urlscan.io logo urlscan.io
SecurityTrails logo

www.thatshaman.com Open in urlscan Pro
68.65.122.146  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.thatshaman.com/
Effective URL: https://www.thatshaman.com/
Submission: On October 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 51 HTTP transactions. The main IP is 68.65.122.146, located in New Kensington, United States and belongs to NAMECHEAP-NET, US. The main domain is www.thatshaman.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 14th 2022. Valid for: a year.
This is the only time www.thatshaman.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    68.65.122.146 (New Kensington, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server168-3.web-hosting.com
www.thatshaman.com
2    52.222.206.206 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-206.fra56.r.cloudfront.net
d1h9a8s8eodvjz.cloudfront.net
19    146.75.116.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
8    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:811::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
19 imgur.com
i.imgur.com — Cisco Umbrella Rank: 7529
1 MB
10 thatshaman.com
www.thatshaman.com
341 KB
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 85
1019 KB
4 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 237
32 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
48 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
static.doubleclick.net — Cisco Umbrella Rank: 304
1 KB
2 cloudfront.net
d1h9a8s8eodvjz.cloudfront.net
27 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 224
3 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 104
69 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
15 KB
51 10
Domain Requested by
19 i.imgur.com www.thatshaman.com
10 www.thatshaman.com 1 redirects www.thatshaman.com
8 www.youtube.com www.thatshaman.com
www.youtube.com
4 jnn-pa.googleapis.com www.youtube.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 fonts.gstatic.com www.youtube.com
2 d1h9a8s8eodvjz.cloudfront.net www.thatshaman.com
d1h9a8s8eodvjz.cloudfront.net
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
51 12

This site contains links to these domains. Also see Links.

Domain
twitter.com
mstdn.social
discord.com
www.youtube.com
www.reddit.com
github.com
Subject Issuer Validity Valid
thatshaman.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-13 -
2024-03-12		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.thatshaman.com/
Frame ID: 1B66972E8AACF5E12E1C88FB48098735
Requests: 30 HTTP requests in this frame

Frame: https://www.youtube.com/embed/YcKrSTX3QQI
Frame ID: 2AF3761D53D75A67BE1C369D5F42F741
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

that_shaman - Everything Guild Wars 2 (when in doubt consult Aurene)

Page URL History Show full URLs

  1. http://www.thatshaman.com/ HTTP 301
    https://www.thatshaman.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

51
Requests

98 %
HTTPS

75 %
IPv6

10
Domains

12
Subdomains

13
IPs

2
Countries

2739 kB
Transfer

5401 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.thatshaman.com/ HTTP 301
    https://www.thatshaman.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.thatshaman.com/
Redirect Chain
  • http://www.thatshaman.com/
  • https://www.thatshaman.com/
21 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.thatshaman.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.122.146 New Kensington, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server168-3.web-hosting.com
Software
LiteSpeed / PHP/8.0.30
Resource Hash
5f538ad48ef0bc9605aae4eaa81dc7be4e045ddc4f857374baac526412be4bfa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 17 Oct 2023 12:33:08 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
x-cached
1
x-powered-by
PHP/8.0.30
x-turbo-charged-by
LiteSpeed

Redirect headers

content-length
707
content-type
text/html
date
Tue, 17 Oct 2023 12:33:08 GMT
keep-alive
timeout=5, max=100
location
https://www.thatshaman.com/
server
LiteSpeed
x-turbo-charged-by
LiteSpeed
menomonia.css
d1h9a8s8eodvjz.cloudfront.net/fonts/menomonia/08-02-12/ 		515 B
684 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1h9a8s8eodvjz.cloudfront.net/fonts/menomonia/08-02-12/menomonia.css
Requested by
Host: www.thatshaman.com
URL: https://www.thatshaman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.206 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-206.fra56.r.cloudfront.net
Software
/ ARR/3.0
Resource Hash
ed2adb02f3dfdd1d7742952838d7ed2168eb62734185db732ef74e7eedf4599a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thatshaman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 09:24:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
1566501
x-powered-by
ARR/3.0
x-cache
Hit from cloudfront
content-length
206
last-modified
Sat, 27 Feb 2016 05:53:28 GMT
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000,public,immutable
x-amz-cf-id
ZjBWbp6-w3DNmlnWbk9b0HhgzmizDZVJIEpdRid9KHxqH7lZFPp1pQ==
all.min.css
www.thatshaman.com/resources/fontawesome6/css/ 		100 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thatshaman.com/resources/fontawesome6/css/all.min.css
Requested by
Host: www.thatshaman.com
URL: https://www.thatshaman.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.122.146 New Kensington, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server168-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thatshaman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:33:09 GMT
content-encoding
br
last-modified
Tue, 01 Aug 2023 11:28:42 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
21835
expires
Tue, 24 Oct 2023 12:33:09 GMT
style.css
www.thatshaman.com/resources/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thatshaman.com/resources/style.css?v=20230811001
Requested by
Host: www.thatshaman.com
URL: https://www.thatshaman.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.122.146 New Kensington, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server168-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
bad37dc81aed1b4489150019786d8908e8e064f1925d63e2d4a00b870358af39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thatshaman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:33:09 GMT
content-encoding
br
last-modified
Fri, 11 Aug 2023 14:13:51 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1645
expires
Tue, 24 Oct 2023 12:33:09 GMT
layout.js
www.thatshaman.com/resources/ 		730 B
533 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thatshaman.com/resources/layout.js?v=20230731003
Requested by
Host: www.thatshaman.com
URL: https://www.thatshaman.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.122.146 New Kensington, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server168-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
6ba112736b901eab42bec1092f851b3bef54bd7bd48529ed844df1d843571d36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thatshaman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:33:09 GMT
content-encoding
br
last-modified
Mon, 31 Jul 2023 09:47:12 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
288
expires
Tue, 24 Oct 2023 12:33:09 GMT
logo.png
www.thatshaman.com/resources/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thatshaman.com/resources/logo.png
Requested by
Host: www.thatshaman.com
URL: https://www.thatshaman.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.122.146 New Kensington, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server168-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
6ec66458aa6340d1750e1489e6a5f9b046ba1507b67b50178b7d673ec19f2a05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thatshaman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:33:09 GMT
last-modified
Mon, 03 Jul 2023 11:59:42 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
22913
expires
Tue, 24 Oct 2023 12:33:09 GMT
kcaf1Mb.jpg
i.imgur.com/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/kcaf1Mb.jpg
Requested by
Host: www.thatshaman.com
URL: https://www.thatshaman.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
20aae29de182846dd1c307a999e1d3ff0d4fcbf3d82b364c56191609034169c2
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thatshaman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:33:09 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
MIA3-P1
age
1243836
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
53435
x-served-by
cache-iad-kjyo7100142-IAD, cache-fra-eddf8230109-FRA
last-modified
Tue, 26 Sep 2023 08:22:21 GMT
server
cat factory 1.0
x-timer
S1697545989.135740,VS0,VE1
etag
"4f4b8e55b145e4db48e9175b06095799"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
WgJ9gl5zEgDKySvMtkJUzJkWAlvfnhclFzm7MCZ4y0G46Pb-qIbsUQ==
x-cache-hits
5, 1
Bt6QjHJ.jpg
i.imgur.com/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/Bt6QjHJ.jpg
Requested by
Host: www.thatshaman.com
URL: https://www.thatshaman.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
0ce1426fdc3f2c6b8e9d06b9bf79412741e2e5346f8de1b5046ea965fbf1a80d
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thatshaman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:33:09 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
3014128
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
55691
x-served-by
cache-iad-kcgs7200100-IAD, cache-fra-eddf8230109-FRA
last-modified
Tue, 12 Sep 2023 15:17:14 GMT
server
cat factory 1.0
x-timer
S1697545989.179629,VS0,VE2
etag
"d5ed76fbe63623259469fd3d8bed222e"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
THJ17K1zr-8xI0Eh6480bb3EQNONN0G5u1krD3rPRNiniD1ljbnrPQ==
x-cache-hits
51, 1
wLq6kEX.jpg
i.imgur.com/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/wLq6kEX.jpg
Requested by
Host: www.thatshaman.com
URL: https://www.thatshaman.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
c4811b669fab95aab86dd7f56ed2aa6352002f43677bd122c504a0a33562e35b
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thatshaman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:33:09 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
606887
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
52984
x-served-by
cache-iad-kjyo7100111-IAD, cache-fra-eddf8230109-FRA
last-modified
Tue, 22 Aug 2023 11:41:23 GMT
server
cat factory 1.0
x-timer
S1697545989.207569,VS0,VE2
etag
"dff19bf0ca77689811a79361c1fbd0da"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
pVPjQo5f7c7VYYRP-T3TExY79_uP6VHxTdomD_qXZRRBID9hG5H_aQ==
x-cache-hits
14, 1
hfWpF7T.jpg
i.imgur.com/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/hfWpF7T.jpg
Requested by
Host: www.thatshaman.com
URL: https://www.thatshaman.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
8d5655668414956e8225298fa6dfc90db3b90741e58754b925fc050ed6490f0e
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thatshaman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:33:09 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
MIA3-P1
age
1243836
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
45605
x-served-by
cache-iad-kjyo7100143-IAD, cache-fra-eddf8230109-FRA
last-modified
Thu, 27 Jul 2023 18:37:26 GMT
server
cat factory 1.0
x-timer
S1697545989.236012,VS0,VE2
etag
"cc2b0110ef3040ad31985c13254a06a1"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
kSF2PCbOjrJ1kYFcEm3YlgvwwKTQMO9AmzF3xJFRnmmzpsBUcNSHAA==
x-cache-hits
73, 1
Bw8WZLc.jpg
i.imgur.com/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/Bw8WZLc.jpg
Requested by
Host: www.thatshaman.com
URL: https://www.thatshaman.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
a3c7c693cfccebf2326574ab99325a130fb1abbdc3a7d620d2477080f035c589
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thatshaman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:33:09 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
3397385
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
53063
x-served-by
cache-iad-kiad7000023-IAD, cache-fra-eddf8230109-FRA
last-modified
Tue, 06 Jun 2023 16:50:26 GMT
server
cat factory 1.0
x-timer
S1697545990.793204,VS0,VE2
etag
"ce97eec80950e05670780bed8d45997c"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
xy2Z9jd_0hd4xMgO2WLDyIFKdP_b_BAisn1zlQpm2ioXxB7NuWn8fQ==
x-cache-hits
339, 1
8v85C8V.jpeg
i.imgur.com/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/8v85C8V.jpeg
Requested by
Host: www.thatshaman.com
URL: https://www.thatshaman.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
ffb4fa9cfeee7338c879cdbd39a40e0b3452bbccda5962d57f7422492ca32129
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thatshaman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:33:09 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
2320832
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
61103
x-served-by
cache-iad-kiad7000154-IAD, cache-fra-eddf8230109-FRA
last-modified
Tue, 23 May 2023 16:50:13 GMT
server
cat factory 1.0
x-timer
S1697545990.793205,VS0,VE2
etag
"ef0c0f08650d9709ccd1272e7841025c"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
CwDlsgS8cEXP5AlK8EyKhWLM080_nOsDqkduHaUGFp6nmOV3JY4DbQ==
x-cache-hits
125, 1
iRQ1FYG.jpeg
i.imgur.com/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/iRQ1FYG.jpeg
Requested by
Host: www.thatshaman.com
URL: https://www.thatshaman.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
d13cef872bafae119a249f1065d74ec12ee2fb5dd095b60b1fd59d4a7dec63a7
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thatshaman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:33:09 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
JFK50-P6
age
1243836
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
83016
x-served-by
cache-iad-kcgs7200118-IAD, cache-fra-eddf8230109-FRA
last-modified
Tue, 02 May 2023 16:31:17 GMT
server
cat factory 1.0
x-timer
S1697545990.793382,VS0,VE2
etag
"2765610a91b7ee872cdf6485499addff"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
wbrdzYX_ZwtcOnRWDOZvOCM19QwXwLmsv7Y1uRYltDSk3mGo0mIcVw==
x-cache-hits
90, 1
9fBKL2O.jpeg
i.imgur.com/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/9fBKL2O.jpeg
Requested by
Host: www.thatshaman.com
URL: https://www.thatshaman.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
433aff05b1fee15eef0627a07fa9df920cacbd467648c703c94ab8d45c050a0d
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thatshaman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:33:09 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
2341569
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
60658
x-served-by
cache-iad-kiad7000126-IAD, cache-fra-eddf8230109-FRA
last-modified
Tue, 18 Apr 2023 16:22:57 GMT
server
cat factory 1.0
x-timer
S1697545990.794634,VS0,VE2
etag
"13013a6d681aa539ff7efd208413c0d6"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
_T6Li8LSZZq9C3h-uOC30q1xXqN0mWEtNbRZXofrfYvCtEcwjO1AvQ==
x-cache-hits
164, 1
vDjiZNg.jpeg
i.imgur.com/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/vDjiZNg.jpeg
Requested by
Host: www.thatshaman.com
URL: https://www.thatshaman.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
00a373c4473e6411e557b8601f6858505b333dbd9d8572455a2f2778a75446f3
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thatshaman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:33:09 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
JFK50-P6
age
1243837
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
62255
x-served-by
cache-iad-kcgs7200117-IAD, cache-fra-eddf8230109-FRA
last-modified
Tue, 28 Mar 2023 17:23:23 GMT
server
cat factory 1.0
x-timer
S1697545990.794251,VS0,VE2
etag
"98e691857c176723817573aa706ee18c"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
x39qKDAXpUUF3xt6qcQy3SU48zOo8E5ul2B4JWrWiOuRgug0rVonbw==
x-cache-hits
23, 1
Yv8RTX2.jpeg
i.imgur.com/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/Yv8RTX2.jpeg
Requested by
Host: www.thatshaman.com
URL: https://www.thatshaman.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
3cde4b371e2060f8cf2fc3301b170bf9e1d1d15e1eb9157182c2c61cfc680167
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thatshaman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:33:09 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
MIA3-P1
age
1243836
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
58218
x-served-by
cache-iad-kjyo7100156-IAD, cache-fra-eddf8230109-FRA
last-modified
Tue, 14 Feb 2023 17:36:49 GMT
server
cat factory 1.0
x-timer
S1697545990.794232,VS0,VE2
etag
"9adeb3ff2cd205b7f619cdb9d91e5110"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
AzygYwDLZcrwHsT2GuD_p1ZjrY1MT47wjSYa2gNsxsBFWHSnOVGSlA==
x-cache-hits
79, 1
ENC0Xcq.jpeg
i.imgur.com/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/ENC0Xcq.jpeg
Requested by
Host: www.thatshaman.com
URL: https://www.thatshaman.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
5d14ad6a90820483ae2650713a157b645056b36e46792e5e3028b8adedbb02bc
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thatshaman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:33:09 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
2500608
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
54875
x-served-by
cache-iad-kiad7000106-IAD, cache-fra-eddf8230109-FRA
last-modified
Tue, 31 Jan 2023 17:40:44 GMT
server
cat factory 1.0
x-timer
S1697545990.795046,VS0,VE2
etag
"9646c6f0f96d8662bde43b83ea229751"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
oeO-KvYmIAsQHb1o9XAjQeF_YvoiiSqLtZM5blMZy4lLOYJGeUDKqg==
x-cache-hits
259, 1
o2gWuvP.jpeg
i.imgur.com/ 		171 KB
172 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/o2gWuvP.jpeg
Requested by
Host: www.thatshaman.com
URL: https://www.thatshaman.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
5d3d3d69d0e239d35ffe27587a9b84c8055b990d3333961728cde3d2e3c3426f
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thatshaman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:33:09 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
1247013
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
x-amz-storage-class
STANDARD_IA
content-length
175570
x-served-by
cache-iad-kjyo7100084-IAD, cache-fra-eddf8230109-FRA
last-modified
Tue, 10 Jan 2023 18:08:04 GMT
server
cat factory 1.0
x-timer
S1697545990.794201,VS0,VE1
etag
"8d1c1211fa26b2879d9c788e586f53dd"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
xT3ed3GAmdPqLTYfNX3Fqa20OYp9QjJPWotkgyDx8kpcth71_32aaQ==
x-cache-hits
92, 1
JqDmmLB.jpeg
i.imgur.com/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/JqDmmLB.jpeg
Requested by
Host: www.thatshaman.com
URL: https://www.thatshaman.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
fe3d87237d7ab8a6c38cde514f821f031d7e4bb68cd920e24126a33341a85681
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thatshaman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:33:09 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
1323467
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
54379
x-served-by
cache-iad-kcgs7200030-IAD, cache-fra-eddf8230109-FRA
last-modified
Tue, 13 Dec 2022 17:55:11 GMT
server
cat factory 1.0
x-timer
S1697545990.794165,VS0,VE1
etag
"286e2922db71e48cf8a587fe975b55dd"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Hyv-HQOO7TNnO0Cq0kRvX0dWKH9keDeis5whTjXhJiCtMr3wvWfeBw==
x-cache-hits
33, 1
11cEDBh.jpeg
i.imgur.com/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/11cEDBh.jpeg
Requested by
Host: www.thatshaman.com
URL: https://www.thatshaman.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
c897f3ef58455c9d151bce75651067e015060fdc16f6d5d6f08cb8bf0499c5fe
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thatshaman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:33:09 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
1044047
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
36310
x-served-by
cache-iad-kcgs7200085-IAD, cache-fra-eddf8230109-FRA
last-modified
Tue, 13 Dec 2022 17:55:11 GMT
server
cat factory 1.0
x-timer
S1697545990.794164,VS0,VE1
etag
"67d44173dbaefbc6fb984ab382e3d4b3"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
jchHe9b1UxIJ14tJmM-Fd1ZTWVF5poWmKe25GVqywYPPIZfHWAcyJQ==
x-cache-hits
206, 1
VLo3hIB.jpeg
i.imgur.com/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/VLo3hIB.jpeg
Requested by
Host: www.thatshaman.com
URL: https://www.thatshaman.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
ba3996998ec8eaeabb37f4f81424194b34de72002ada04ce8150ec960f2693e7
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thatshaman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:33:09 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
JFK50-P6
age
1243836
x-cache
Miss from cloudfront, HIT, HIT
content-length
48418
x-served-by
cache-iad-kcgs7200079-IAD, cache-fra-eddf8230109-FRA
last-modified
Tue, 29 Nov 2022 17:32:52 GMT
server
cat factory 1.0
x-timer
S1697545990.813259,VS0,VE24
etag
"448bd2411cfd253730b65a7cc56af560"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
_MUCBIxSbV-HmGmSGhY3iQqQ3aAvAvyoiFMwGm6n9WqLDAjARQ1_1A==
x-cache-hits
72, 1
g61bETs.jpeg
i.imgur.com/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/g61bETs.jpeg
Requested by
Host: www.thatshaman.com
URL: https://www.thatshaman.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
f5a58037513f8ceac38831a62e099714ec76ff25afc73f668787a0b18504ff85
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thatshaman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:33:09 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
2007519
x-cache
Miss from cloudfront, HIT, HIT
content-length
74018
x-served-by
cache-iad-kiad7000020-IAD, cache-fra-eddf8230109-FRA
last-modified
Tue, 08 Nov 2022 17:50:27 GMT
server
cat factory 1.0
x-timer
S1697545990.813239,VS0,VE1
etag
"d213e07099f066e45591b5eebb01c77f"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Db1XjyDk6Co-Bdj71ePbUDN2zuCK6VTWq_Rr7_CQ0fFp7ktX3QlK6A==
x-cache-hits
157, 1
7H4qKnW.jpeg
i.imgur.com/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/7H4qKnW.jpeg
Requested by
Host: www.thatshaman.com
URL: https://www.thatshaman.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
79333d67af00a4d1649703707f7e48825e623b91cfaa7ef6046dcfeeca686b8f
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thatshaman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:33:09 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
1214968
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
44376
x-served-by
cache-iad-kiad7000101-IAD, cache-fra-eddf8230109-FRA
last-modified
Tue, 18 Oct 2022 16:15:16 GMT
server
cat factory 1.0
x-timer
S1697545990.813197,VS0,VE1
etag
"b31e8985d7483b9e36a987723d5023e8"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Te6TsbvmzcqGMFPJLaup7jnNooqOcGBOZDP8dYkzTsY3QsmaGvnu1A==
x-cache-hits
12, 1
7TkMdQN.jpeg
i.imgur.com/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/7TkMdQN.jpeg
Requested by
Host: www.thatshaman.com
URL: https://www.thatshaman.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9290eab271b4b427e0953da1809a4781d2e092a17c078c0a1405506b535add62
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thatshaman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:33:09 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
MIA3-P5
age
508866
x-cache
Miss from cloudfront, HIT, HIT
content-length
77383
x-served-by
cache-iad-kjyo7100071-IAD, cache-fra-eddf8230109-FRA
last-modified
Tue, 04 Oct 2022 16:18:33 GMT
server
cat factory 1.0
x-timer
S1697545990.813213,VS0,VE1
etag
"1eaf0f1d20814eafef6ba81ff419a559"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
SsnLHumQy28xCvSIT3w0yrnoqQjbKLrmiyYdS9q_KPijudh-1RDZJA==
x-cache-hits
42, 1
geV8Wy8.jpeg
i.imgur.com/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/geV8Wy8.jpeg
Requested by
Host: www.thatshaman.com
URL: https://www.thatshaman.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
a943c2ba0448fad22bbac2aaf8513fe25953cf4a1532c1fcf9e96c9bd0b277ad
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thatshaman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:33:09 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
3026234
x-cache
Miss from cloudfront, HIT, HIT
content-length
56086
x-served-by
cache-iad-kiad7000055-IAD, cache-fra-eddf8230109-FRA
last-modified
Tue, 23 Aug 2022 16:47:06 GMT
server
cat factory 1.0
x-timer
S1697545990.813160,VS0,VE1
etag
"4d4bd38cddcf6712f41c9c64b61e1501"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
GHjPwZibSAgyMI6gpcaKnOpSR7j5RMQ2cYhu4M13Z3G41RS1Lugh2g==
x-cache-hits
362, 1
interaction.js
www.thatshaman.com/resources/ 		326 B
393 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thatshaman.com/resources/interaction.js?v=20230731003
Requested by
Host: www.thatshaman.com
URL: https://www.thatshaman.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.122.146 New Kensington, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server168-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
c42f93574bb3b0fdf1fcdb1c9528e695e31b2b036bafb0c51e17d07c0c274036

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thatshaman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:33:09 GMT
content-encoding
br
last-modified
Mon, 31 Jul 2023 13:59:27 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
148
expires
Tue, 24 Oct 2023 12:33:09 GMT
YcKrSTX3QQI
www.youtube.com/embed/ Frame 2AF3 		88 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/YcKrSTX3QQI
Requested by
Host: www.thatshaman.com
URL: https://www.thatshaman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7661792fcfe5ae313a8e8ee8d41b42479ba1fe7116ca77fafc41087aff0dbb7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thatshaman.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 12:33:10 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
background.webp
www.thatshaman.com/resources/ 		118 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thatshaman.com/resources/background.webp
Requested by
Host: www.thatshaman.com
URL: https://www.thatshaman.com/resources/style.css?v=20230811001
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.122.146 New Kensington, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server168-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
3e1bd8e5e8c3b6f0a638005114ecf509b9646b3c0f497326a4da9dbd338bb59b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thatshaman.com/resources/style.css?v=20230811001
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:33:09 GMT
last-modified
Mon, 31 Jul 2023 13:42:20 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
121012
expires
Tue, 24 Oct 2023 12:33:09 GMT
fa-regular-400.woff2
www.thatshaman.com/resources/fontawesome6/webfonts/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thatshaman.com/resources/fontawesome6/webfonts/fa-regular-400.woff2
Requested by
Host: www.thatshaman.com
URL: https://www.thatshaman.com/resources/fontawesome6/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.122.146 New Kensington, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server168-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
8e7e5ea1b15f62ab14dbd41768e8fbcd21cc859a4ea5da812457ee714299fb35

Request headers

Referer
https://www.thatshaman.com/resources/fontawesome6/css/all.min.css
Origin
https://www.thatshaman.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:33:09 GMT
last-modified
Tue, 01 Aug 2023 11:29:08 GMT
server
LiteSpeed
vary
User-Agent
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
24948
expires
Tue, 24 Oct 2023 12:33:09 GMT
menomonia.woff
d1h9a8s8eodvjz.cloudfront.net/fonts/menomonia/08-02-12/font/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1h9a8s8eodvjz.cloudfront.net/fonts/menomonia/08-02-12/font/menomonia.woff
Requested by
Host: d1h9a8s8eodvjz.cloudfront.net
URL: https://d1h9a8s8eodvjz.cloudfront.net/fonts/menomonia/08-02-12/menomonia.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.206 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-206.fra56.r.cloudfront.net
Software
/ ARR/3.0
Resource Hash
04300bc6dde96a9b821adbdc2ba47f4e79c97b63881e9da3e53f8c0c158c1ba2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://d1h9a8s8eodvjz.cloudfront.net/fonts/menomonia/08-02-12/menomonia.css
Origin
https://www.thatshaman.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:17:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sat, 27 Feb 2016 05:53:28 GMT
via
1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
x-powered-by
ARR/3.0
age
2290525
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000,public,immutable
content-length
26436
x-amz-cf-id
vml9_tw5YQrAs-dtqayM_4nYqascYhsJdrVZkAhn2r7gJdkd16zaAg==
fa-solid-900.woff2
www.thatshaman.com/resources/fontawesome6/webfonts/ 		147 KB
147 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thatshaman.com/resources/fontawesome6/webfonts/fa-solid-900.woff2
Requested by
Host: www.thatshaman.com
URL: https://www.thatshaman.com/resources/fontawesome6/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.122.146 New Kensington, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server168-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880

Request headers

Referer
https://www.thatshaman.com/resources/fontawesome6/css/all.min.css
Origin
https://www.thatshaman.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:33:09 GMT
last-modified
Tue, 01 Aug 2023 11:29:17 GMT
server
LiteSpeed
vary
User-Agent
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
150124
expires
Tue, 24 Oct 2023 12:33:09 GMT
www-player.css
www.youtube.com/s/player/99faf012/ Frame 2AF3 		378 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/99faf012/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/YcKrSTX3QQI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92223235bd2c02fa3eae38898c1fb05886c7261be48bc661939babfc0c2c59bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/YcKrSTX3QQI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:51:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
2510
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48960
x-xss-protection
0
last-modified
Wed, 11 Oct 2023 01:50:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 16 Oct 2024 11:51:20 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2AF3 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/YcKrSTX3QQI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 02:58:03 GMT
x-content-type-options
nosniff
age
293707
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Oct 2024 02:58:03 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2AF3 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/YcKrSTX3QQI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 18:06:30 GMT
x-content-type-options
nosniff
age
412000
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 18:06:30 GMT
embed.js
www.youtube.com/s/player/99faf012/player_ias.vflset/de_DE/ Frame 2AF3 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/99faf012/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/YcKrSTX3QQI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4802499c63d2e6e19004b408bfb4852b15f9540311eee943c0bc2fd2a16f5949
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/YcKrSTX3QQI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 20:57:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
488145
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17074
x-xss-protection
0
last-modified
Wed, 11 Oct 2023 01:50:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 10 Oct 2024 20:57:25 GMT
www-embed-player.js
www.youtube.com/s/player/99faf012/www-embed-player.vflset/ Frame 2AF3 		318 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/99faf012/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/YcKrSTX3QQI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8290ad40ac2027d9a1c629cbb0106fea28df654f181f97900f5a154a8a4d4858
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/YcKrSTX3QQI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:26:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
18416
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97303
x-xss-protection
0
last-modified
Wed, 11 Oct 2023 01:50:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 16 Oct 2024 07:26:14 GMT
base.js
www.youtube.com/s/player/99faf012/player_ias.vflset/de_DE/ Frame 2AF3 		2 MB
787 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/99faf012/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/YcKrSTX3QQI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1d1ab20d78c80c5057b793854dacaf8b09d0221d5339fae079f7a64a4b861ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/YcKrSTX3QQI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 20:57:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
488145
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
805789
x-xss-protection
0
last-modified
Wed, 11 Oct 2023 01:50:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 10 Oct 2024 20:57:25 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 2AF3
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/YcKrSTX3QQI
Protocol
H2
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b9846363259d4de70e4a3e05f2311ffae6eec809e07b92b6833037ff5c19a8ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:33:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 17 Oct 2023 12:33:10 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 2AF3 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/99faf012/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:30:32 GMT
x-content-type-options
nosniff
age
158
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Oct 2023 12:45:32 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 17 Oct 2023 12:33:10 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2AF3 		68 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/99faf012/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
27ea01f6fbaed851074fd2396b92a3f9b86b0f8043ade95f085e6165d7ec843f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 17 Oct 2023 12:33:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31948
x-xss-protection
0
remote.js
www.youtube.com/s/player/99faf012/player_ias.vflset/de_DE/ Frame 2AF3 		116 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/99faf012/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/99faf012/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d5197dcd797ff593a393617ed3331abb4cc43e731b412e42f0f56d3b8e67f0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/YcKrSTX3QQI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 20:59:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
488018
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33682
x-xss-protection
0
last-modified
Wed, 11 Oct 2023 01:50:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 10 Oct 2024 20:59:32 GMT
gYyzGmVBC5c2gm4Oa0LVCSBwQeYGb_qLDEd6eFuxJaI.js
www.google.com/js/th/ Frame 2AF3 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/gYyzGmVBC5c2gm4Oa0LVCSBwQeYGb_qLDEd6eFuxJaI.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/99faf012/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
818cb31a65410b9736826e0e6b42d509207041e6066ffa8b0c477a785bb125a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 00:08:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
217499
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14547
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 13:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 14 Oct 2024 00:08:11 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/YcKrSTX3QQI/ Frame 2AF3 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/YcKrSTX3QQI/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/YcKrSTX3QQI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e56b5314542de346adbdfe3e0a33cea474ed0393da7d8db47107f978050630cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:15:38 GMT
x-content-type-options
nosniff
age
1052
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70358
x-xss-protection
0
server
sffe
etag
"1691508547"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 17 Oct 2023 14:15:38 GMT
truncated
/ Frame 2AF3 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
APkrFKa1cdeUetPI8wNKcS5SgKZQM2wWJFK2ggF1XgSb=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 2AF3 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/APkrFKa1cdeUetPI8wNKcS5SgKZQM2wWJFK2ggF1XgSb=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/YcKrSTX3QQI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
03974bfedff2273af35dbf6b87c2a778e4ba05b6d62b0cbd6966b124e2245419
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 08:36:00 GMT
x-content-type-options
nosniff
age
14230
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2755
x-xss-protection
0
server
fife
etag
"v3d"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 18 Oct 2023 08:36:00 GMT
generate_204
www.youtube.com/ Frame 2AF3 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?6esxig
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/YcKrSTX3QQI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/YcKrSTX3QQI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:33:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2AF3 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/99faf012/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
89619d571d88df2c4c47e8c9b1bbb668ad23b69134ef9c22289c73574a7cdc2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 17 Oct 2023 12:33:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 17 Oct 2023 12:33:10 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 2AF3 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/99faf012/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:33:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 Oct 2023 12:33:10 GMT
cast_sender.js
www.gstatic.com/eureka/clank/118/ Frame 2AF3 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/118/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e99e1ceb5d2b6483d5cf48bff61db9da00db6cb806b7aa2e0f22f87a787e0d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 15:57:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74164
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14707
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 15:06:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 17 Oct 2023 15:57:06 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 2AF3 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/99faf012/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
X-Goog-Request-Time
1697545992306
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/YcKrSTX3QQI
X-YouTube-Client-Version
1.20231010.01.00
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtwZGh4TllaN3ZpUSiG_rmpBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals
dt=1697545990200&flash=0&frm=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C795%2C460&vis=1&wgl=true&ca_type=image

Response headers

date
Tue, 17 Oct 2023 12:33:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Tue, 17 Oct 2023 12:33:12 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| useDarkmode function| toggleDarkMode function| setDarkMode function| clearDarkMode function| showHamburger function| hideHamburger

2 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: 0HXxN7QcCvc
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: pdhxNYZ7viQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d1h9a8s8eodvjz.cloudfront.net
fonts.gstatic.com
googleads.g.doubleclick.net
i.imgur.com
i.ytimg.com
jnn-pa.googleapis.com
static.doubleclick.net
www.google.com
www.gstatic.com
www.thatshaman.com
www.youtube.com
yt3.ggpht.com
146.75.116.193
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2006
2a00:1450:4001:811::200a
2a00:1450:4001:811::2016
2a00:1450:4001:813::2004
2a00:1450:4001:827::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
52.222.206.206
68.65.122.146
00a373c4473e6411e557b8601f6858505b333dbd9d8572455a2f2778a75446f3
03974bfedff2273af35dbf6b87c2a778e4ba05b6d62b0cbd6966b124e2245419
04300bc6dde96a9b821adbdc2ba47f4e79c97b63881e9da3e53f8c0c158c1ba2
0ce1426fdc3f2c6b8e9d06b9bf79412741e2e5346f8de1b5046ea965fbf1a80d
1d5197dcd797ff593a393617ed3331abb4cc43e731b412e42f0f56d3b8e67f0e
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
20aae29de182846dd1c307a999e1d3ff0d4fcbf3d82b364c56191609034169c2
27ea01f6fbaed851074fd2396b92a3f9b86b0f8043ade95f085e6165d7ec843f
3cde4b371e2060f8cf2fc3301b170bf9e1d1d15e1eb9157182c2c61cfc680167
3e1bd8e5e8c3b6f0a638005114ecf509b9646b3c0f497326a4da9dbd338bb59b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
433aff05b1fee15eef0627a07fa9df920cacbd467648c703c94ab8d45c050a0d
4802499c63d2e6e19004b408bfb4852b15f9540311eee943c0bc2fd2a16f5949
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d14ad6a90820483ae2650713a157b645056b36e46792e5e3028b8adedbb02bc
5d3d3d69d0e239d35ffe27587a9b84c8055b990d3333961728cde3d2e3c3426f
5f538ad48ef0bc9605aae4eaa81dc7be4e045ddc4f857374baac526412be4bfa
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6ba112736b901eab42bec1092f851b3bef54bd7bd48529ed844df1d843571d36
6ec66458aa6340d1750e1489e6a5f9b046ba1507b67b50178b7d673ec19f2a05
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
7661792fcfe5ae313a8e8ee8d41b42479ba1fe7116ca77fafc41087aff0dbb7b
79333d67af00a4d1649703707f7e48825e623b91cfaa7ef6046dcfeeca686b8f
818cb31a65410b9736826e0e6b42d509207041e6066ffa8b0c477a785bb125a2
8290ad40ac2027d9a1c629cbb0106fea28df654f181f97900f5a154a8a4d4858
89619d571d88df2c4c47e8c9b1bbb668ad23b69134ef9c22289c73574a7cdc2d
8d5655668414956e8225298fa6dfc90db3b90741e58754b925fc050ed6490f0e
8e7e5ea1b15f62ab14dbd41768e8fbcd21cc859a4ea5da812457ee714299fb35
8e99e1ceb5d2b6483d5cf48bff61db9da00db6cb806b7aa2e0f22f87a787e0d3
92223235bd2c02fa3eae38898c1fb05886c7261be48bc661939babfc0c2c59bc
9290eab271b4b427e0953da1809a4781d2e092a17c078c0a1405506b535add62
a3c7c693cfccebf2326574ab99325a130fb1abbdc3a7d620d2477080f035c589
a943c2ba0448fad22bbac2aaf8513fe25953cf4a1532c1fcf9e96c9bd0b277ad
b9846363259d4de70e4a3e05f2311ffae6eec809e07b92b6833037ff5c19a8ec
ba3996998ec8eaeabb37f4f81424194b34de72002ada04ce8150ec960f2693e7
bad37dc81aed1b4489150019786d8908e8e064f1925d63e2d4a00b870358af39
c1d1ab20d78c80c5057b793854dacaf8b09d0221d5339fae079f7a64a4b861ba
c42f93574bb3b0fdf1fcdb1c9528e695e31b2b036bafb0c51e17d07c0c274036
c4811b669fab95aab86dd7f56ed2aa6352002f43677bd122c504a0a33562e35b
c897f3ef58455c9d151bce75651067e015060fdc16f6d5d6f08cb8bf0499c5fe
d13cef872bafae119a249f1065d74ec12ee2fb5dd095b60b1fd59d4a7dec63a7
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56b5314542de346adbdfe3e0a33cea474ed0393da7d8db47107f978050630cd
ed2adb02f3dfdd1d7742952838d7ed2168eb62734185db732ef74e7eedf4599a
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f5a58037513f8ceac38831a62e099714ec76ff25afc73f668787a0b18504ff85
fe3d87237d7ab8a6c38cde514f821f031d7e4bb68cd920e24126a33341a85681
ffb4fa9cfeee7338c879cdbd39a40e0b3452bbccda5962d57f7422492ca32129