blogfreely.net Open in urlscan Pro
172.67.159.125  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request der-ultimative-leitfaden-zum-kauf-von-pokalen Show response blogfreely.net/battleshield3/	14 KB 5 KB	711ms 204ms	Document text/html	172.67.159.125 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blogfreely.net/battleshield3/der-ultimative-leitfaden-zum-kauf-von-pokalen Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.159.125 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a3725f3c54650dd184af13f06f2073ab68d744fe6d55c21ee02605a6fa80f58a Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 830f8ac848c4660f-AMS content-encoding br content-type text/html; charset=utf-8 date Tue, 05 Dec 2023 21:56:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYTlnKr5J0ms2eazFOID2MNk572paBpmSk6Y3CKTSJXf573o%2FY2rwxdgcFSiZogt0J9FofbR1RE1OX9cVf8oJxSqX2Eg6k2HUfUGfGz%2BdhxFjMwBiIhWPq68PRsJs8IBNg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-served-by blogfreely.net
GET H2	200	write.css blogfreely.net/css/	49 KB 10 KB	131ms 129ms	Stylesheet text/css	172.67.159.125 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blogfreely.net/css/write.css Requested by Host: blogfreely.net URL: https://blogfreely.net/battleshield3/der-ultimative-leitfaden-zum-kauf-von-pokalen Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.159.125 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 19194360f69da1a7c5fe2e5e79f5452b3b8cbff371e3a08e95344b3c6aee258a Request headers accept-language de-CH,de;q=0.9 Referer https://blogfreely.net/battleshield3/der-ultimative-leitfaden-zum-kauf-von-pokalen User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 05 Dec 2023 21:56:58 GMT content-encoding br cf-cache-status HIT last-modified Tue, 15 Jan 2019 11:31:45 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2714 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F4E33CVpzVBGDI%2BioMFC8lbUyvZiepOiUb0UAzZgt%2BhzcdDwzlouvcvjteWQwULQqKponel1ZOWbxd%2B2OA%2BZzXnBj8H2eWL5Lg3APRoIY1%2FT%2BV0a1YCrgMlbTJkQpMwLmQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 cache-control max-age=14400 cf-ray 830f8ac98a29660f-AMS alt-svc h3=":443"; ma=86400 x-served-by blogfreely.net
GET H2	200	600-2020-0311143525.jpg www.medaillen.de/artikelbilder/	19 KB 19 KB	477ms 200ms	Image image/jpeg	82.165.67.112 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.medaillen.de/artikelbilder/600-2020-0311143525.jpg Requested by Host: blogfreely.net URL: https://blogfreely.net/battleshield3/der-ultimative-leitfaden-zum-kauf-von-pokalen Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 82.165.67.112 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 05e84786edf7726bfa540f8ae0578e6ecb35874e2ba32fcf6ad555c5f48d5731 Request headers accept-language de-CH,de;q=0.9 Referer https://blogfreely.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 05 Dec 2023 21:56:58 GMT last-modified Wed, 03 May 2023 08:45:11 GMT server Microsoft-IIS/10.0 etag "4839a2929b7dd91:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 19005
GET H2	200	X821-4-G-11RKKqt5q2hXYX_600x600.jpg www.pokale-nrw.de/media/image/e8/91/72/	62 KB 62 KB	721ms 309ms	Image image/jpeg	37.228.159.214 CLOUDPIT
General Check archive.org Show headers Download Go to Show image Full URL https://www.pokale-nrw.de/media/image/e8/91/72/X821-4-G-11RKKqt5q2hXYX_600x600.jpg Requested by Host: blogfreely.net URL: https://blogfreely.net/battleshield3/der-ultimative-leitfaden-zum-kauf-von-pokalen Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.228.159.214 , Germany, ASN45012 (CLOUDPIT, DE), Reverse DNS cloud3-vm532.de-nserver.de Software Apache / Resource Hash 416fac0a9aae4eb93c9ef79654a6929551660c38d6e11a6f1ffa93c6910402d4 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-CH,de;q=0.9 Referer https://blogfreely.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 05 Dec 2023 21:56:58 GMT last-modified Sat, 30 Sep 2023 17:05:09 GMT server Apache x-frame-options SAMEORIGIN content-type image/jpeg cache-control max-age=2592000, public accept-ranges bytes content-length 63735 expires Thu, 04 Jan 2024 21:56:58 GMT
GET H2	200	2B7VvJyPfVo Show response www.youtube.com/embed/ Frame 02C7	86 KB 39 KB	1177ms 399ms	Document text/html	142.250.185.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/2B7VvJyPfVo Requested by Host: blogfreely.net URL: https://blogfreely.net/battleshield3/der-ultimative-leitfaden-zum-kauf-von-pokalen Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f14.1e100.net Software ESF / Resource Hash 0a9dd9dc59f94e568f7e315161f33c9a300ecdfcd5f450a5c2d8a29144f2649d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://blogfreely.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding br content-type text/html; charset=utf-8 cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" cross-origin-resource-policy cross-origin date Tue, 05 Dec 2023 21:56:59 GMT expires Mon, 01 Jan 1990 00:00:00 GMT origin-trial AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info." permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* pragma no-cache report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} server ESF strict-transport-security max-age=31536000 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-content-type-options nosniff x-xss-protection 0
GET H2	200	webfont.js Show response blogfreely.net/js/	12 KB 5 KB	104ms 103ms	Script application/javascript	172.67.159.125 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blogfreely.net/js/webfont.js Requested by Host: blogfreely.net URL: https://blogfreely.net/battleshield3/der-ultimative-leitfaden-zum-kauf-von-pokalen Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.159.125 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2711b037e078e306e59765e9fc22d9f86867eb26af8c6af72d864a1c52bed8ac Request headers accept-language de-CH,de;q=0.9 Referer https://blogfreely.net/battleshield3/der-ultimative-leitfaden-zum-kauf-von-pokalen User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 05 Dec 2023 21:56:58 GMT content-encoding br cf-cache-status HIT last-modified Tue, 15 Jan 2019 10:57:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2714 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXemEE2V8X15XrlEa%2FBHqRd4yk%2Bmrv4yMT3dYiWsQIch%2BCH%2BN3JOwDIAvtsVB1BiRpsbhSpeusPLN6uTqT1BW4zcmM%2F6j5F2PfWEKCYcpXArt50WsqM%2FMDt6FGx2FRgz2Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 830f8acb0bce660f-AMS alt-svc h3=":443"; ma=86400 x-served-by blogfreely.net
GET H2	200	fonts.css blogfreely.net/css/	2 KB 626 B	167ms 166ms	Stylesheet text/css	172.67.159.125 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blogfreely.net/css/fonts.css Requested by Host: blogfreely.net URL: https://blogfreely.net/js/webfont.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.159.125 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1119cb35793ecd895e0cd5f1a2894fa14994c703412a9b5c8c229abcdd1ffb8 Request headers accept-language de-CH,de;q=0.9 Referer https://blogfreely.net/battleshield3/der-ultimative-leitfaden-zum-kauf-von-pokalen User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 05 Dec 2023 21:56:58 GMT content-encoding br cf-cache-status HIT last-modified Tue, 15 Jan 2019 11:31:45 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 109 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VScqw9h0itmHPMjMP%2BMHyebIcEl5vyrutX8gMEtBQm8zqgMhpuWqNm%2FPbWDV%2BwRnZgM4jn%2Bdo6Tc%2FlaXUbr9hTlBBW%2FLrs3Y4MVTHosIrXSndLHsvm8N6szusxuYqOvDCA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 cache-control max-age=14400 cf-ray 830f8acc3d4b660f-AMS alt-svc h3=":443"; ma=86400 x-served-by blogfreely.net
GET H2	200	Lora-Bold.woff2 blogfreely.net/fonts/	67 KB 67 KB	1286ms 1286ms	Font font/woff2	172.67.159.125 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blogfreely.net/fonts/Lora-Bold.woff2 Requested by Host: blogfreely.net URL: https://blogfreely.net/css/fonts.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.159.125 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5aad84fd548b01f6f96d44b6254b68a247e5d12800b5284c72a5310d05746ee5 Request headers Referer https://blogfreely.net/css/fonts.css Origin https://blogfreely.net accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 05 Dec 2023 21:56:59 GMT cf-cache-status HIT last-modified Tue, 15 Jan 2019 10:57:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1030 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=papJTodMgkcQrnkFqi9cCiSRNT6roz8mkViP3X38s4SS6c7R%2FAm0NAjIoSzw7Ywuf%2B9n86EhGJ9fLW6TXgd9gwoUabE1fEgwJK6k7mqe9ETqg0Pzz55HZ4FvoWAMXv9AQg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 830f8acd4e98660f-AMS alt-svc h3=":443"; ma=86400 content-length 68656 x-served-by blogfreely.net
GET H2	200	Lora-Regular.woff2 blogfreely.net/fonts/	62 KB 63 KB	109ms 109ms	Font font/woff2	172.67.159.125 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blogfreely.net/fonts/Lora-Regular.woff2 Requested by Host: blogfreely.net URL: https://blogfreely.net/css/fonts.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.159.125 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 26ee6f80607aa285386fc2132073fda3639fddfb3c139d7e92490de306d2b8d1 Request headers Referer https://blogfreely.net/css/fonts.css Origin https://blogfreely.net accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 05 Dec 2023 21:56:59 GMT cf-cache-status HIT last-modified Tue, 15 Jan 2019 10:57:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1030 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1QmuXVAfbpNoFX%2BfAaf1qeMQSWGSn7f9aAyuTmENlBSpk498SD07zMkXkKyIWukg9ECSyMjE9O3slDU0u%2BaDY7EQbnfji0Pqj70aV6PeOEc8hSBRSCDiU9hiWLV%2FaM0Aw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 830f8acd4e99660f-AMS alt-svc h3=":443"; ma=86400 content-length 63668 x-served-by blogfreely.net
GET H2	200	www-player.css www.youtube.com/s/player/36ead5a4/ Frame 02C7	365 KB 47 KB	464ms 464ms	Stylesheet text/css	142.250.185.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/36ead5a4/www-player.css Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/2B7VvJyPfVo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f14.1e100.net Software sffe / Resource Hash c8cf595211c3780ca984d79461caff6908401386ebb9894598ecadc396e22e1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.youtube.com/embed/2B7VvJyPfVo User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 05 Dec 2023 20:51:11 GMT content-encoding br x-content-type-options nosniff age 3948 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48216 x-xss-protection 0 last-modified Mon, 04 Dec 2023 02:42:31 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 04 Dec 2024 20:51:11 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 02C7	15 KB 15 KB	1040ms 489ms	Font font/woff2	142.250.186.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/2B7VvJyPfVo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f3.1e100.net Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 04 Dec 2023 22:43:11 GMT x-content-type-options nosniff age 83629 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 03 Dec 2024 22:43:11 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 02C7	15 KB 16 KB	975ms 425ms	Font font/woff2	142.250.186.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/2B7VvJyPfVo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f3.1e100.net Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 05 Dec 2023 07:56:17 GMT x-content-type-options nosniff age 50443 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 04 Dec 2024 07:56:17 GMT
GET H2	200	embed.js Show response www.youtube.com/s/player/36ead5a4/player_ias.vflset/de_DE/ Frame 02C7	53 KB 16 KB	694ms 693ms	Script text/javascript	142.250.185.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/36ead5a4/player_ias.vflset/de_DE/embed.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/2B7VvJyPfVo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f14.1e100.net Software sffe / Resource Hash a3127324e2db86a9c99ca5de992d2cb219732c66b899c91c493e6657644733b6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.youtube.com/embed/2B7VvJyPfVo User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 04 Dec 2023 08:25:12 GMT content-encoding br x-content-type-options nosniff age 135108 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16676 x-xss-protection 0 last-modified Mon, 04 Dec 2023 02:42:31 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 03 Dec 2024 08:25:12 GMT
GET H2	200	www-embed-player.js Show response www.youtube.com/s/player/36ead5a4/www-embed-player.vflset/ Frame 02C7	322 KB 96 KB	696ms 696ms	Script text/javascript	142.250.185.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/36ead5a4/www-embed-player.vflset/www-embed-player.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/2B7VvJyPfVo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f14.1e100.net Software sffe / Resource Hash e52767a9dc2605468318c8760bcfb4153358aeb35520ccf7a06fd8edd966a0ee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.youtube.com/embed/2B7VvJyPfVo User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 05 Dec 2023 21:32:38 GMT content-encoding br x-content-type-options nosniff age 1462 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 98617 x-xss-protection 0 last-modified Mon, 04 Dec 2023 02:42:31 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 04 Dec 2024 21:32:38 GMT
GET H2	200	base.js Show response www.youtube.com/s/player/36ead5a4/player_ias.vflset/de_DE/ Frame 02C7	2 MB 768 KB	697ms 696ms	Script text/javascript	142.250.185.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/36ead5a4/player_ias.vflset/de_DE/base.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/2B7VvJyPfVo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f14.1e100.net Software sffe / Resource Hash ac72daaf0d4e354e83fd5d5069b1718ebcb27e51316f29d445bb8d943ef50ac2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.youtube.com/embed/2B7VvJyPfVo User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 04 Dec 2023 08:25:12 GMT content-encoding gzip x-content-type-options nosniff age 135108 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 785986 x-xss-protection 0 last-modified Mon, 04 Dec 2023 02:42:31 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 03 Dec 2024 08:25:12 GMT
GET		id googleads.g.doubleclick.net/pagead/ Frame 02C7	0 0
GET		ad_status.js static.doubleclick.net/instream/ Frame 02C7	0 0
OPTIONS		Create jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0
POST		Create jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 02C7	0 0
POST		qoe www.youtube.com/api/stats/ Frame 02C7	0 0
GET DATA	200 OK	truncated / Frame 02C7	296 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

googleads.g.doubleclick.net

URL

https://googleads.g.doubleclick.net/pagead/id

Domain

static.doubleclick.net

URL

https://static.doubleclick.net/instream/ad_status.js

Domain

jnn-pa.googleapis.com

URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Domain

jnn-pa.googleapis.com

URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Domain

www.youtube.com

URL

https://www.youtube.com/api/stats/qoe?cpn=8l4tSPaub3LmdUUX&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C2602%2C73492%2C54572%2C73455%2C153865%2C23098%2C53633%2C84737%2C25688%2C9541%2C1089%2C5877%2C394%2C26433995%2C5499%2C4054%2C1930%2C5181%2C9369%2C1556%2C1141%2C8128%2C859%2C1094%2C2316%2C7197%2C5669%2C1242%2C77%2C7649%2C2008%2C3942%2C610%2C2885%2C5379&cl=587554218&seq=1&event=streamingstats&docid=2B7VvJyPfVo&qclc=ChA4bDR0U1BhdWIzTG1kVVVYEAE&embargoed=0&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20231203.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth::0.000:0;a6s.0&vis=0.000:0&bh=0.000:0.000

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture boolean| pinning function| unpinPost object| WebFontConfig object| WebFont

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: WsJprTLMPws
			.youtube.com/	1970-01-20 21:02:45	Name: VISITOR_INFO1_LIVE Value: sYsJBxfAhP4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blogfreely.net
fonts.gstatic.com
googleads.g.doubleclick.net
jnn-pa.googleapis.com
static.doubleclick.net
www.medaillen.de
www.pokale-nrw.de
www.youtube.com
googleads.g.doubleclick.net
jnn-pa.googleapis.com
static.doubleclick.net
www.youtube.com
142.250.185.110
142.250.186.131
172.67.159.125
37.228.159.214
82.165.67.112
05e84786edf7726bfa540f8ae0578e6ecb35874e2ba32fcf6ad555c5f48d5731
0a9dd9dc59f94e568f7e315161f33c9a300ecdfcd5f450a5c2d8a29144f2649d
19194360f69da1a7c5fe2e5e79f5452b3b8cbff371e3a08e95344b3c6aee258a
26ee6f80607aa285386fc2132073fda3639fddfb3c139d7e92490de306d2b8d1
2711b037e078e306e59765e9fc22d9f86867eb26af8c6af72d864a1c52bed8ac
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
416fac0a9aae4eb93c9ef79654a6929551660c38d6e11a6f1ffa93c6910402d4
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aad84fd548b01f6f96d44b6254b68a247e5d12800b5284c72a5310d05746ee5
a3127324e2db86a9c99ca5de992d2cb219732c66b899c91c493e6657644733b6
a3725f3c54650dd184af13f06f2073ab68d744fe6d55c21ee02605a6fa80f58a
ac72daaf0d4e354e83fd5d5069b1718ebcb27e51316f29d445bb8d943ef50ac2
b1119cb35793ecd895e0cd5f1a2894fa14994c703412a9b5c8c229abcdd1ffb8
c8cf595211c3780ca984d79461caff6908401386ebb9894598ecadc396e22e1f
e52767a9dc2605468318c8760bcfb4153358aeb35520ccf7a06fd8edd966a0ee