86400
x-served-by
zenwriting.net
1875sc_5er.jpg
pokal-kaufen.de/media/catalog/product/cache/1/image/9df78eab33525d08d6e5fb8d27136e95/1/8/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pokal-kaufen.de/media/catalog/product/cache/1/image/9df78eab33525d08d6e5fb8d27136e95/1/8/1875sc_5er.jpg
Requested by
Host: zenwriting.net
URL: https://zenwriting.net/geminigrill38/die-faszinierende-welt-der-pokale-von-trophaen-und-siegen
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.130.20.217 Augsburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pokal-kaufen.de
Software
Apache /
Resource Hash
c276d1a23b0e036ddd045d63fe67ea4a948c478bf63e6acdcd9913230b88b80e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://zenwriting.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 13:10:24 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 12 Jun 2023 12:48:36 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
max-age=604800, public
Content-Disposition
attachment
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2716218
X-XSS-Protection
1; mode=block
fussball-pokale-mit-eigener-sieger-gravur-online-bestellen.jpg
www.diedruckdienstleister.de/out/pictures/master/product/2/ 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.diedruckdienstleister.de/out/pictures/master/product/2/fussball-pokale-mit-eigener-sieger-gravur-online-bestellen.jpg
Requested by
Host: zenwriting.net
URL: https://zenwriting.net/geminigrill38/die-faszinierende-welt-der-pokale-von-trophaen-und-siegen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.118.90.250 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS
host15.gn2-server.de
Software
Apache /
Resource Hash
ab5da9c24551bb09d5bcf9e5129f978db44ab5a1e1954846a80184ac04c7805c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://zenwriting.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:10:24 GMT
last-modified
Tue, 05 Mar 2019 06:39:48 GMT
server
Apache
accept-ranges
bytes
etag
"145e6-5835323b2d500"
content-length
83430
content-type
image/jpeg
2B7VvJyPfVo
www.youtube.com/embed/ Frame 3C9A 		85 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/2B7VvJyPfVo
Requested by
Host: zenwriting.net
URL: https://zenwriting.net/geminigrill38/die-faszinierende-welt-der-pokale-von-trophaen-und-siegen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4c89e027ed7bc8d40f22a7482f683e5084f96f51fe77d3af8953e6db47e7945f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zenwriting.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Dec 2023 13:10:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
base-weblog.css
static.typepad.com/.shared/themes/common/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.typepad.com/.shared/themes/common/base-weblog.css?v=2
Requested by
Host: zenwriting.net
URL: https://zenwriting.net/ancienthebrewpoetry/styles.css?v=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.116.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6eea8d407f0202d9259a6c90073ef4468302bc8849bbc385ae921c740cb52a88

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://zenwriting.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:10:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 09 Apr 2019 19:40:39 GMT
server
cloudflare
content-type
text/css
cache-control
public
cf-ray
834e7272cc86baa6-MXP
expires
Thu, 12 Dec 2024 13:10:24 GMT
tipjar.css
static.typepad.com/.shared/themes/common/ 		4 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.typepad.com/.shared/themes/common/tipjar.css
Requested by
Host: zenwriting.net
URL: https://zenwriting.net/ancienthebrewpoetry/styles.css?v=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.116.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c72d1f8931da5426f1684455f51fc1fba22ae78bc43f647c77924bea68d5d75d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://zenwriting.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:10:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 09 Apr 2019 19:40:39 GMT
server
cloudflare
content-type
text/css
cache-control
public
cf-ray
834e7272cc81baa6-MXP
expires
Thu, 12 Dec 2024 13:10:24 GMT
www-player.css
www.youtube.com/s/player/0d02ada0/ Frame 3C9A 		365 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0d02ada0/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2B7VvJyPfVo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8cf595211c3780ca984d79461caff6908401386ebb9894598ecadc396e22e1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/embed/2B7VvJyPfVo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:05:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
306
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48216
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 02:45:37 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 12 Dec 2024 13:05:18 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3C9A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2B7VvJyPfVo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 23:26:56 GMT
x-content-type-options
nosniff
age
481408
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Dec 2024 23:26:56 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3C9A 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2B7VvJyPfVo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 21:01:27 GMT
x-content-type-options
nosniff
age
576537
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Dec 2024 21:01:27 GMT
embed.js
www.youtube.com/s/player/0d02ada0/player_ias.vflset/de_DE/ Frame 3C9A 		53 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0d02ada0/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2B7VvJyPfVo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d12002e561242576c34be80719e78788588ed123f96b9567355f5695a977aab8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/embed/2B7VvJyPfVo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:30:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
124813
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16683
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 02:45:37 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 11 Dec 2024 02:30:11 GMT
www-embed-player.js
www.youtube.com/s/player/0d02ada0/www-embed-player.vflset/ Frame 3C9A 		322 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0d02ada0/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2B7VvJyPfVo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61b62944ae46b000da9a535a63ae0072ec5fa688c15c5fb5aee2fc385dc1361
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/embed/2B7VvJyPfVo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 11:04:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
7568
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98651
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 02:45:37 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 12 Dec 2024 11:04:16 GMT
base.js
www.youtube.com/s/player/0d02ada0/player_ias.vflset/de_DE/ Frame 3C9A 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0d02ada0/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2B7VvJyPfVo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d0db64d9ca4886486e30d70ce4af67f40788dc310a76439cc42db422d3e489b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/embed/2B7VvJyPfVo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:08:19 GMT
x-content-type-options
nosniff
age
100925
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2475025
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 02:45:37 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 11 Dec 2024 09:08:19 GMT
featherlight-gallery.css
static.typepad.com/.shared/css/ 		3 KB
725 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.typepad.com/.shared/css/featherlight-gallery.css
Requested by
Host: static.typepad.com
URL: https://static.typepad.com/.shared/themes/common/base-weblog.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.116.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ce32915eab5229db622223aeaecc7bd704160d4d3fde1d8d09b3c05a174b506

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://static.typepad.com/.shared/themes/common/base-weblog.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:10:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 09 Apr 2019 19:40:39 GMT
server
cloudflare
content-type
text/css
cache-control
public
cf-ray
834e7273feddbaa6-MXP
expires
Thu, 12 Dec 2024 13:10:24 GMT
featherlight.min.css
cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/
Redirect Chain
  • https://cdn.rawgit.com/noelboss/featherlight/1.7.13/release/featherlight.min.css
  • https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/featherlight.min.css
2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/featherlight.min.css
Requested by
Host: static.typepad.com
URL: https://static.typepad.com/.shared/css/featherlight-gallery.css
Protocol
H2
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc462b8920124b34fffa9f466debcfb0e097317ed6b76b73a547ad39c374fe34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://static.typepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:10:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1329968
x-jsd-version
1.7.13
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230056-FRA, cache-mxp6962-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"74c-qn7jgwM1oqqgU91VxAG6wby5T0s"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTiRKQbEWd4kcCXoq8p1SV2R6OnnBjG1W%2BD9njkl0cYAiFxtxCnyBYDWH5LMBShwo85TliEqfC%2FWsosRnfHoCFv7kESXNfHuhhSoz0L1MdXzO91bK%2F64B08MR7X19XeIF2cRUuGvztXDPoQ8h0g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
834e7276beff4c52-MXP

Redirect headers

date
Wed, 13 Dec 2023 13:10:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cdn-edgestorageid
1082
age
70864
x-cache
MISS, HIT
cdn-cachedat
12/13/2023 13:10:19
cdn-pullzone
201235
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443", h3-29=":443", h3-27=":443"
content-length
119
x-served-by
cache-fra-etou8220087-FRA, cache-chi-kigq8000044-CHI
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
301
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
location
https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/featherlight.min.css
access-control-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
access-control-expose-headers
*
cache-control
public, max-age=2592000
cdn-cache
HIT
cdn-requestid
f768e596f875edcac2a5c446d35c1e0a
timing-allow-origin
*
cdn-requestcountrycode
CH
cdn-status
301
cdn-requestpullsuccess
True
featherlight.gallery.min.css
cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/
Redirect Chain
  • https://cdn.rawgit.com/noelboss/featherlight/1.7.13/release/featherlight.gallery.min.css
  • https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/featherlight.gallery.min.css
2 KB
962 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/featherlight.gallery.min.css
Requested by
Host: static.typepad.com
URL: https://static.typepad.com/.shared/css/featherlight-gallery.css
Protocol
H2
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
906daba3c69c8916903c60c8be7174649f9294db224ee5388ea29d40faf226b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://static.typepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:10:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1076155
x-jsd-version
1.7.13
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230076-FRA, cache-mxp6960-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"6f6-uWXKx3271iZqaEhqpW3Julyb3c4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6TJOK2438fQ4OA3gMWxXhONEYuLFS0Y74%2Fdq8Jt3dtyMR679R%2BPWuQzWoajMmAOCSHTHtAv0IKr%2Fsmf7cIlhiXjPY1AuHyce4VOgL6lCorw0s39puxCvjddFGkAMGt4ceH0uAFR2l7Q4AKFxMcw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
834e7276bf004c52-MXP

Redirect headers

date
Wed, 13 Dec 2023 13:10:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cdn-edgestorageid
1081
age
72599
x-cache
MISS, HIT
cdn-cachedat
12/13/2023 13:10:20
cdn-pullzone
201235
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443", h3-29=":443", h3-27=":443"
content-length
127
x-served-by
cache-fra-eddf8230041-FRA, cache-chi-kigq8000131-CHI
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
301
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
location
https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/featherlight.gallery.min.css
access-control-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
access-control-expose-headers
*
cache-control
public, max-age=2592000
cdn-cache
HIT
cdn-requestid
eba3e4a1ea2e7ed4b0a2e3bdfa837c71
timing-allow-origin
*
cdn-requestcountrycode
CH
cdn-status
301
cdn-requestpullsuccess
True
id
googleads.g.doubleclick.net/pagead/ Frame 3C9A
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2B7VvJyPfVo
Protocol
H2
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9eed0a5eed5286a51a400a3ec75fc7b98a357f771cf4c663d27a0a3fceb19ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:10:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 13 Dec 2023 13:10:24 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 3C9A 		29 B
494 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d02ada0/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:08:22 GMT
x-content-type-options
nosniff
age
123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Dec 2023 13:23:22 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 13 Dec 2023 13:10:25 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 3C9A 		86 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d02ada0/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
43d5492b9ebf88802f2f3ed616ff61134df9346acafd58c91f185d538f0227c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 13 Dec 2023 13:10:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40762
x-xss-protection
0
qoe
www.youtube.com/api/stats/ Frame 3C9A 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?cpn=BeCT1eMlEjswG-vW&el=embedded&ns=yt&fexp=v1%2C23858057%2C125239%2C21348%2C2602%2C73492%2C54572%2C73455%2C153856%2C23107%2C53633%2C84737%2C25688%2C9541%2C1089%2C5877%2C394%2C26439494%2C4054%2C1930%2C5181%2C9369%2C1556%2C1141%2C5877%2C2251%2C859%2C1094%2C9513%2C4683%2C2228%2C7726%2C1861%2C147%2C4552%2C3907%2C1874%2C1165%2C1318%2C1715&cl=589656946&seq=1&event=streamingstats&docid=2B7VvJyPfVo&qclc=ChBCZUNUMWVNbEVqc3dHLXZXEAE&embargoed=0&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20231210.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth::0.000:0;a6s.0&vis=0.000:0&bh=0.000:0.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d02ada0/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/2B7VvJyPfVo
X-YouTube-Client-Version
1.20231210.00.00
X-YouTube-Time-Zone
Europe/Zurich
X-Goog-Visitor-Id
Cgs2dm9reEhUT0lFMCjA2uarBjIKCgJDSBIEGgAgVw%3D%3D
X-YouTube-Ad-Signals
dt=1702473024896&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 13:10:24 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 3C9A 		296 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e83bcf0315f708e646d547688191140b0fbf240f230225e7e4cc136d8133fe3

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
6a00d83454e67969e20115710c2b2a970b-pi
ancienthebrewpoetry.typepad.com/.a/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ancienthebrewpoetry.typepad.com/.a/6a00d83454e67969e20115710c2b2a970b-pi
Requested by
Host: zenwriting.net
URL: https://zenwriting.net/ancienthebrewpoetry/styles.css?v=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.116.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
116b8fb9a5c3991502f8caa4c6b70615996e38e0d049e958caed02f574b1ffda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://zenwriting.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:10:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 varnish
age
2529
content-disposition
inline; filename=6a00d83454e67969e20115710c2b2a970b.jpg
x-vserver
oak-tp-cache007
content-length
98287
x-webserver
oak-tp-web082
last-modified
Sun, 15 Jul 2012 10:46:44 GMT
server
cloudflare
vary
cookie
content-type
image/jpeg
x-varnish
1306190736 1306009384
cache-control
s-maxage=14400
x-phapp
oak-tp-web082
accept-ranges
bytes
cf-ray
834e72770c58baa6-MXP
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 3C9A 		94 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d02ada0/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
77f282e39968f7ca6f4c91332dee2c3ed2954b0dddc6530303e7fc4386530ceb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 13 Dec 2023 13:10:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
114
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 13 Dec 2023 13:10:25 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
log_event
www.youtube.com/youtubei/v1/ Frame 3C9A 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d02ada0/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Request-Time
1702473027008
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/2B7VvJyPfVo
X-YouTube-Client-Version
1.20231210.00.00
X-YouTube-Time-Zone
Europe/Zurich
X-Goog-Visitor-Id
Cgs2dm9reEhUT0lFMCjA2uarBjIKCgJDSBIEGgAgVw%3D%3D
X-YouTube-Ad-Signals
dt=1702473024670&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date
Wed, 13 Dec 2023 13:10:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Wed, 13 Dec 2023 13:10:27 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture

3 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: vguZ2Fh41DQ
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 6vokxHTOIE0
.typepad.com/ Name: __cf_bm
Value: 522HXggNX7G0hizrINStgqW2tE__01udSY6Y9XmA9lA-1702473024-1-AdkiwST1ySp/OP8PvtlAQj8x4UYsX2XNteFIzre2NvFrSYHLE5TcNNNeztK+s+aOsYpLAC3SOD/4ij3DMSs9My0=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ancienthebrewpoetry.typepad.com
cdn.jsdelivr.net
cdn.rawgit.com
fonts.gstatic.com
googleads.g.doubleclick.net
jnn-pa.googleapis.com
pokal-kaufen.de
static.doubleclick.net
static.typepad.com
www.diedruckdienstleister.de
www.youtube.com
zenwriting.net
104.18.116.121
2400:52e0:1e00::1081:1
2606:4700:3037::ac43:9747
2606:4700::6810:5914
2a00:1450:4001:806::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2006
2a00:1450:4001:829::200e
87.118.90.250
94.130.20.217
116b8fb9a5c3991502f8caa4c6b70615996e38e0d049e958caed02f574b1ffda
2ce32915eab5229db622223aeaecc7bd704160d4d3fde1d8d09b3c05a174b506
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43d5492b9ebf88802f2f3ed616ff61134df9346acafd58c91f185d538f0227c5
4c89e027ed7bc8d40f22a7482f683e5084f96f51fe77d3af8953e6db47e7945f
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6eea8d407f0202d9259a6c90073ef4468302bc8849bbc385ae921c740cb52a88
77f282e39968f7ca6f4c91332dee2c3ed2954b0dddc6530303e7fc4386530ceb
7d0db64d9ca4886486e30d70ce4af67f40788dc310a76439cc42db422d3e489b
8c4b0d3d84f6b362c3e03e5dae8df9935d48ec6facbcaa22790ab1b76ce10d3f
8e83bcf0315f708e646d547688191140b0fbf240f230225e7e4cc136d8133fe3
906daba3c69c8916903c60c8be7174649f9294db224ee5388ea29d40faf226b9
91038ac70b4e099c57109aead95d27132f9e79db1a49c8a2a33787e4a0c0566f
ab5da9c24551bb09d5bcf9e5129f978db44ab5a1e1954846a80184ac04c7805c
bc462b8920124b34fffa9f466debcfb0e097317ed6b76b73a547ad39c374fe34
c276d1a23b0e036ddd045d63fe67ea4a948c478bf63e6acdcd9913230b88b80e
c61b62944ae46b000da9a535a63ae0072ec5fa688c15c5fb5aee2fc385dc1361
c72d1f8931da5426f1684455f51fc1fba22ae78bc43f647c77924bea68d5d75d
c8cf595211c3780ca984d79461caff6908401386ebb9894598ecadc396e22e1f
d12002e561242576c34be80719e78788588ed123f96b9567355f5695a977aab8
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d9eed0a5eed5286a51a400a3ec75fc7b98a357f771cf4c663d27a0a3fceb19ab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9