urlscan.io logo urlscan.io
SecurityTrails logo

bell-farley.hubstack.net Open in urlscan Pro
2606:4700:3032::ac43:c122  Public Scan

Go To Rescan Add Verdict Report
URL: https://bell-farley.hubstack.net/die-faszination-von-pokalen-eine-hommage-an-den-sieg/
Submission: On October 13 via manual from PT — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 7 domains to perform 26 HTTP transactions. The main IP is 2606:4700:3032::ac43:c122, located in United States and belongs to CLOUDFLARENET, US. The main domain is bell-farley.hubstack.net.
TLS certificate: Issued by GTS CA 1P5 on October 5th 2023. Valid for: 3 months.
This is the only time bell-farley.hubstack.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    2606:4700:3032::ac43:c122 (United States)

ASN13335 (CLOUDFLARENET, US)
bell-farley.hubstack.net
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a04:4e42:8d::720 (United States)

ASN54113 (FASTLY, US)
images.unsplash.com
7    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
4    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    5.9.146.57 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.57.146.9.5.clients.your-server.de
cdn.eazyauction.de
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
Apex Domain
Subdomains		 Transfer
7 youtube.com
www.youtube.com — Cisco Umbrella Rank: 85
3 MB
6 hubstack.net
bell-farley.hubstack.net
40 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
jnn-pa.googleapis.com — Cisco Umbrella Rank: 237
33 KB
4 gstatic.com
fonts.gstatic.com
109 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
static.doubleclick.net — Cisco Umbrella Rank: 304
1 KB
2 unsplash.com
images.unsplash.com — Cisco Umbrella Rank: 6741
61 KB
1 eazyauction.de
cdn.eazyauction.de — Cisco Umbrella Rank: 431319
34 KB
26 7
Domain Requested by
7 www.youtube.com bell-farley.hubstack.net
www.youtube.com
6 bell-farley.hubstack.net 1 redirects bell-farley.hubstack.net
4 jnn-pa.googleapis.com www.youtube.com
4 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 images.unsplash.com bell-farley.hubstack.net
1 static.doubleclick.net www.youtube.com
1 cdn.eazyauction.de bell-farley.hubstack.net
1 fonts.googleapis.com bell-farley.hubstack.net
26 9

This site contains links to these domains. Also see Links.

Domain
hubstack.net
www.facebook.com
twitter.com
www.linkedin.com
www.pomeki.de
godofredo.ninja
Subject Issuer Validity Valid
hubstack.net
GTS CA 1P5		 2023-10-05 -
2024-01-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
images.unsplash.com
GlobalSign Atlas R3 DV TLS CA 2023 Q1		 2023-03-12 -
2024-04-12		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
eazyauction.de
R3		 2023-10-11 -
2024-01-09		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://bell-farley.hubstack.net/die-faszination-von-pokalen-eine-hommage-an-den-sieg/
Frame ID: 391F63AFC9B69398B8767EE689462EEE
Requests: 11 HTTP requests in this frame

Frame: https://www.youtube.com/embed/sG1JyM0rX3k
Frame ID: 3F26D40A07E783CC94CCDC099C26B0F5
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Die Faszination von Pokalen: Eine Hommage an den Sieg.

Page URL History Show full URLs

  1. https://bell-farley.hubstack.net/die-faszination-von-pokalen-eine-hommage-an-den-sieg HTTP 301
    https://bell-farley.hubstack.net/die-faszination-von-pokalen-eine-hommage-an-den-sieg/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

26
Requests

96 %
HTTPS

89 %
IPv6

7
Domains

9
Subdomains

10
IPs

2
Countries

3014 kB
Transfer

3795 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bell-farley.hubstack.net/die-faszination-von-pokalen-eine-hommage-an-den-sieg HTTP 301
    https://bell-farley.hubstack.net/die-faszination-von-pokalen-eine-hommage-an-den-sieg/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bell-farley.hubstack.net/die-faszination-von-pokalen-eine-hommage-an-den-sieg/
Redirect Chain
  • https://bell-farley.hubstack.net/die-faszination-von-pokalen-eine-hommage-an-den-sieg
  • https://bell-farley.hubstack.net/die-faszination-von-pokalen-eine-hommage-an-den-sieg/
41 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bell-farley.hubstack.net/die-faszination-von-pokalen-eine-hommage-an-den-sieg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
eb6dee9d66b931fb11b191f2f64ac0e57f70c2a2ae29cc471ea92c4ecad554e6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0
cf-cache-status
DYNAMIC
cf-ray
81565258fe5b90ec-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 13 Oct 2023 08:48:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dHodv6XiP1E7nIgk5bw5ZyGxIilaR5zscqvVI1oewSMGG830VlKWSSYKCXWsLjKIaaa01aHoKOoJr26vPFcRovdQ4pzGOahakFe%2BARoLWx4nPULCgTF7p70Gpl9zC6MbZv5MDtjnMDvkEMGmGDfZ4mmEEHjXwyk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
Express

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=31536000
cf-cache-status
DYNAMIC
cf-ray
815652583dba90ec-FRA
date
Fri, 13 Oct 2023 08:48:06 GMT
location
/die-faszination-von-pokalen-eine-hommage-an-den-sieg/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkbCROzkKoXl%2Fjj64UWMOsJI1c3ujUfgk2G6DUHUa%2Fy6NnyekOUtYq%2BVnhxS0VPzJbTlD%2B1sAsGCPtLgGWsDDclEfEYbMkzQjFKo5lXhTRCBuLd0P7ejmGGoMGafqDp2K9AxQzgghhwaEv90b7%2FaqF8I66UD54I%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
css2
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=PT+Serif:ital,wght@0,400;0,700;1,400&display=swap
Requested by
Host: bell-farley.hubstack.net
URL: https://bell-farley.hubstack.net/die-faszination-von-pokalen-eine-hommage-an-den-sieg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
15de2f7070acf6f23836811559f2289cb9267e4ee5404315ec7de21abb0a46a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bell-farley.hubstack.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 13 Oct 2023 08:48:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 08:48:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Oct 2023 08:48:06 GMT
main.css
bell-farley.hubstack.net/assets/styles/ 		44 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bell-farley.hubstack.net/assets/styles/main.css?v=0be63cfd77
Requested by
Host: bell-farley.hubstack.net
URL: https://bell-farley.hubstack.net/die-faszination-von-pokalen-eine-hommage-an-den-sieg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f8cc662191e0110205bbcb47df600abbeb50f3332ddb33739d795f49a7118959

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bell-farley.hubstack.net/die-faszination-von-pokalen-eine-hommage-an-den-sieg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:48:06 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 14 Dec 2022 12:37:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"afdf-18510a44258"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jT4UdpL0cO4BqAsygb%2FIXNrTcl4M7Kc0CollNXh8k3rp46BszVr8CqRxSeNiUOGx6%2Fvb%2FcIxB0mClkp1QFIRuNFr1ZoKLNiFDDfNnVb%2BvnpZijVYVRTVnqI1KCwVLWw5rxAInUs8Gbi%2BYchUG%2BGvYBnEgW6QwoA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=14400
cf-ray
8156525a1ffd362f-FRA
alt-svc
h3=":443"; ma=86400
cards.min.js
bell-farley.hubstack.net/public/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bell-farley.hubstack.net/public/cards.min.js?v=0be63cfd77
Requested by
Host: bell-farley.hubstack.net
URL: https://bell-farley.hubstack.net/die-faszination-von-pokalen-eine-hommage-an-den-sieg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7b1adc0636586712a85c1e426ec943c01638115eb6bcd58f593fd0984c0c4ac0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bell-farley.hubstack.net/die-faszination-von-pokalen-eine-hommage-an-den-sieg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:48:06 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"9e5964261251e02cc1d6dfb44e28481f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYCiyt6e7P2yPqZgHr2cn99Ip13XwaIEaqvBlWiJpFXVqN6YqmpXJNcs0UAfyKNX%2BvMSmjl%2FvrfbrHpuFXJpp1jmR9vDpIXTAVXsQao4kMCXWQMgz5G5fU0RXG6z0jWeYrBBljouqEA%2FFvxTBbXHti8z1GgPdaY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8156525a7878362f-FRA
alt-svc
h3=":443"; ma=86400
cards.min.css
bell-farley.hubstack.net/public/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bell-farley.hubstack.net/public/cards.min.css?v=0be63cfd77
Requested by
Host: bell-farley.hubstack.net
URL: https://bell-farley.hubstack.net/die-faszination-von-pokalen-eine-hommage-an-den-sieg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9e692a13239c25f564ca4e0c3f878ae6f3ffe1faa861581a61d1b2e3d2682407

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bell-farley.hubstack.net/die-faszination-von-pokalen-eine-hommage-an-den-sieg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:48:06 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"14afe209771f42a09ce98eb4029464f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XjJcEgi%2FD81t38czx8thpJTALv4KUGt4j%2BRY91zZI9DzxCIiAbAf70y5imycP0I8ceFiCA6euaHsJhThMV2kWYs9hmw51L5OR5y98Eepezg7XpNBIz0D6B9C65hOeT0SrvNZ4Es0fQ6rjuAg%2BQtve60pX%2Bp3u0U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
8156525a1fff362f-FRA
alt-svc
h3=":443"; ma=86400
photo-1587397845856-e6cf49176c70
images.unsplash.com/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.unsplash.com/photo-1587397845856-e6cf49176c70?crop=entropy&cs=tinysrgb&fit=crop&fm=jpg&h=400&ixid=MnwxfDB8MXxyYW5kb218MHx8ZmFjZXx8fHx8fDE2OTY5MjU2NjI&ixlib=rb-4.0.3&q=80&utm_campaign=api-credit&utm_medium=referral&utm_source=unsplash_source&w=400
Requested by
Host: bell-farley.hubstack.net
URL: https://bell-farley.hubstack.net/die-faszination-von-pokalen-eine-hommage-an-den-sieg/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
f2613bb463fed6c1004121038693a3f6a8f8354443be36f7cd09f0a58852b5fc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bell-farley.hubstack.net/die-faszination-von-pokalen-eine-hommage-an-den-sieg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:48:06 GMT
x-content-type-options
nosniff
age
2429723
x-cache
HIT, HIT
x-imgix-id
280e6c5eea61bffa9bd82815a233f4a37bee6a63
cross-origin-resource-policy
cross-origin
content-length
12563
x-served-by
cache-sjc1000113-SJC, cache-fra-eddf8230022-FRA
x-imgix-render-farm
01.139848
last-modified
Fri, 15 Sep 2023 05:52:43 GMT
server
imgix
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
photo-1587932775991-708a20af2cc2
images.unsplash.com/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.unsplash.com/photo-1587932775991-708a20af2cc2?crop=entropy&cs=tinysrgb&fit=crop&fm=jpg&h=600&ixid=MnwxfDB8MXxyYW5kb218MHx8cGhvdG98fHx8fHwxNjk3MDk5NTQz&ixlib=rb-4.0.3&q=80&utm_campaign=api-credit&utm_medium=referral&utm_source=unsplash_source&w=800
Requested by
Host: bell-farley.hubstack.net
URL: https://bell-farley.hubstack.net/die-faszination-von-pokalen-eine-hommage-an-den-sieg/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
da5f165be1dff1e7f6b5a9c58ce83a73a243ff2a8920f965301ca5a75294b6b8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bell-farley.hubstack.net/die-faszination-von-pokalen-eine-hommage-an-den-sieg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:48:06 GMT
x-content-type-options
nosniff
age
873514
x-cache
HIT, HIT
x-imgix-id
e590291456e78d8f9036a03b98ca64d73bc646e6
cross-origin-resource-policy
cross-origin
content-length
49407
x-served-by
cache-sjc1000137-SJC, cache-fra-eddf8230022-FRA
x-imgix-render-farm
01.140360
last-modified
Tue, 03 Oct 2023 06:09:32 GMT
server
imgix
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
post.js
bell-farley.hubstack.net/assets/scripts/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bell-farley.hubstack.net/assets/scripts/post.js?v=0be63cfd77
Requested by
Host: bell-farley.hubstack.net
URL: https://bell-farley.hubstack.net/die-faszination-von-pokalen-eine-hommage-an-den-sieg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e1764d00d17731f649015560a7e9a4d1c0bc0014866a4f9c02f48c53b4c89c74

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bell-farley.hubstack.net/die-faszination-von-pokalen-eine-hommage-an-den-sieg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:48:06 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 14 Dec 2022 12:37:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"5f4f-18510a4425c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u2aYDVADbGHRBlv5DuNmZYEdtCW7IAM4hth4rAl2xkFdD%2FpiLRU1TMp9rBIOl1vInInCcxiCoCkKdgaCnZZhpM5%2ByMoKaacpZrdZJNJC%2FF7C54UXdvSR8nvzi%2F4Dwg4TCj6q5lTguptWbeympS2y3TPjadRx1MM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400
cf-ray
8156525a1803362f-FRA
alt-svc
h3=":443"; ma=86400
sG1JyM0rX3k
www.youtube.com/embed/ Frame 3F26 		83 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/sG1JyM0rX3k
Requested by
Host: bell-farley.hubstack.net
URL: https://bell-farley.hubstack.net/die-faszination-von-pokalen-eine-hommage-an-den-sieg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3c792f6c7906a0b874d2cc86852e2ee6e40441c40ee7fef8b4dffb18819bb146
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bell-farley.hubstack.net/die-faszination-von-pokalen-eine-hommage-an-den-sieg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy-report-only
base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'report-sample' 'nonce-usyslIdqlGKYaNcGJkZLuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 08:48:06 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=PT+Serif:ital,wght@0,400;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bell-farley.hubstack.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 18:27:54 GMT
x-content-type-options
nosniff
age
51612
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 18:27:54 GMT
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=PT+Serif:ital,wght@0,400;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bell-farley.hubstack.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:12:56 GMT
x-content-type-options
nosniff
age
59710
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33116
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:52:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 16:12:56 GMT
750x581_b8f1838fcc8b51f36cd494cc62bf51f3ca6b2828.jpeg
cdn.eazyauction.de/f3/f352d1c4254a673fb9518425f3c34300308d409885a3c89518bbe93585775af26fe22b2078566174e1d22caa879ab2e4/img/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.eazyauction.de/f3/f352d1c4254a673fb9518425f3c34300308d409885a3c89518bbe93585775af26fe22b2078566174e1d22caa879ab2e4/img/750x581_b8f1838fcc8b51f36cd494cc62bf51f3ca6b2828.jpeg
Requested by
Host: bell-farley.hubstack.net
URL: https://bell-farley.hubstack.net/die-faszination-von-pokalen-eine-hommage-an-den-sieg/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.9.146.57 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.57.146.9.5.clients.your-server.de
Software
nginx /
Resource Hash
2e2f209cbaf61d4cc42ad79f2acd2f3f74545ba91c551866a90bdb473d09271f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bell-farley.hubstack.net/die-faszination-von-pokalen-eine-hommage-an-den-sieg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Fri, 13 Oct 2023 08:48:07 GMT
strict-transport-security
max-age=31536000; preload
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Sat, 12 Oct 2019 08:18:30 GMT
server
nginx
x-cache-status
HIT
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
34228
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
www-player.css
www.youtube.com/s/player/99faf012/ Frame 3F26 		378 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/99faf012/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/sG1JyM0rX3k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92223235bd2c02fa3eae38898c1fb05886c7261be48bc661939babfc0c2c59bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/embed/sG1JyM0rX3k
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 23:16:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
34307
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48960
x-xss-protection
0
last-modified
Wed, 11 Oct 2023 01:50:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 11 Oct 2024 23:16:20 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3F26 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/sG1JyM0rX3k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 02:58:03 GMT
x-content-type-options
nosniff
age
539404
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Oct 2024 02:58:03 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3F26 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/sG1JyM0rX3k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 18:06:30 GMT
x-content-type-options
nosniff
age
52897
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 18:06:30 GMT
embed.js
www.youtube.com/s/player/99faf012/player_ias.vflset/de_DE/ Frame 3F26 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/99faf012/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/sG1JyM0rX3k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4802499c63d2e6e19004b408bfb4852b15f9540311eee943c0bc2fd2a16f5949
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/embed/sG1JyM0rX3k
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 20:56:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
129075
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17074
x-xss-protection
0
last-modified
Wed, 11 Oct 2023 01:50:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 10 Oct 2024 20:56:52 GMT
www-embed-player.js
www.youtube.com/s/player/99faf012/www-embed-player.vflset/ Frame 3F26 		318 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/99faf012/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/sG1JyM0rX3k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8290ad40ac2027d9a1c629cbb0106fea28df654f181f97900f5a154a8a4d4858
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/embed/sG1JyM0rX3k
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 06:21:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
8818
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97303
x-xss-protection
0
last-modified
Wed, 11 Oct 2023 01:50:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 12 Oct 2024 06:21:09 GMT
base.js
www.youtube.com/s/player/99faf012/player_ias.vflset/de_DE/ Frame 3F26 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/99faf012/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/sG1JyM0rX3k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1d1ab20d78c80c5057b793854dacaf8b09d0221d5339fae079f7a64a4b861ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/embed/sG1JyM0rX3k
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 20:56:52 GMT
x-content-type-options
nosniff
age
129075
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2599100
x-xss-protection
0
last-modified
Wed, 11 Oct 2023 01:50:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 10 Oct 2024 20:56:52 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 3F26
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/sG1JyM0rX3k
Protocol
H2
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d3edcb36e2572539ad347f5fc5679c71c9f472ccfb79d1e8b55161f4426538a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:48:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 13 Oct 2023 08:48:07 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 3F26 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/99faf012/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:45:32 GMT
x-content-type-options
nosniff
age
155
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 13 Oct 2023 09:00:32 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 13 Oct 2023 08:48:07 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 3F26 		68 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/99faf012/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5f7f51c43189566a695c5e298792e2f22585efa647d454e8c25f9231c441633f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 13 Oct 2023 08:48:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31866
x-xss-protection
0
qoe
www.youtube.com/api/stats/ Frame 3F26 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?cpn=E4a7JUm52KS_IbJi&el=embedded&ns=yt&fexp=v1%2C23858057%2C125239%2C21348%2C2602%2C73492%2C54572%2C73455%2C153832%2C53694%2C23070%2C60173%2C9045%2C15519%2C25687%2C9542%2C1089%2C1791%2C4480%2C250%2C2950%2C26436294%2C3518%2C536%2C1253%2C677%2C14773%2C1333%2C2040%2C564%2C1534%2C2835%2C128%2C2168%2C859&cl=572338335&seq=1&event=streamingstats&docid=sG1JyM0rX3k&qclc=ChBFNGE3SlVtNTJLU19JYkppEAE&embargoed=0&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20231008.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth::0.000:0;a6s.0&vis=0.000:0&bh=0.000:0.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/99faf012/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/sG1JyM0rX3k
X-YouTube-Client-Version
1.20231008.00.00
X-YouTube-Time-Zone
Europe/Zurich
X-Goog-Visitor-Id
CgtRUnN5ZTdlUjRPOCjGiKSpBjIICgJDSBICGgA%3D
X-YouTube-Ad-Signals
dt=1697186887568&flash=0&frm=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C680%2C383&vis=1&wgl=true&ca_type=image

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 08:48:07 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 3F26 		315 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
79732e719d3286c3171632921f21a52b72a185503628894a87fb6e98844782a9

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 13 Oct 2023 08:48:08 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 3F26 		94 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/99faf012/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
56977d2ddb92cbd36cf1410ef7a6495408e89f2ae65e8f2b8d4033eb89c00dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 13 Oct 2023 08:48:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
114
x-xss-protection
0
log_event
www.youtube.com/youtubei/v1/ Frame 3F26 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/99faf012/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Request-Time
1697186889609
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/sG1JyM0rX3k
X-YouTube-Client-Version
1.20231008.00.00
X-YouTube-Time-Zone
Europe/Zurich
X-Goog-Visitor-Id
CgtRUnN5ZTdlUjRPOCjGiKSpBjIICgJDSBICGgA%3D
X-YouTube-Ad-Signals
dt=1697186887334&flash=0&frm=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C680%2C383&vis=1&wgl=true&ca_type=image

Response headers

date
Fri, 13 Oct 2023 08:48:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Fri, 13 Oct 2023 08:48:09 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| siteUrl string| siteSearch string| prismJs string| prismJsComponents object| lazySizes

2 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: dvCiZE4EfZY
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: QRsye7eR4O8

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bell-farley.hubstack.net
cdn.eazyauction.de
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.unsplash.com
jnn-pa.googleapis.com
static.doubleclick.net
www.youtube.com
2606:4700:3032::ac43:c122
2a00:1450:4001:800::200a
2a00:1450:4001:810::2006
2a00:1450:4001:81c::200e
2a00:1450:4001:828::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a04:4e42:8d::720
5.9.146.57
15de2f7070acf6f23836811559f2289cb9267e4ee5404315ec7de21abb0a46a3
2e2f209cbaf61d4cc42ad79f2acd2f3f74545ba91c551866a90bdb473d09271f
3c792f6c7906a0b874d2cc86852e2ee6e40441c40ee7fef8b4dffb18819bb146
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
4802499c63d2e6e19004b408bfb4852b15f9540311eee943c0bc2fd2a16f5949
56977d2ddb92cbd36cf1410ef7a6495408e89f2ae65e8f2b8d4033eb89c00dce
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5f7f51c43189566a695c5e298792e2f22585efa647d454e8c25f9231c441633f
79732e719d3286c3171632921f21a52b72a185503628894a87fb6e98844782a9
7b1adc0636586712a85c1e426ec943c01638115eb6bcd58f593fd0984c0c4ac0
8290ad40ac2027d9a1c629cbb0106fea28df654f181f97900f5a154a8a4d4858
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
92223235bd2c02fa3eae38898c1fb05886c7261be48bc661939babfc0c2c59bc
9e692a13239c25f564ca4e0c3f878ae6f3ffe1faa861581a61d1b2e3d2682407
c1d1ab20d78c80c5057b793854dacaf8b09d0221d5339fae079f7a64a4b861ba
d3edcb36e2572539ad347f5fc5679c71c9f472ccfb79d1e8b55161f4426538a5
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
da5f165be1dff1e7f6b5a9c58ce83a73a243ff2a8920f965301ca5a75294b6b8
e1764d00d17731f649015560a7e9a4d1c0bc0014866a4f9c02f48c53b4c89c74
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb6dee9d66b931fb11b191f2f64ac0e57f70c2a2ae29cc471ea92c4ecad554e6
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f2613bb463fed6c1004121038693a3f6a8f8354443be36f7cd09f0a58852b5fc
f8cc662191e0110205bbcb47df600abbeb50f3332ddb33739d795f49a7118959