qlvonz3556.ramisclinique.ro Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sternenkinder-grosseltern.ch/
Effective URL:
https://qlvonz3556.ramisclinique.ro/
Submission: On December 08 via api (December 8th 2023, 2:26:00 pm UTC) from US — Scanned from CH

Summary HTTP 31 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 15 domains to perform 31 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is qlvonz3556.ramisclinique.ro.
TLS certificate: Issued by GTS CA 1P5 on November 17th 2023. Valid for: 3 months.

This is the only time qlvonz3556.ramisclinique.ro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.187.73.57 185.187.73.57	62214 (RACKFORES...) (RACKFOREST-AS)
2	5.75.237.107 5.75.237.107	24940 (HETZNER-AS) (HETZNER-AS)
1	51.81.67.75 51.81.67.75	16276 (OVH) (OVH)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
31	17

3 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sternenkinder-grosseltern.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
qlvonz3556.ramisclinique.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.187.73.57 (Hungary)

ASN62214 (RACKFOREST-AS, HU)
PTR: cluster3.unas.hu

uzletiterkep.hu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.75.237.107 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.107.237.75.5.clients.your-server.de

termalonline.hu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.81.67.75 (United States)

ASN16276 (OVH, FR)
PTR: ns1002206.ip-51-81-67.us

image1.slideserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.termalfurdo.hu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 71	1003 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 203	40 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	48 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 static.doubleclick.net — Cisco Umbrella Rank: 248	1 KB
2	termalonline.hu termalonline.hu	317 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	33 KB
2	ramisclinique.ro qlvonz3556.ramisclinique.ro	9 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 226	2 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 89	23 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	20 KB
1	termalfurdo.hu www.termalfurdo.hu	44 KB
1	slideserve.com image1.slideserve.com — Cisco Umbrella Rank: 89654	92 KB
1	uzletiterkep.hu uzletiterkep.hu	170 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2842	22 KB
1	sternenkinder-grosseltern.ch 1 redirects sternenkinder-grosseltern.ch	483 B
31	15

	Domain	Requested by
8	www.youtube.com	qlvonz3556.ramisclinique.ro www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	fonts.gstatic.com	www.youtube.com
2	termalonline.hu	qlvonz3556.ramisclinique.ro
2	cdnjs.cloudflare.com	qlvonz3556.ramisclinique.ro cdnjs.cloudflare.com
2	qlvonz3556.ramisclinique.ro	qlvonz3556.ramisclinique.ro
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	www.termalfurdo.hu	qlvonz3556.ramisclinique.ro
1	image1.slideserve.com	qlvonz3556.ramisclinique.ro
1	uzletiterkep.hu	qlvonz3556.ramisclinique.ro
1	stackpath.bootstrapcdn.com	qlvonz3556.ramisclinique.ro
1	sternenkinder-grosseltern.ch	1 redirects
31	17

This site contains links to these domains. Also see Links.

Domain
ramisclinique.ro
adhxqw16707.ramisclinique.ro
giulpp4670.ramisclinique.ro
fqad3821.ramisclinique.ro
myref5745.ramisclinique.ro
wdlzda2735.ramisclinique.ro
byzv8302.ramisclinique.ro
mmdf4916.ramisclinique.ro
sqecd16923.ramisclinique.ro
gcvd8548.ramisclinique.ro
woqtr2742.ramisclinique.ro

Subject Issuer	Validity	Valid
ramisclinique.ro GTS CA 1P5	`2023-11-17` - `2024-02-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
uzletiterkep.hu Sectigo RSA Domain Validation Secure Server CA	`2023-07-17` - `2024-08-16`	a year	crt.sh
termalonline.hu R3	`2023-11-13` - `2024-02-11`	3 months	crt.sh
*.slideserve.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-21` - `2024-04-19`	a year	crt.sh
termalfurdo.hu Cloudflare Inc ECC CA-3	`2023-04-03` - `2024-04-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://qlvonz3556.ramisclinique.ro/
Frame ID: F01B402E662CDCBBD32E16EB7E77CDB9
Requests: 10 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ZKi8Nc6yBE8
Frame ID: 3FEFB1BD895AEB5D60CD9B6355F1E8CC
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dunántúli gyógyfürdők térkép |

Page URL History Show full URLs

https://sternenkinder-grosseltern.ch/ HTTP 301
https://qlvonz3556.ramisclinique.ro/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Page Statistics

31
Requests

97 %
HTTPS

81 %
IPv6

15
Domains

17
Subdomains

17
IPs

3
Countries

1824 kB
Transfer

4435 kB
Size

2
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://ramisclinique.ro/
Title: https://ramisclinique.ro

Search URL Search Domain Scan URL

URL: https://adhxqw16707.ramisclinique.ro/
Title: betonszál

Search URL Search Domain Scan URL

URL: https://giulpp4670.ramisclinique.ro/
Title: chinese restaurant janda baik

Search URL Search Domain Scan URL

URL: https://fqad3821.ramisclinique.ro/
Title: 阿凡达2线上看

Search URL Search Domain Scan URL

URL: https://myref5745.ramisclinique.ro/
Title: cuaca gunung everest

Search URL Search Domain Scan URL

URL: https://wdlzda2735.ramisclinique.ro/
Title: battery charger intelligent

Search URL Search Domain Scan URL

URL: https://byzv8302.ramisclinique.ro/
Title: ターキッシュエアライン評判

Search URL Search Domain Scan URL

URL: https://mmdf4916.ramisclinique.ro/
Title: cand se pune ingrasamant la trandafiri

Search URL Search Domain Scan URL

URL: https://sqecd16923.ramisclinique.ro/
Title: ural dağı harada yerləşir

Search URL Search Domain Scan URL

URL: https://gcvd8548.ramisclinique.ro/
Title: дорожные знаки рк

Search URL Search Domain Scan URL

URL: https://woqtr2742.ramisclinique.ro/
Title: bulevardul sudului

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sternenkinder-grosseltern.ch/ HTTP 301
https://qlvonz3556.ramisclinique.ro/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

31 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
qlvonz3556.ramisclinique.ro/
Redirect Chain

https://sternenkinder-grosseltern.ch/
https://qlvonz3556.ramisclinique.ro/

21 KB
8 KB

219ms
106ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qlvonz3556.ramisclinique.ro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.16
Resource Hash: 410b6f7cab56cdad7e8cea015771a84d163bdcf4c454e9683f947f318ddf7bdb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8325ae31e98d4c6f-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 08 Dec 2023 14:25:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jrpVspbNzXKlSs9%2B%2BX7s8XzUSSGFZ20OKOXHgvj4ubEoOOa69fk2bWiVJLYHYB4mvN%2FlTQMeuycOicO4nwNxEw5Z1sypk8D%2Bhya4DYGhge2w2jJ1fSpHXj2uwxflWPhNPHmPiLAla41sD9HrWkKpsQzHkJCf1%2Fr5c9o%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.4.16

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8325ae307c6b4c61-MXP
content-type: text/html; charset=UTF-8
date: Fri, 08 Dec 2023 14:25:55 GMT
location: https://qlvonz3556.ramisclinique.ro/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5pYC%2BTAeA6CrIQJsGoiTBE6DyfX5Tr7gJcXdb6Ml0qhr7BcdxPQUyiNB2Zxpx0b92hhavoRVD5OJnQsT5D5cREFgtB%2FxuDuNxdjDyJtQ0N65R6xLZNI9Gt4dhtrL4zcQ%2BJhF4MMiB7sysb24SyZB%2BfhxqQkzSaZaJT5"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40

GET
H2 200 simple-line-icons.css
cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/css/ 13 KB
3 KB 95ms
37ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/css/simple-line-icons.css

Requested by

Host: qlvonz3556.ramisclinique.ro
URL: https://qlvonz3556.ramisclinique.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab9f855e542893de23c7b7e4897eb91066c9dbbfeaa1b1fa73a826867833b4b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://qlvonz3556.ramisclinique.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:25:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 723022
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2217
last-modified: Mon, 04 May 2020 16:16:18 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd2-329e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cLb02TyIxCjLv4wLxdcWKPL2ABaZ5l%2BKLYCZpRT2IV7l3DiRte1v%2Bs1TaQ0au8uVoDkS%2B%2BwRFkrK6xW1GCyLOJp8G0af3Fsr7ei1FgCC7XJZVfiubGi2FQaQcFP3tJmkIiZw3esjs3lyadB2Z%2BKrclbn"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8325ae32efd8bab1-MXP
expires: Wed, 27 Nov 2024 14:25:55 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.1/css/ 138 KB
22 KB 112ms
44ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.1/css/bootstrap.min.css

Requested by

Host: qlvonz3556.ramisclinique.ro
URL: https://qlvonz3556.ramisclinique.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://qlvonz3556.ramisclinique.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:25:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 865
age: 638342
cdn-cachedat: 10/31/2023 18:51:17
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"a7022c6fa83d91db67738d6e3cd3252d"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 8a0efb1d7e01c136503b054da7e006ba
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8325ae32fe94baf3-MXP
cdn-requestpullsuccess: True

GET
H2 200 135002T-S.jpg
uzletiterkep.hu/img/15428/135002T-S/ 170 KB
170 KB 191ms
41ms Image
image/jpeg 185.187.73.57
RACKFOREST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uzletiterkep.hu/img/15428/135002T-S/135002T-S.jpg?time=1562163587
Requested by: Host: qlvonz3556.ramisclinique.ro
URL: https://qlvonz3556.ramisclinique.ro/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.73.57 , Hungary, ASN62214 (RACKFOREST-AS, HU),
Reverse DNS: cluster3.unas.hu
Software: Apache /
Resource Hash: 310919ff57064664acac47e854faf3e1b85795ee8e7e897af19ebe01e7619b35

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://qlvonz3556.ramisclinique.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Sat, 07 Dec 2024 14:25:55 GMT
date: Fri, 08 Dec 2023 14:25:55 GMT
cache-control: max-age=31536000
last-modified: Fri, 08 Dec 2023 14:25:55 GMT
server: Apache
content-length: 174133
content-type: image/jpeg

GET
H2 200 brigetio2.jpg
termalonline.hu/wp-content/uploads/2015/08/ 303 KB
303 KB 198ms
56ms Image
image/jpeg 5.75.237.107
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://termalonline.hu/wp-content/uploads/2015/08/brigetio2.jpg

Requested by

Host: qlvonz3556.ramisclinique.ro
URL: https://qlvonz3556.ramisclinique.ro/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.75.237.107 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.107.237.75.5.clients.your-server.de

Software

nginx-rc /

Resource Hash

58dbb8b73d256b5e2cc6727df106e8ea646b62ce9ad05c6cc1ab843d77e441fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://qlvonz3556.ramisclinique.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:25:55 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sun, 26 Aug 2018 18:07:32 GMT
server: nginx-rc
etag: W/"5b82ec64-4bab6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sun, 07 Jan 2024 14:25:55 GMT

GET
H2 200 balmazujvaros2-300x200.jpg
termalonline.hu/wp-content/uploads/2013/02/ 13 KB
13 KB 183ms
42ms Image
image/jpeg 5.75.237.107
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://termalonline.hu/wp-content/uploads/2013/02/balmazujvaros2-300x200.jpg

Requested by

Host: qlvonz3556.ramisclinique.ro
URL: https://qlvonz3556.ramisclinique.ro/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.75.237.107 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.107.237.75.5.clients.your-server.de

Software

nginx-rc /

Resource Hash

876a33d1824360ff08bed6c6bd909767bf285f094a6d012b454f590449df2971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://qlvonz3556.ramisclinique.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:25:55 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sun, 26 Aug 2018 18:02:15 GMT
server: nginx-rc
etag: W/"5b82eb27-34cd"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sun, 07 Jan 2024 14:25:55 GMT

GET
H/1.1 200
OK nyugat-dun-nt-li-term-l-s-gy-gyf-rd-k-l.jpg
image1.slideserve.com/2307981/ 92 KB
92 KB 503ms
269ms Image
image/jpeg 51.81.67.75
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image1.slideserve.com/2307981/nyugat-dun-nt-li-term-l-s-gy-gyf-rd-k-l.jpg
Requested by: Host: qlvonz3556.ramisclinique.ro
URL: https://qlvonz3556.ramisclinique.ro/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.81.67.75 , United States, ASN16276 (OVH, FR),
Reverse DNS: ns1002206.ip-51-81-67.us
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 563feb44703d1039df2e1f91efc96bc38c197348d61eafd123e143c28950a39b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://qlvonz3556.ramisclinique.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 14:25:55 GMT
Last-Modified: Thu, 24 Jul 2014 20:54:02 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "53d1726a-17052"
Content-Type: image/jpeg
Cache-Control: max-age=264816000, public, no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 94290
Expires: Thu, 29 Apr 2032 14:25:55 GMT

GET
H2 200 csokonyavisonta_termalfurdo_3_20131128152448.jpg
www.termalfurdo.hu/images/cikk/1951/ 43 KB
44 KB 225ms
125ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.termalfurdo.hu/images/cikk/1951/csokonyavisonta_termalfurdo_3_20131128152448.jpg
Requested by: Host: qlvonz3556.ramisclinique.ro
URL: https://qlvonz3556.ramisclinique.ro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21764ffc182009fa2de069a6b1d17d83b6bd09c6883884a5166233292ee6c488

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://qlvonz3556.ramisclinique.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:25:55 GMT
cf-cache-status: MISS
last-modified: Sun, 05 Apr 2015 07:40:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FA6jeXYvKcYgb5tUVSCP62GdkuPeeGlXFJ5BrusO2UFLVY8MzZ3kTBWYdg3kTy%2FpxR2GpCx8eUWZbdv2xWuMUHmNAU7ivt89iQw%2BG16KnyEfmt1biaw81c%2BXcihclOJn7pDN7Vs46lx0%2BZwvM9oHm3A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 8325ae333dadbabe-MXP
alt-svc: h3=":443"; ma=86400
content-length: 44065

GET
H2 200 email-decode.min.js Show response
qlvonz3556.ramisclinique.ro/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 30ms
30ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qlvonz3556.ramisclinique.ro/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: qlvonz3556.ramisclinique.ro
URL: https://qlvonz3556.ramisclinique.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://qlvonz3556.ramisclinique.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 28 Nov 2023 16:06:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65660ffd-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jO5kcTuuFQcYW7yr8paO99hxOYZBt3XyYoQnHPq3PxcIXdqmqhVWjVKsM03C2Z0TbauFpsi6OekgeKyT9A7QKEdPpvo0Qptt8gmQ2NgOl3fkVwpW1srDdnLze9GctWfDoKuyfA3t%2BTrYGnhRRv2I9B%2FSwjB1WIK4nD0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8325ae329b8e4c6f-MXP
expires: Sun, 10 Dec 2023 14:25:55 GMT

GET
H2 200 ZKi8Nc6yBE8 Show response
www.youtube.com/embed/ Frame 3FEF 93 KB
41 KB 186ms
118ms Document
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/ZKi8Nc6yBE8

Requested by

Host: qlvonz3556.ramisclinique.ro
URL: https://qlvonz3556.ramisclinique.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e8e4c72281c476c0e6637dbbce7e73af16abaf9341c4ebe14ed1bc172dd938db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qlvonz3556.ramisclinique.ro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 14:25:55 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Simple-Line-Icons.woff2
cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/fonts/ 29 KB
30 KB 65ms
36ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/fonts/Simple-Line-Icons.woff2?v=2.4.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/css/simple-line-icons.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b139d2871e745eeca0ed22ce994df828a96faefe86aa5e47d06c58184845445

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/css/simple-line-icons.css
Origin: https://qlvonz3556.ramisclinique.ro
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:25:55 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 735442
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 30064
last-modified: Mon, 04 May 2020 16:16:18 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd2-7570"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SrMsO92k7uBPkjmq7pO0esuXQgOO%2FJWFvwrY%2BlDnQzSPV%2BgEAvajqNfSfK25iLvvA9uordlFDVNXIuOSMJrJLc9AkOIP51qyILmxAQrVnUOSbIQxwABldA0tKZeqGU9TVAmwYQxeP5Tl%2Fx3gD6EQfQH"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8325ae338f77ba9a-MXP
expires: Wed, 27 Nov 2024 14:25:55 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/dee96cfa/ Frame 3FEF 365 KB
47 KB 33ms
33ms Stylesheet
text/css 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZKi8Nc6yBE8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8cf595211c3780ca984d79461caff6908401386ebb9894598ecadc396e22e1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.youtube.com/embed/ZKi8Nc6yBE8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 08:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22406
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48216
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 07 Dec 2024 08:12:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3FEF 15 KB
16 KB 93ms
29ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZKi8Nc6yBE8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 53940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3FEF 15 KB
15 KB 100ms
36ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZKi8Nc6yBE8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 149069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 21:01:27 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/ Frame 3FEF 54 KB
17 KB 122ms
121ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZKi8Nc6yBE8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d24ef4276a92518287ca48d4ed5a57d00283f70a01bfd860d5d4931a6db46f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.youtube.com/embed/ZKi8Nc6yBE8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:32:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 154384
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16999
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Dec 2024 19:32:51 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/ Frame 3FEF 322 KB
97 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZKi8Nc6yBE8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

749b479a8548e5751006d04e185368e48db0d7ceac3ba359d25db43fd6c24089

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.youtube.com/embed/ZKi8Nc6yBE8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 12:40:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6330
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98658
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 07 Dec 2024 12:40:25 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/ Frame 3FEF 2 MB
769 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZKi8Nc6yBE8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef873aad7c605372b175969edd7dd1febb7ab93881b49650a442c1a7fd2407f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.youtube.com/embed/ZKi8Nc6yBE8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:22:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68603
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 786495
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 06 Dec 2024 19:22:32 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 3FEF
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

36ms
36ms

XHR
application/json

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZKi8Nc6yBE8

Protocol

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a602fc8e03fbef224a5c1aeffdcb73e3767f2d17b6c667b39e508062d594861

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:25:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 08 Dec 2023 14:25:56 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 3FEF 29 B
495 B 94ms
29ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:19:49 GMT
x-content-type-options: nosniff
age: 367
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Dec 2023 14:34:49 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 106ms
37ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 08 Dec 2023 14:25:56 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 3FEF 87 KB
40 KB 44ms
44ms XHR
application/json+protobuf 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6adc4430878c3a7447c68c00dae482d33826743ca69905e2f47ce840c4bb4837

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 08 Dec 2023 14:25:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40897
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/ Frame 3FEF 116 KB
33 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8547aade2e3f00b3cb94b6eb1d15339b238fa447005f81de7500217910b3ada2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.youtube.com/embed/ZKi8Nc6yBE8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 08:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 193923
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33667
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Dec 2024 08:33:53 GMT

GET
H2 200 1xEiQfu-UCiwbMaFnr-G2Uzcd5udG06umsh6raawdbQ.js Show response
www.google.com/js/th/ Frame 3FEF 50 KB
20 KB 97ms
31ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/1xEiQfu-UCiwbMaFnr-G2Uzcd5udG06umsh6raawdbQ.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7112241fbbe5028b06cc6859ebf86d94cdc779b9d1b4eae9ac87aada6b075b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:41:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 337454
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19870
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 16:41:42 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/ZKi8Nc6yBE8/ Frame 3FEF 22 KB
23 KB 94ms
28ms Image
image/jpeg 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/ZKi8Nc6yBE8/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-DoACuAiKAgwIABABGGUgVShIMA8=&rs=AOn4CLAMCOXk-wFEt-YxZtkLL5dw3e-irw

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZKi8Nc6yBE8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b1927cc6793c511f7f962845884013884a93b73645fb30f37ccd1eba5e12a26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 12:59:48 GMT
x-content-type-options: nosniff
age: 5168
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22901
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 08 Dec 2023 14:59:48 GMT

GET
DATA 200
OK truncated
/ Frame 3FEF 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 zk6TTsqKVwDZus0q-hJHEfV-sqaX4zvvHwJUsfZW4IFPnSgQ8ifJx2LwSMu19UfREehMMOkUrQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 3FEF 2 KB
2 KB 158ms
51ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/zk6TTsqKVwDZus0q-hJHEfV-sqaX4zvvHwJUsfZW4IFPnSgQ8ifJx2LwSMu19UfREehMMOkUrQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZKi8Nc6yBE8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e3b879ede4b5993a97435821dd21c3aa6d450709059745c9eca94d7313938545

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:28:39 GMT
x-content-type-options: nosniff
age: 3437
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1674
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 09 Dec 2023 13:28:39 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 3FEF 4 KB
2 KB 141ms
76ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:25:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Dec 2023 14:25:56 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 3FEF 0
10 B 28ms
28ms Image
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?s3Cqkw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/ZKi8Nc6yBE8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.youtube.com/embed/ZKi8Nc6yBE8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:25:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 38ms
37ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 08 Dec 2023 14:25:56 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 3FEF 90 B
134 B 42ms
41ms XHR
application/json+protobuf 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

79934d109a6ce46fd4ffc10720045ab6a325ef227631df4d54c9c566b43b1913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 08 Dec 2023 14:25:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 3FEF 50 KB
15 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 21:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60547
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 08 Dec 2023 21:36:49 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 3FEF 28 B
54 B 50ms
48ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
X-Goog-Request-Time: 1702045558429
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/ZKi8Nc6yBE8
X-YouTube-Client-Version: 1.20231205.01.00
X-YouTube-Time-Zone: Europe/Zurich
X-Goog-Visitor-Id: CgtSYWZ2X2p2RUp3OCjzzsyrBjIICgJDSBICGgA%3D
X-YouTube-Ad-Signals: dt=1702045556030&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 08 Dec 2023 14:25:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Fri, 08 Dec 2023 14:25:58 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: cxRS_tEw8UA
			.youtube.com/	1970-01-20 21:06:37	Name: VISITOR_INFO1_LIVE Value: Rafv_jvEJw8

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://qlvonz3556.ramisclinique.ro/ Message: Mixed Content: The page at 'https://qlvonz3556.ramisclinique.ro/' was loaded over HTTPS, but requested an insecure element 'http://www.termalfurdo.hu/images/cikk/1951/csokonyavisonta_termalfurdo_3_20131128152448.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://qlvonz3556.ramisclinique.ro/(Line 177) Message: Mixed Content: The page at 'https://qlvonz3556.ramisclinique.ro/' was loaded over HTTPS, but requested an insecure element 'http://www.termalfurdo.hu/images/cikk/1951/csokonyavisonta_termalfurdo_3_20131128152448.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
image1.slideserve.com
jnn-pa.googleapis.com
qlvonz3556.ramisclinique.ro
stackpath.bootstrapcdn.com
static.doubleclick.net
sternenkinder-grosseltern.ch
termalonline.hu
uzletiterkep.hu
www.google.com
www.gstatic.com
www.termalfurdo.hu
www.youtube.com
yt3.ggpht.com
185.187.73.57
2606:4700::6811:190e
2606:4700::6812:bcf
2a00:1450:4001:80e::2016
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2006
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:830::200e
2a06:98c1:3120::3
2a06:98c1:3121::3
5.75.237.107
51.81.67.75
1b1927cc6793c511f7f962845884013884a93b73645fb30f37ccd1eba5e12a26
21764ffc182009fa2de069a6b1d17d83b6bd09c6883884a5166233292ee6c488
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2b139d2871e745eeca0ed22ce994df828a96faefe86aa5e47d06c58184845445
310919ff57064664acac47e854faf3e1b85795ee8e7e897af19ebe01e7619b35
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
3d24ef4276a92518287ca48d4ed5a57d00283f70a01bfd860d5d4931a6db46f3
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
410b6f7cab56cdad7e8cea015771a84d163bdcf4c454e9683f947f318ddf7bdb
563feb44703d1039df2e1f91efc96bc38c197348d61eafd123e143c28950a39b
58dbb8b73d256b5e2cc6727df106e8ea646b62ce9ad05c6cc1ab843d77e441fe
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6adc4430878c3a7447c68c00dae482d33826743ca69905e2f47ce840c4bb4837
749b479a8548e5751006d04e185368e48db0d7ceac3ba359d25db43fd6c24089
79934d109a6ce46fd4ffc10720045ab6a325ef227631df4d54c9c566b43b1913
7a602fc8e03fbef224a5c1aeffdcb73e3767f2d17b6c667b39e508062d594861
8547aade2e3f00b3cb94b6eb1d15339b238fa447005f81de7500217910b3ada2
876a33d1824360ff08bed6c6bd909767bf285f094a6d012b454f590449df2971
ab9f855e542893de23c7b7e4897eb91066c9dbbfeaa1b1fa73a826867833b4b1
c8cf595211c3780ca984d79461caff6908401386ebb9894598ecadc396e22e1f
d7112241fbbe5028b06cc6859ebf86d94cdc779b9d1b4eae9ac87aada6b075b4
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b879ede4b5993a97435821dd21c3aa6d450709059745c9eca94d7313938545
e8e4c72281c476c0e6637dbbce7e73af16abaf9341c4ebe14ed1bc172dd938db
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef873aad7c605372b175969edd7dd1febb7ab93881b49650a442c1a7fd2407f1
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

qlvonz3556.ramisclinique.ro Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

97 %HTTPS

81 %IPv6

15 Domains

17 Subdomains

17 IPs

3 Countries

1824 kBTransfer

4435 kBSize

2 Cookies

11 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

qlvonz3556.ramisclinique.ro Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

97 %
HTTPS

81 %
IPv6

15
Domains

17
Subdomains

17
IPs

3
Countries

1824 kB
Transfer

4435 kB
Size

2
Cookies

31 HTTP transactions
1 data transactions