urlscan.io logo urlscan.io
SecurityTrails logo

ladycelt.net Open in urlscan Pro
173.254.29.33  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.ebay.ladycelt.net/
Effective URL: http://ladycelt.net/
Submission: On March 15 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 14 domains to perform 38 HTTP transactions. The main IP is 173.254.29.33, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is ladycelt.net.
This is the only time ladycelt.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

11    173.254.29.33 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: just2056.justhost.com
www.ebay.ladycelt.net
www.ladycelt.net
ladycelt.net
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    89.207.16.75 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
www.awltovhc.com
cj.dotomi.com
www.emjcd.com
www.lduhtrp.net
3    95.100.71.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-71-219.deploy.static.akamaitechnologies.com
www.yceml.net
2    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
9    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:803::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
11 ladycelt.net
www.ebay.ladycelt.net
www.ladycelt.net
ladycelt.net
208 KB
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 82
844 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
102 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
jnn-pa.googleapis.com — Cisco Umbrella Rank: 215
31 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 32
static.doubleclick.net — Cisco Umbrella Rank: 241
1 KB
3 yceml.net
www.yceml.net — Cisco Umbrella Rank: 23882
37 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 25
20 KB
2 awltovhc.com
www.awltovhc.com — Cisco Umbrella Rank: 69938
994 B
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 226
3 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 102
19 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
14 KB
1 lduhtrp.net
www.lduhtrp.net — Cisco Umbrella Rank: 101682
423 B
1 emjcd.com
www.emjcd.com — Cisco Umbrella Rank: 14744
792 B
1 dotomi.com
cj.dotomi.com — Cisco Umbrella Rank: 14829
966 B
38 14
Domain Requested by
9 www.youtube.com ladycelt.net
www.youtube.com
9 ladycelt.net ladycelt.net
4 jnn-pa.googleapis.com www.youtube.com
4 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
3 www.yceml.net ladycelt.net
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 www.google-analytics.com ladycelt.net
www.google-analytics.com
2 www.awltovhc.com 2 redirects
1 www.gstatic.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 www.lduhtrp.net 1 redirects
1 www.emjcd.com 1 redirects
1 cj.dotomi.com 1 redirects
1 fonts.googleapis.com ladycelt.net
1 www.ladycelt.net 1 redirects
1 www.ebay.ladycelt.net 1 redirects
38 19
Subject Issuer Validity Valid
*.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://ladycelt.net/
Frame ID: 10F0D8B35119FA09DB6240DA62725B52
Requests: 17 HTTP requests in this frame

Frame: https://www.youtube.com/embed/niRUYlMDKsU?feature=oembed
Frame ID: 5E6FCFD9E5E3C35170F8781A004F02F6
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Welcome to LadyCelt's Den | From the creative to the practical, these tips and tricks from a designer, marketer, coder, crafter, photographer, and coffee lover aim to help you find joy, inspiration, and easier ways to manage many everday tech challenges.

Page URL History Show full URLs

  1. https://www.ebay.ladycelt.net/ HTTP 301
    http://www.ladycelt.net/ HTTP 301
    http://ladycelt.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

38
Requests

55 %
HTTPS

80 %
IPv6

14
Domains

19
Subdomains

15
IPs

3
Countries

1278 kB
Transfer

3707 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.ebay.ladycelt.net/ HTTP 301
    http://www.ladycelt.net/ HTTP 301
    http://ladycelt.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://www.awltovhc.com/image-6059793-10414544 HTTP 302
  • https://cj.dotomi.com/hh104iw-2G/qx1/w-u/FEIFIJII/KEJNLNH/E/E/E/E/E?d=n%3c%3cr33z%3A%2F%2F666.k6v3y5rm.myw%2Fswkqo-GAFJHJD-BAEBEFEE%3c%3cQ%3cr33z%3A%2F%2Fvkn8mov3.xo3%2F%3c%3cB%3cB%3cA%3cA%3cA%3c HTTP 302
  • https://www.emjcd.com/bj108jy14K/sz3/y1w/HGKHKLKK/MGLPNPJ/G/KGGHGLHGJGLMHMNLOP:fSuO1kexTO26/G/G/G?e=c%3c%3c3FFB%3A%2F%2FIII.wI7FAH3y.yA8%2F48w20-SMRVTVP-NMQNQRQQ%3c%3cc%3c3FFB%3A%2F%2F7wzKy07F.90F%2F%3c1P0ROO1y-RN10-QwMQ-UQVw-1TROQRSTMVwN%3cN%3cN%3cM%3cM%3cM%3c HTTP 302
  • https://www.yceml.net/0464/10414544-1598889213897
Request Chain 4
  • http://www.lduhtrp.net/image-6059793-10947932 HTTP 302
  • http://www.yceml.net/0348/10947932-1447855238290
Request Chain 5
  • http://www.awltovhc.com/image-6059793-11146261 HTTP 302
  • http://www.yceml.net/0021/11146261-1417820397822
Request Chain 7
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 23
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ladycelt.net/
Redirect Chain
  • https://www.ebay.ladycelt.net/
  • http://www.ladycelt.net/
  • http://ladycelt.net/
18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ladycelt.net/
Protocol
HTTP/1.1
Server
173.254.29.33 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
just2056.justhost.com
Software
Apache /
Resource Hash
5a7724f162c6142615fea170205b5b3f02c7c16794550b24292fe9069253b86e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Upgrade, Keep-Alive
Content-Encoding
gzip
Content-Length
6983
Content-Type
text/html; charset=UTF-8
Date
Wed, 15 Mar 2023 10:34:12 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=75
Link
<http://ladycelt.net/wp-json/>; rel="https://api.w.org/"
Pragma
no-cache
Server
Apache
Upgrade
h2,h2c
Vary
Accept-Encoding

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Upgrade, Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Wed, 15 Mar 2023 10:34:12 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=75
Location
http://ladycelt.net/
Pragma
no-cache
Server
Apache
Upgrade
h2,h2c
style.css
ladycelt.net/wp/wp-content/themes/dusk-to-dawn/ 		25 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ladycelt.net/wp/wp-content/themes/dusk-to-dawn/style.css?ver=4.4.29
Requested by
Host: ladycelt.net
URL: http://ladycelt.net/
Protocol
HTTP/1.1
Server
173.254.29.33 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
just2056.justhost.com
Software
Apache /
Resource Hash
6f2d6fa694d5b66bace4d4aa9f5325ee18c37a32161888be4620be228d48978d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ladycelt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Wed, 15 Mar 2023 10:34:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Aug 2015 22:02:46 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
Content-Length
8567
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Ubuntu%3A300%2C400%2C700&ver=4.4.29
Requested by
Host: ladycelt.net
URL: http://ladycelt.net/
Protocol
HTTP/1.1
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
969013493af8c19a240354f6ff50b0ba498fe3e660f21059e344ee8298017a2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ladycelt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Wed, 15 Mar 2023 10:34:12 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Wed, 15 Mar 2023 10:34:12 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Wed, 15 Mar 2023 10:34:12 GMT
audio.js
ladycelt.net/wp/wp-content/themes/dusk-to-dawn/js/ 		581 B
624 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ladycelt.net/wp/wp-content/themes/dusk-to-dawn/js/audio.js?ver=20120315
Requested by
Host: ladycelt.net
URL: http://ladycelt.net/
Protocol
HTTP/1.1
Server
173.254.29.33 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
just2056.justhost.com
Software
Apache /
Resource Hash
39007503a69caed0a9e9cf3c4b95fd0dace5485bb9e175f654590d664273a6b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ladycelt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Wed, 15 Mar 2023 10:34:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Aug 2015 22:02:46 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
application/javascript
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
297
10414544-1598889213897
www.yceml.net/0464/
Redirect Chain
  • http://www.awltovhc.com/image-6059793-10414544
  • https://cj.dotomi.com/hh104iw-2G/qx1/w-u/FEIFIJII/KEJNLNH/E/E/E/E/E?d=n%3c%3cr33z%3A%2F%2F666.k6v3y5rm.myw%2Fswkqo-GAFJHJD-BAEBEFEE%3c%3cQ%3cr33z%3A%2F%2Fvkn8mov3.xo3%2F%3c%3cB%3cB%3cA%3cA%3cA%3c
  • https://www.emjcd.com/bj108jy14K/sz3/y1w/HGKHKLKK/MGLPNPJ/G/KGGHGLHGJGLMHMNLOP:fSuO1kexTO26/G/G/G?e=c%3c%3c3FFB%3A%2F%2FIII.wI7FAH3y.yA8%2F48w20-SMRVTVP-NMQNQRQQ%3c%3cc%3c3FFB%3A%2F%2F7wzKy07F.90F%...
  • https://www.yceml.net/0464/10414544-1598889213897
6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yceml.net/0464/10414544-1598889213897
Requested by
Host: ladycelt.net
URL: http://ladycelt.net/
Protocol
HTTP/1.1
Server
95.100.71.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-71-219.deploy.static.akamaitechnologies.com
Software
Resin/4.0.66 /
Resource Hash
c42d8d9927674aafdfd19e092cb0f112c03dc2c2c07fca9cc426ca31922e852f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ladycelt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Wed, 15 Mar 2023 10:34:14 GMT
X-VC-HTTPS
On
Cache-Control
max-age=604747
Server
Resin/4.0.66
Connection
keep-alive
Content-Length
5656
Expires
Wed, 22 Mar 2023 10:33:21 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 15 Mar 2023 10:34:14 GMT
Server
Resin/4.0.66
Content-Type
text/html; charset=utf-8
Location
https://www.yceml.net/0464/10414544-1598889213897
P3P
policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
Cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-VC-HTTPS
On
Content-Length
87
Expires
Wed, 15 Mar 2023 10:34:14 GMT
10947932-1447855238290
www.yceml.net/0348/
Redirect Chain
  • http://www.lduhtrp.net/image-6059793-10947932
  • http://www.yceml.net/0348/10947932-1447855238290
19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.yceml.net/0348/10947932-1447855238290
Requested by
Host: ladycelt.net
URL: http://ladycelt.net/
Protocol
HTTP/1.1
Server
95.100.71.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-71-219.deploy.static.akamaitechnologies.com
Software
Resin/4.0.66 /
Resource Hash
296ac4fd6307a73b773cc1869536c607094e3b083aa9b54f3b2b49ddfb5884ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ladycelt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Wed, 15 Mar 2023 10:34:13 GMT
Cache-Control
max-age=604800
Server
Resin/4.0.66
Connection
keep-alive
Content-Length
19030
Expires
Wed, 22 Mar 2023 10:34:13 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 15 Mar 2023 10:34:13 GMT
Server
Resin/4.0.66
Content-Type
text/html; charset=utf-8
Location
http://www.yceml.net/0348/10947932-1447855238290
P3P
policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
Cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
86
Expires
Wed, 15 Mar 2023 10:34:13 GMT
11146261-1417820397822
www.yceml.net/0021/
Redirect Chain
  • http://www.awltovhc.com/image-6059793-11146261
  • http://www.yceml.net/0021/11146261-1417820397822
13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.yceml.net/0021/11146261-1417820397822
Requested by
Host: ladycelt.net
URL: http://ladycelt.net/
Protocol
HTTP/1.1
Server
95.100.71.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-71-219.deploy.static.akamaitechnologies.com
Software
Resin/4.0.66 /
Resource Hash
0d9c9b29f82eca3354feb295cb64549f9696afecb220427a861423310ed68d5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ladycelt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Wed, 15 Mar 2023 10:34:13 GMT
Cache-Control
max-age=604799
Server
Resin/4.0.66
Connection
keep-alive
Content-Length
13099
Expires
Wed, 22 Mar 2023 10:34:12 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 15 Mar 2023 10:34:13 GMT
Server
Resin/4.0.66
Content-Type
text/html; charset=utf-8
Location
http://www.yceml.net/0021/11146261-1417820397822
P3P
policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
Cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
86
Expires
Wed, 15 Mar 2023 10:34:13 GMT
wp-embed.min.js
ladycelt.net/wp/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ladycelt.net/wp/wp-includes/js/wp-embed.min.js?ver=4.4.29
Requested by
Host: ladycelt.net
URL: http://ladycelt.net/
Protocol
HTTP/1.1
Server
173.254.29.33 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
just2056.justhost.com
Software
Apache /
Resource Hash
4114f99c5992bab27f43ae5e3c7c196ce63fac0b4b43915af913c1a30ca1f3da

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ladycelt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Wed, 15 Mar 2023 10:34:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 May 2021 03:08:47 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=73
Content-Length
745
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ladycelt.net
URL: http://ladycelt.net/
Protocol
H2
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ladycelt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 15 Mar 2023 10:14:45 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
1168
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Wed, 15 Mar 2023 12:14:45 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
niRUYlMDKsU
www.youtube.com/embed/ Frame 5E6F 		69 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/niRUYlMDKsU?feature=oembed
Requested by
Host: ladycelt.net
URL: http://ladycelt.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6fac8396ccefeb84362e5f5e89898a23cb8c2658ab57833f710442ef58b539e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ladycelt.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Mar 2023 10:34:13 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
texture.png
ladycelt.net/wp/wp-content/themes/dusk-to-dawn/images/ 		128 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ladycelt.net/wp/wp-content/themes/dusk-to-dawn/images/texture.png
Requested by
Host: ladycelt.net
URL: http://ladycelt.net/wp/wp-content/themes/dusk-to-dawn/style.css?ver=4.4.29
Protocol
HTTP/1.1
Server
173.254.29.33 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
just2056.justhost.com
Software
Apache /
Resource Hash
60792f20fd2fed7b05716251160b89a281d960d6343f2a72f863dc015cd04647

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ladycelt.net/wp/wp-content/themes/dusk-to-dawn/style.css?ver=4.4.29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Wed, 15 Mar 2023 10:34:13 GMT
Last-Modified
Tue, 25 Aug 2015 22:02:46 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
Content-Length
131412
ornaments-bottom.png
ladycelt.net/wp/wp-content/themes/dusk-to-dawn/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ladycelt.net/wp/wp-content/themes/dusk-to-dawn/images/ornaments-bottom.png
Requested by
Host: ladycelt.net
URL: http://ladycelt.net/wp/wp-content/themes/dusk-to-dawn/style.css?ver=4.4.29
Protocol
HTTP/1.1
Server
173.254.29.33 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
just2056.justhost.com
Software
Apache /
Resource Hash
37b6c9600f37ee3b992149f15281d92ecb59e70128273123f4c521ce298ac724

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ladycelt.net/wp/wp-content/themes/dusk-to-dawn/style.css?ver=4.4.29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Wed, 15 Mar 2023 10:34:13 GMT
Last-Modified
Tue, 25 Aug 2015 22:02:46 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=72
Content-Length
3472
ornaments-rs.png
ladycelt.net/wp/wp-content/themes/dusk-to-dawn/images/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ladycelt.net/wp/wp-content/themes/dusk-to-dawn/images/ornaments-rs.png
Requested by
Host: ladycelt.net
URL: http://ladycelt.net/wp/wp-content/themes/dusk-to-dawn/style.css?ver=4.4.29
Protocol
HTTP/1.1
Server
173.254.29.33 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
just2056.justhost.com
Software
Apache /
Resource Hash
c6f19af7e1a80807492cb393f21a311ed09bee9ec7911db87752e8db26778ab2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ladycelt.net/wp/wp-content/themes/dusk-to-dawn/style.css?ver=4.4.29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Wed, 15 Mar 2023 10:34:13 GMT
Last-Modified
Tue, 25 Aug 2015 22:02:46 GMT
Server
Apache
Upgrade
h2,h2c
Content-Type
image/png
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
56662
page-rs.gif
ladycelt.net/wp/wp-content/themes/dusk-to-dawn/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ladycelt.net/wp/wp-content/themes/dusk-to-dawn/images/page-rs.gif
Requested by
Host: ladycelt.net
URL: http://ladycelt.net/wp/wp-content/themes/dusk-to-dawn/style.css?ver=4.4.29
Protocol
HTTP/1.1
Server
173.254.29.33 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
just2056.justhost.com
Software
Apache /
Resource Hash
f23b774b650c1886a520e1279a1423fa2a9ea8bc221245f8904f5d391cbee3db

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ladycelt.net/wp/wp-content/themes/dusk-to-dawn/style.css?ver=4.4.29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Wed, 15 Mar 2023 10:34:13 GMT
Last-Modified
Tue, 25 Aug 2015 22:02:46 GMT
Server
Apache
Upgrade
h2,h2c
Content-Type
image/gif
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
1133
widget_heading.png
ladycelt.net/wp/wp-content/themes/dusk-to-dawn/images/ 		220 B
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ladycelt.net/wp/wp-content/themes/dusk-to-dawn/images/widget_heading.png
Requested by
Host: ladycelt.net
URL: http://ladycelt.net/wp/wp-content/themes/dusk-to-dawn/style.css?ver=4.4.29
Protocol
HTTP/1.1
Server
173.254.29.33 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
just2056.justhost.com
Software
Apache /
Resource Hash
12ae720d30dd09f527af2849feb1f44a43f861688e5bf0ab09ad1b139fce9773

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ladycelt.net/wp/wp-content/themes/dusk-to-dawn/style.css?ver=4.4.29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Wed, 15 Mar 2023 10:34:13 GMT
Last-Modified
Tue, 25 Aug 2015 22:02:46 GMT
Server
Apache
Upgrade
h2,h2c
Content-Type
image/png
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
220
4iCv6KVjbNBYlgoC1CzjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoC1CzjsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Ubuntu%3A300%2C400%2C700&ver=4.4.29
Protocol
HTTP/1.1
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://ladycelt.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Wed, 08 Mar 2023 20:30:40 GMT
X-Content-Type-Options
nosniff
Age
569013
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
38752
X-XSS-Protection
0
Last-Modified
Wed, 27 Apr 2022 17:04:53 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Thu, 07 Mar 2024 20:30:40 GMT
4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Ubuntu%3A300%2C400%2C700&ver=4.4.29
Protocol
HTTP/1.1
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://ladycelt.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 10 Mar 2023 22:19:31 GMT
X-Content-Type-Options
nosniff
Age
389682
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
29752
X-XSS-Protection
0
Last-Modified
Wed, 27 Apr 2022 17:05:11 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sat, 09 Mar 2024 22:19:31 GMT
collect
www.google-analytics.com/j/ 		3 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1741450161&t=pageview&_s=1&dl=http%3A%2F%2Fladycelt.net%2F&ul=en-us&de=UTF-8&dt=Welcome%20to%20LadyCelt%27s%20Den%20%7C%20From%20the%20creative%20to%20the%20practical%2C%20these%20tips%20and%20tricks%20from%20a%20designer%2C%20marketer%2C%20coder%2C%20crafter%2C%20photographer%2C%20and%20coffee%20lover%20aim%20to%20help%20you%20find%20joy%2C%20inspiration%2C%20and%20easier%20ways%20to%20manage%20many%20everday%20tech%20challenges.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABCAAAACAAI~&jid=16454290&gjid=1504401277&cid=275745377.1678876453&tid=UA-372455-1&_gid=790295795.1678876453&_r=1&_slc=1&z=1263330418
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://ladycelt.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 15 Mar 2023 10:34:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://ladycelt.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-player.css
www.youtube.com/s/player/837bca82/ Frame 5E6F 		399 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/837bca82/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/niRUYlMDKsU?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
627b65348371145aaabe55e47cd88f930ac1deceee9035c225e2599620b31809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/niRUYlMDKsU?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 06:14:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
15607
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51796
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 00:17:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 14 Mar 2024 06:14:06 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5E6F 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/niRUYlMDKsU?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 20:18:07 GMT
x-content-type-options
nosniff
age
51366
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Mar 2024 20:18:07 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5E6F 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/niRUYlMDKsU?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 09:54:53 GMT
x-content-type-options
nosniff
age
520760
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Mar 2024 09:54:53 GMT
www-embed-player.js
www.youtube.com/s/player/837bca82/www-embed-player.vflset/ Frame 5E6F 		346 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/837bca82/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/niRUYlMDKsU?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e4d695ebaa1b96bdc35fcb585618254612d65a5dc6506369f797765a3bf6f71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/niRUYlMDKsU?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 08:30:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
7447
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110010
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 00:17:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 14 Mar 2024 08:30:06 GMT
base.js
www.youtube.com/s/player/837bca82/player_ias.vflset/de_DE/ Frame 5E6F 		2 MB
609 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/837bca82/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/niRUYlMDKsU?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
785c806c7cd855125e23d95df19a3d68d231f50e997fd309a0788cb951038363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/niRUYlMDKsU?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 15:53:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
153633
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
623324
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 00:17:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 12 Mar 2024 15:53:40 GMT
fetch-polyfill.js
www.youtube.com/s/player/837bca82/fetch-polyfill.vflset/ Frame 5E6F 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/837bca82/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/niRUYlMDKsU?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/niRUYlMDKsU?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 10:20:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
844
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2786
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 00:17:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 14 Mar 2024 10:20:09 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 5E6F
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/niRUYlMDKsU?feature=oembed
Protocol
H2
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77812156695e8d3060e327cf1fddbe02d2c3353417120c97a6e916867509091c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 10:34:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 15 Mar 2023 10:34:13 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 5E6F 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/837bca82/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 10:23:31 GMT
x-content-type-options
nosniff
age
642
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 15 Mar 2023 10:38:31 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 15 Mar 2023 10:34:13 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 5E6F 		65 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/837bca82/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4f4e55d1b4b69815f6eae25faac19b866b23eaafd85ad3a53c0c22b70cea963c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 15 Mar 2023 10:34:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30521
x-xss-protection
0
remote.js
www.youtube.com/s/player/837bca82/player_ias.vflset/de_DE/ Frame 5E6F 		116 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/837bca82/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/837bca82/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed62e2862bcda2b395e6abd9669043eb155fe8bede25991278b2778a480a3c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/niRUYlMDKsU?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 15:53:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
153633
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36495
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 00:17:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 12 Mar 2024 15:53:40 GMT
GCBvWy_yb866hkOUIGxUHdK41VpQSXIVky7cQUZngWQ.js
www.google.com/js/th/ Frame 5E6F 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/GCBvWy_yb866hkOUIGxUHdK41VpQSXIVky7cQUZngWQ.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/837bca82/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18206f5b2ff26fceba864394206c541dd2b8d55a50497215932edc4146678164
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 06:05:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
16100
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14145
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 11:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Mar 2024 06:05:53 GMT
sddefault.jpg
i.ytimg.com/vi/niRUYlMDKsU/ Frame 5E6F 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/niRUYlMDKsU/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGH8gIygYMA8=&rs=AOn4CLDeye8XYoF7TCWHKUN14Um3MwNZMw
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/niRUYlMDKsU?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13fae48e8881a636518f5644b40569c93e3dbac3b530c03fb22acbcf662636df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 10:34:13 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18907
x-xss-protection
0
server
sffe
etag
"1429652754"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 15 Mar 2023 12:34:13 GMT
embed.js
www.youtube.com/s/player/837bca82/player_ias.vflset/de_DE/ Frame 5E6F 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/837bca82/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/837bca82/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5563ac01b57cf33d9cb438e4d52048cea52b54e1777fee36e7ea10341cb4a60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/niRUYlMDKsU?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 15:54:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
153554
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8684
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 00:17:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 12 Mar 2024 15:54:59 GMT
truncated
/ Frame 5E6F 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
AL5GRJWXUlft20J2jqKetNGPBH-RKpwTM9mUh7ccqgnw-g=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 5E6F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AL5GRJWXUlft20J2jqKetNGPBH-RKpwTM9mUh7ccqgnw-g=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/niRUYlMDKsU?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f7b4e82e463f20b373d55804383a1d5a524adab875bf1f075050e2cc0602133a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 06:51:37 GMT
x-content-type-options
nosniff
age
13356
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2572
x-xss-protection
0
server
fife
etag
"v220"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 03 Mar 2023 11:35:14 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 5E6F 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/837bca82/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 10:34:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 15 Mar 2023 10:34:13 GMT
generate_204
www.youtube.com/ Frame 5E6F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?r-m08g
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/niRUYlMDKsU?feature=oembed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/niRUYlMDKsU?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 10:34:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 5E6F 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/837bca82/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e8a09af9074ac4b13e38787d4aebc69fa9e70d313ac485bff934ae70fb002d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 15 Mar 2023 10:34:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 15 Mar 2023 10:34:13 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
log_event
www.youtube.com/youtubei/v1/ Frame 5E6F 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/837bca82/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
X-Goog-Request-Time
1678876455984
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/niRUYlMDKsU?feature=oembed
X-YouTube-Client-Version
1.20230312.00.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgswaWdQdi12UEdEZyilvsagBg%3D%3D
X-YouTube-Ad-Signals
dt=1678876453578&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C474%2C267&vis=1&wgl=true&ca_type=image

Response headers

date
Wed, 15 Mar 2023 10:34:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Wed, 15 Mar 2023 10:34:16 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| _wpemojiSettings string| GoogleAnalyticsObject function| __gaTracker object| wp object| google_tag_data object| gaplugins object| gaGlobal object| gaData

10 Cookies

Domain/Path Name / Value
www.ladycelt.net/ Name: PHPSESSID
Value: a57f3184d00cd86a75fc6904161057e3
ladycelt.net/ Name: PHPSESSID
Value: 6e82f2c82db257295507f1f365c8a6f7
.ladycelt.net/ Name: _ga
Value: GA1.2.275745377.1678876453
.ladycelt.net/ Name: _gid
Value: GA1.2.790295795.1678876453
.ladycelt.net/ Name: _gat
Value: 1
.youtube.com/ Name: YSC
Value: hBheTTp-UhA
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 0igPv-vPGDg
.dotomi.com/ Name: cjae
Value: PCe8mUOhD8nr
.dotomi.com/ Name: DotomiUser
Value: 400105103056167589$0$1
.emjcd.com/ Name: S
Value: 400105103056167589:PCe8mUOhD8nr

1 Console Messages

Source Level URL
Text
rendering warning URL: http://ladycelt.net/(Line 19)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cj.dotomi.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
ladycelt.net
static.doubleclick.net
www.awltovhc.com
www.ebay.ladycelt.net
www.emjcd.com
www.google-analytics.com
www.google.com
www.gstatic.com
www.ladycelt.net
www.lduhtrp.net
www.yceml.net
www.youtube.com
yt3.ggpht.com
173.254.29.33
2001:4860:4802:32::178
2a00:1450:4001:803::2002
2a00:1450:4001:803::2016
2a00:1450:4001:806::2001
2a00:1450:4001:810::200e
2a00:1450:4001:811::2006
2a00:1450:4001:812::200a
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a00:1450:4001:831::2003
89.207.16.75
95.100.71.219
0d9c9b29f82eca3354feb295cb64549f9696afecb220427a861423310ed68d5e
12ae720d30dd09f527af2849feb1f44a43f861688e5bf0ab09ad1b139fce9773
13fae48e8881a636518f5644b40569c93e3dbac3b530c03fb22acbcf662636df
18206f5b2ff26fceba864394206c541dd2b8d55a50497215932edc4146678164
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
296ac4fd6307a73b773cc1869536c607094e3b083aa9b54f3b2b49ddfb5884ac
37b6c9600f37ee3b992149f15281d92ecb59e70128273123f4c521ce298ac724
39007503a69caed0a9e9cf3c4b95fd0dace5485bb9e175f654590d664273a6b8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4114f99c5992bab27f43ae5e3c7c196ce63fac0b4b43915af913c1a30ca1f3da
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4f4e55d1b4b69815f6eae25faac19b866b23eaafd85ad3a53c0c22b70cea963c
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a7724f162c6142615fea170205b5b3f02c7c16794550b24292fe9069253b86e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
60792f20fd2fed7b05716251160b89a281d960d6343f2a72f863dc015cd04647
627b65348371145aaabe55e47cd88f930ac1deceee9035c225e2599620b31809
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6f2d6fa694d5b66bace4d4aa9f5325ee18c37a32161888be4620be228d48978d
6fac8396ccefeb84362e5f5e89898a23cb8c2658ab57833f710442ef58b539e8
77812156695e8d3060e327cf1fddbe02d2c3353417120c97a6e916867509091c
785c806c7cd855125e23d95df19a3d68d231f50e997fd309a0788cb951038363
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7e4d695ebaa1b96bdc35fcb585618254612d65a5dc6506369f797765a3bf6f71
969013493af8c19a240354f6ff50b0ba498fe3e660f21059e344ee8298017a2e
a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609
c42d8d9927674aafdfd19e092cb0f112c03dc2c2c07fca9cc426ca31922e852f
c5563ac01b57cf33d9cb438e4d52048cea52b54e1777fee36e7ea10341cb4a60
c6f19af7e1a80807492cb393f21a311ed09bee9ec7911db87752e8db26778ab2
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8a09af9074ac4b13e38787d4aebc69fa9e70d313ac485bff934ae70fb002d0e
ed62e2862bcda2b395e6abd9669043eb155fe8bede25991278b2778a480a3c37
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f23b774b650c1886a520e1279a1423fa2a9ea8bc221245f8904f5d391cbee3db
f7b4e82e463f20b373d55804383a1d5a524adab875bf1f075050e2cc0602133a