URL: https://tremdaseleven.com/
Submission: On January 14 via manual from DE — Scanned from NZ

Summary

This website contacted 8 IPs in 2 countries across 5 domains to perform 47 HTTP transactions. The main IP is 92.222.105.188, located in Paris, France and belongs to OVH, FR. The main domain is tremdaseleven.com.
TLS certificate: Issued by R3 on January 7th 2023. Valid for: 3 months.
This is the only time tremdaseleven.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
28 tremdaseleven.com
tremdaseleven.com
3 MB
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 76
853 KB
3 doubleclick.net
googleads.g.doubleclick.net
static.doubleclick.net
1 KB
3 gstatic.com
fonts.gstatic.com
75 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
jnn-pa.googleapis.com
32 KB
47 5
Domain Requested by
28 tremdaseleven.com tremdaseleven.com
9 www.youtube.com tremdaseleven.com
www.youtube.com
3 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
2 jnn-pa.googleapis.com www.youtube.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
1 static.doubleclick.net www.youtube.com
1 fonts.googleapis.com tremdaseleven.com
47 7

This site contains no links.

Subject Issuer Validity Valid
www.tremdaseleven.com
R3
2023-01-07 -
2023-04-07
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-12-12 -
2023-03-06
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-12-12 -
2023-03-06
3 months crt.sh
*.google.com
GTS CA 1C3
2022-12-12 -
2023-03-06
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-12-12 -
2023-03-06
3 months crt.sh

This page contains 2 frames:

Primary Page: https://tremdaseleven.com/
Frame ID: 6A2775734B75E7F5D13A4F0EDC267902
Requests: 33 HTTP requests in this frame

Frame: https://www.youtube.com/embed/coYirc_qoSA?autoplay=1&controls=0&disablekb=1&fs=0&iv_load_policy=3&loop=1&modestbranding=1&playsinline=1&rel=0&showinfo=0&mute=1&enablejsapi=1&origin=https%3A%2F%2Ftremdaseleven.com&widgetid=1
Frame ID: EB3B1E50F3276580E281CF4FB0CE2A17
Requests: 13 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

47
Requests

94 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

8
IPs

2
Countries

3771 kB
Transfer

6097 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

47 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
tremdaseleven.com/
446 KB
450 KB
Document
General
Full URL
https://tremdaseleven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.222.105.188 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip188.ip-92-222-105.eu
Software
Apache / PHP/7.4.33
Resource Hash
94c886fee4ea35957d5e8a289a8059be7d3ca058617bbda38bbd0d5554d4d6d6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 14 Jan 2023 21:01:38 GMT
link
<https://tremdaseleven.com/wp-json/>; rel="https://api.w.org/"
server
Apache
x-powered-by
PHP/7.4.33
style.min.css
tremdaseleven.com/wp-includes/css/dist/block-library/
93 KB
93 KB
Stylesheet
General
Full URL
https://tremdaseleven.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: tremdaseleven.com
URL: https://tremdaseleven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.222.105.188 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip188.ip-92-222-105.eu
Software
Apache /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tremdaseleven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:01:39 GMT
last-modified
Sat, 17 Dec 2022 02:06:51 GMT
server
Apache
accept-ranges
bytes
content-length
94889
content-type
text/css
classic-themes.min.css
tremdaseleven.com/wp-includes/css/
217 B
246 B
Stylesheet
General
Full URL
https://tremdaseleven.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: tremdaseleven.com
URL: https://tremdaseleven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.222.105.188 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip188.ip-92-222-105.eu
Software
Apache /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tremdaseleven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:01:39 GMT
last-modified
Sat, 17 Dec 2022 02:06:51 GMT
server
Apache
accept-ranges
bytes
content-length
217
content-type
text/css
styles.css
tremdaseleven.com/wp-content/plugins/contact-form-7/includes/css/
3 KB
3 KB
Stylesheet
General
Full URL
https://tremdaseleven.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.1
Requested by
Host: tremdaseleven.com
URL: https://tremdaseleven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.222.105.188 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip188.ip-92-222-105.eu
Software
Apache /
Resource Hash
9a38595d63dfae35b88183515b69f8b742128b564b9ea4dbd79908c3aa73921a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tremdaseleven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:01:39 GMT
last-modified
Sat, 17 Dec 2022 02:28:16 GMT
server
Apache
accept-ranges
bytes
content-length
2803
content-type
text/css
wp-date-remover-public.css
tremdaseleven.com/wp-content/plugins/wp-date-remover/public/css/
98 B
150 B
Stylesheet
General
Full URL
https://tremdaseleven.com/wp-content/plugins/wp-date-remover/public/css/wp-date-remover-public.css?ver=1.0.0
Requested by
Host: tremdaseleven.com
URL: https://tremdaseleven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.222.105.188 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip188.ip-92-222-105.eu
Software
Apache /
Resource Hash
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tremdaseleven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:01:39 GMT
last-modified
Thu, 28 Jul 2022 22:10:55 GMT
server
Apache
accept-ranges
bytes
content-length
98
content-type
text/css
style.css
tremdaseleven.com/wp-content/themes/teluro/
444 KB
447 KB
Stylesheet
General
Full URL
https://tremdaseleven.com/wp-content/themes/teluro/style.css?ver=1.0.27
Requested by
Host: tremdaseleven.com
URL: https://tremdaseleven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.222.105.188 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip188.ip-92-222-105.eu
Software
Apache /
Resource Hash
4964d584f49f0ae58c2f96eaf71bfa330c19aca9617c9e7ac5c8c2211cd8833f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tremdaseleven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:01:39 GMT
last-modified
Sat, 17 Dec 2022 02:13:10 GMT
server
Apache
accept-ranges
bytes
content-length
454955
content-type
text/css
css
fonts.googleapis.com/
21 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%7CMuli%3A300%2C300italic%2C400%2C400italic%2C600%2C600italic%2C700%2C700italic%2C900%2C900italic&subset=latin%2Clatin-ext&display=swap&ver=1.0.27
Requested by
Host: tremdaseleven.com
URL: https://tremdaseleven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
33edd670871b8f661e1866d7d82d51df24587207deb300043ec8a67e3397b49b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tremdaseleven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 14 Jan 2023 21:01:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 14 Jan 2023 21:01:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 14 Jan 2023 21:01:39 GMT
jquery.min.js
tremdaseleven.com/wp-includes/js/jquery/
88 KB
88 KB
Script
General
Full URL
https://tremdaseleven.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: tremdaseleven.com
URL: https://tremdaseleven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.222.105.188 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip188.ip-92-222-105.eu
Software
Apache /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tremdaseleven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:01:39 GMT
last-modified
Sat, 17 Dec 2022 02:06:51 GMT
server
Apache
accept-ranges
bytes
content-length
89684
content-type
application/javascript
jquery-migrate.min.js
tremdaseleven.com/wp-includes/js/jquery/
11 KB
11 KB
Script
General
Full URL
https://tremdaseleven.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: tremdaseleven.com
URL: https://tremdaseleven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.222.105.188 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip188.ip-92-222-105.eu
Software
Apache /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tremdaseleven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:01:39 GMT
last-modified
Tue, 12 Jul 2022 20:36:05 GMT
server
Apache
accept-ranges
bytes
content-length
11224
content-type
application/javascript
wp-emoji-release.min.js
tremdaseleven.com/wp-includes/js/
18 KB
18 KB
Script
General
Full URL
https://tremdaseleven.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by
Host: tremdaseleven.com
URL: https://tremdaseleven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.222.105.188 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip188.ip-92-222-105.eu
Software
Apache /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tremdaseleven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:01:42 GMT
last-modified
Thu, 28 Jul 2022 22:37:26 GMT
server
Apache
accept-ranges
bytes
content-length
18617
content-type
application/javascript
wp-date-remover-public.js
tremdaseleven.com/wp-content/plugins/wp-date-remover/public/js/
838 B
868 B
Script
General
Full URL
https://tremdaseleven.com/wp-content/plugins/wp-date-remover/public/js/wp-date-remover-public.js?ver=1.0.0
Requested by
Host: tremdaseleven.com
URL: https://tremdaseleven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.222.105.188 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip188.ip-92-222-105.eu
Software
Apache /
Resource Hash
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tremdaseleven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:01:39 GMT
last-modified
Thu, 28 Jul 2022 22:10:55 GMT
server
Apache
accept-ranges
bytes
content-length
838
content-type
application/javascript
camera-black-background-camera-canon-832811.jpg
tremdaseleven.com/wp-content/themes/teluro//resources/header-presets/images/
27 KB
27 KB
Image
General
Full URL
https://tremdaseleven.com/wp-content/themes/teluro//resources/header-presets/images/camera-black-background-camera-canon-832811.jpg
Requested by
Host: tremdaseleven.com
URL: https://tremdaseleven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.222.105.188 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip188.ip-92-222-105.eu
Software
Apache /
Resource Hash
1e217d81311b2d0a6d84b117141356a405ab8da5395167b2b3004dd7a5a6aa21

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tremdaseleven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:01:42 GMT
last-modified
Sat, 17 Dec 2022 02:13:10 GMT
server
Apache
accept-ranges
bytes
content-length
27205
content-type
image/jpeg
2014-business-women-hairstyles-for-work-12-business-woman.jpg
tremdaseleven.com/wp-content/uploads/2019/01/
136 KB
136 KB
Image
General
Full URL
https://tremdaseleven.com/wp-content/uploads/2019/01/2014-business-women-hairstyles-for-work-12-business-woman.jpg
Requested by
Host: tremdaseleven.com
URL: https://tremdaseleven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.222.105.188 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip188.ip-92-222-105.eu
Software
Apache /
Resource Hash
50832ea78f43678a8aec1f11c5a0177e70050e6ff2367c200aa52bd8b1a3c2c0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tremdaseleven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:01:41 GMT
last-modified
Tue, 12 Jul 2022 20:36:12 GMT
server
Apache
accept-ranges
bytes
content-length
139081
content-type
image/jpeg
index.js
tremdaseleven.com/wp-content/plugins/contact-form-7/includes/swv/js/
10 KB
10 KB
Script
General
Full URL
https://tremdaseleven.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.1
Requested by
Host: tremdaseleven.com
URL: https://tremdaseleven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.222.105.188 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip188.ip-92-222-105.eu
Software
Apache /
Resource Hash
23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tremdaseleven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:01:41 GMT
last-modified
Sat, 17 Dec 2022 02:28:16 GMT
server
Apache
accept-ranges
bytes
content-length
10565
content-type
application/javascript
index.js
tremdaseleven.com/wp-content/plugins/contact-form-7/includes/js/
12 KB
12 KB
Script
General
Full URL
https://tremdaseleven.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.1
Requested by
Host: tremdaseleven.com
URL: https://tremdaseleven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.222.105.188 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip188.ip-92-222-105.eu
Software
Apache /
Resource Hash
f84293668b02b8c83c20c5c2cf51f8a5a64ac5a15d34be26c85382496b107700

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tremdaseleven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:01:41 GMT
last-modified
Sat, 17 Dec 2022 02:28:16 GMT
server
Apache
accept-ranges
bytes
content-length
12652
content-type
application/javascript
effect.min.js
tremdaseleven.com/wp-includes/js/jquery/ui/
17 KB
17 KB
Script
General
Full URL
https://tremdaseleven.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.2
Requested by
Host: tremdaseleven.com
URL: https://tremdaseleven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.222.105.188 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip188.ip-92-222-105.eu
Software
Apache /
Resource Hash
4471f0e0712693e37d562bb4981a7da17248062fc39140f3df05826943879fb7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tremdaseleven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:01:41 GMT
last-modified
Sat, 17 Dec 2022 02:06:51 GMT
server
Apache
accept-ranges
bytes
content-length
17338
content-type
application/javascript
effect-slide.min.js
tremdaseleven.com/wp-includes/js/jquery/ui/
901 B
930 B
Script
General
Full URL
https://tremdaseleven.com/wp-includes/js/jquery/ui/effect-slide.min.js?ver=1.13.2
Requested by
Host: tremdaseleven.com
URL: https://tremdaseleven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.222.105.188 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip188.ip-92-222-105.eu
Software
Apache /
Resource Hash
050911cb6d3880ea373bc5f7a22b4c50a4e1a1cf6ba38c885eee7a3bac854414

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tremdaseleven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:01:41 GMT
last-modified
Sat, 17 Dec 2022 02:06:51 GMT
server
Apache
accept-ranges
bytes
content-length
901
content-type
application/javascript
theme.js
tremdaseleven.com/wp-content/themes/teluro//resources/theme/
211 KB
211 KB
Script
General
Full URL
https://tremdaseleven.com/wp-content/themes/teluro//resources/theme/theme.js?ver=1.0.27
Requested by
Host: tremdaseleven.com
URL: https://tremdaseleven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.222.105.188 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip188.ip-92-222-105.eu
Software
Apache /
Resource Hash
c9efab02b803b99d5d2167d528c9f48a09e5aee17f8de0200aa45cbbbb911d5c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tremdaseleven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:01:41 GMT
last-modified
Sat, 17 Dec 2022 02:13:10 GMT
server
Apache
accept-ranges
bytes
content-length
215805
content-type
application/javascript
imagesloaded.min.js
tremdaseleven.com/wp-includes/js/
5 KB
6 KB
Script
General
Full URL
https://tremdaseleven.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by
Host: tremdaseleven.com
URL: https://tremdaseleven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.222.105.188 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip188.ip-92-222-105.eu
Software
Apache /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tremdaseleven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:01:41 GMT
last-modified
Tue, 12 Jul 2022 20:36:05 GMT
server
Apache
accept-ranges
bytes
content-length
5629
content-type
application/javascript
masonry.min.js
tremdaseleven.com/wp-includes/js/
24 KB
24 KB
Script
General
Full URL
https://tremdaseleven.com/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by
Host: tremdaseleven.com
URL: https://tremdaseleven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.222.105.188 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip188.ip-92-222-105.eu
Software
Apache /
Resource Hash
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tremdaseleven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:01:41 GMT
last-modified
Tue, 12 Jul 2022 20:36:05 GMT
server
Apache
accept-ranges
bytes
content-length
24138
content-type
application/javascript
jquery.masonry.min.js
tremdaseleven.com/wp-includes/js/jquery/
2 KB
2 KB
Script
General
Full URL
https://tremdaseleven.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by
Host: tremdaseleven.com
URL: https://tremdaseleven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.222.105.188 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip188.ip-92-222-105.eu
Software
Apache /
Resource Hash
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tremdaseleven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:01:41 GMT
last-modified
Tue, 12 Jul 2022 20:36:05 GMT
server
Apache
accept-ranges
bytes
content-length
1819
content-type
application/javascript
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c019fffeac15b1e50007df4726dfb478d1decf4c92bfb127903e847c60665f45

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%7CMuli%3A300%2C300italic%2C400%2C400italic%2C600%2C600italic%2C700%2C700italic%2C900%2C900italic&subset=latin%2Clatin-ext&display=swap&ver=1.0.27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tremdaseleven.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 07:52:27 GMT
x-content-type-options
nosniff
age
47355
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jan 2024 07:52:27 GMT
none.png
tremdaseleven.com/wp-content/themes/teluro//resources/images/header-shapes/
147 B
185 B
Image
General
Full URL
https://tremdaseleven.com/wp-content/themes/teluro//resources/images/header-shapes/none.png
Requested by
Host: tremdaseleven.com
URL: https://tremdaseleven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.222.105.188 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip188.ip-92-222-105.eu
Software
Apache /
Resource Hash
a016fb11437501437ec8ec22da53d8b1355e2a4acda38c132ea91cee9e62d705

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tremdaseleven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:01:41 GMT
last-modified
Sat, 17 Dec 2022 02:13:10 GMT
server
Apache
accept-ranges
bytes
content-length
147
content-type
image/png
free-business-backgrounds-business.jpg
tremdaseleven.com/wp-content/uploads/2018/12/
380 KB
381 KB
Image
General
Full URL
https://tremdaseleven.com/wp-content/uploads/2018/12/free-business-backgrounds-business.jpg
Requested by
Host: tremdaseleven.com
URL: https://tremdaseleven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.222.105.188 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip188.ip-92-222-105.eu
Software
Apache /
Resource Hash
70365ffb6359149f78f0260cad9627dd82573beda0a66ef3a3642b63babe104a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tremdaseleven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:01:42 GMT
last-modified
Tue, 12 Jul 2022 20:36:24 GMT
server
Apache
accept-ranges
bytes
content-length
389570
content-type
image/jpeg
cloud_with_file_cabinet_drawer_and_files_1600_clr_11464-business.jpg
tremdaseleven.com/wp-content/uploads/2019/01/
59 KB
59 KB
Image
General
Full URL
https://tremdaseleven.com/wp-content/uploads/2019/01/cloud_with_file_cabinet_drawer_and_files_1600_clr_11464-business.jpg
Requested by
Host: tremdaseleven.com
URL: https://tremdaseleven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.222.105.188 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip188.ip-92-222-105.eu
Software
Apache /
Resource Hash
d30cabef7d76f8cb4de3b9ea0887a7ef5efa65befb6e2e469d04bb7f65f5c337

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tremdaseleven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:01:42 GMT
last-modified
Tue, 12 Jul 2022 20:36:05 GMT
server
Apache
accept-ranges
bytes
content-length
60704
content-type
image/jpeg
business-plan-software-business.jpg
tremdaseleven.com/wp-content/uploads/2019/01/
154 KB
154 KB
Image
General
Full URL
https://tremdaseleven.com/wp-content/uploads/2019/01/business-plan-software-business.jpg
Requested by
Host: tremdaseleven.com
URL: https://tremdaseleven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.222.105.188 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip188.ip-92-222-105.eu
Software
Apache /
Resource Hash
98efbe64145cec7f94cc48c8accd256d836e2e53b1313266ec5cd4b103006556

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tremdaseleven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:01:42 GMT
last-modified
Tue, 12 Jul 2022 20:36:08 GMT
server
Apache
accept-ranges
bytes
content-length
157374
content-type
image/jpeg
pulpit-rock-norway-people-people.jpg
tremdaseleven.com/wp-content/uploads/2018/12/
254 KB
255 KB
Image
General
Full URL
https://tremdaseleven.com/wp-content/uploads/2018/12/pulpit-rock-norway-people-people.jpg
Requested by
Host: tremdaseleven.com
URL: https://tremdaseleven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.222.105.188 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip188.ip-92-222-105.eu
Software
Apache /
Resource Hash
e93aedda62a6669620fd0e452bd0d373d49dd74c0d9fc30a9a186fc4ce5e1933

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tremdaseleven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:01:42 GMT
last-modified
Tue, 12 Jul 2022 20:36:22 GMT
server
Apache
accept-ranges
bytes
content-length
260590
content-type
image/jpeg
photodune-356827-busy-entrepreneur-l-21-business-man.jpg
tremdaseleven.com/wp-content/uploads/2018/12/
162 KB
162 KB
Image
General
Full URL
https://tremdaseleven.com/wp-content/uploads/2018/12/photodune-356827-busy-entrepreneur-l-21-business-man.jpg
Requested by
Host: tremdaseleven.com
URL: https://tremdaseleven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.222.105.188 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip188.ip-92-222-105.eu
Software
Apache /
Resource Hash
c09e34974609fb349c08fdbaf87f4fae3477311e8b96e1f3702a1192b3dc19a3

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tremdaseleven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:01:43 GMT
last-modified
Tue, 12 Jul 2022 20:36:24 GMT
server
Apache
accept-ranges
bytes
content-length
166216
content-type
image/jpeg
silhouette-happy-family-day-hd-pic-1600x900-happy-family.jpg
tremdaseleven.com/wp-content/uploads/2019/01/
104 KB
104 KB
Image
General
Full URL
https://tremdaseleven.com/wp-content/uploads/2019/01/silhouette-happy-family-day-hd-pic-1600x900-happy-family.jpg
Requested by
Host: tremdaseleven.com
URL: https://tremdaseleven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.222.105.188 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip188.ip-92-222-105.eu
Software
Apache /
Resource Hash
c6fd612b36ba02b9fb5ed4e99ad75e492d46578eb4cb33b1fb981b3c0edbe380

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tremdaseleven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:01:43 GMT
last-modified
Tue, 12 Jul 2022 20:36:06 GMT
server
Apache
accept-ranges
bytes
content-length
106788
content-type
image/jpeg
business-man-2012-business-man.jpg
tremdaseleven.com/wp-content/uploads/2019/01/
139 KB
139 KB
Image
General
Full URL
https://tremdaseleven.com/wp-content/uploads/2019/01/business-man-2012-business-man.jpg
Requested by
Host: tremdaseleven.com
URL: https://tremdaseleven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.222.105.188 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip188.ip-92-222-105.eu
Software
Apache /
Resource Hash
e7508d7103db83b430a507fe785887cc644a04fbd76facb676708f15709fc64b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tremdaseleven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:01:43 GMT
last-modified
Tue, 12 Jul 2022 20:36:06 GMT
server
Apache
accept-ranges
bytes
content-length
142168
content-type
image/jpeg
iframe_api
www.youtube.com/
992 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: tremdaseleven.com
URL: https://tremdaseleven.com/wp-content/themes/teluro//resources/theme/theme.js?ver=1.0.27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.190 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f190.1e100.net
Software
ESF /
Resource Hash
bff70cc67f36c252a4a1053f3047356ca99d93d7e37ff6fc0df8ad6b33ee530c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tremdaseleven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:01:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Sat, 14 Jan 2023 21:01:43 GMT
www-widgetapi.js
www.youtube.com/s/player/4248d311/www-widgetapi.vflset/
183 KB
62 KB
Script
General
Full URL
https://www.youtube.com/s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.190 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f190.1e100.net
Software
sffe /
Resource Hash
79fd5090a5c6183320b1f33277853bae56cf68f320de8f7d68be080d2cae837c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tremdaseleven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 02:57:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
151438
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62798
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 01:15:11 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 13 Jan 2024 02:57:46 GMT
coYirc_qoSA
www.youtube.com/embed/ Frame EB3B
61 KB
26 KB
Document
General
Full URL
https://www.youtube.com/embed/coYirc_qoSA?autoplay=1&controls=0&disablekb=1&fs=0&iv_load_policy=3&loop=1&modestbranding=1&playsinline=1&rel=0&showinfo=0&mute=1&enablejsapi=1&origin=https%3A%2F%2Ftremdaseleven.com&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.190 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f190.1e100.net
Software
ESF /
Resource Hash
89da15dad3866545b2996725f35c04c237d08dc4cc0a3610491e5a4be1bbd3ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tremdaseleven.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sat, 14 Jan 2023 21:01:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
www-player.css
www.youtube.com/s/player/4248d311/ Frame EB3B
360 KB
49 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/4248d311/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/coYirc_qoSA?autoplay=1&controls=0&disablekb=1&fs=0&iv_load_policy=3&loop=1&modestbranding=1&playsinline=1&rel=0&showinfo=0&mute=1&enablejsapi=1&origin=https%3A%2F%2Ftremdaseleven.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.190 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f190.1e100.net
Software
sffe /
Resource Hash
f54503ac9ce0180c2facebd1e0c6b06e6aa8832f42d84baf377cd2fd110c98e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/embed/coYirc_qoSA?autoplay=1&controls=0&disablekb=1&fs=0&iv_load_policy=3&loop=1&modestbranding=1&playsinline=1&rel=0&showinfo=0&mute=1&enablejsapi=1&origin=https%3A%2F%2Ftremdaseleven.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 16:03:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
190701
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49911
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 01:15:11 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 12 Jan 2024 16:03:24 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EB3B
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/coYirc_qoSA?autoplay=1&controls=0&disablekb=1&fs=0&iv_load_policy=3&loop=1&modestbranding=1&playsinline=1&rel=0&showinfo=0&mute=1&enablejsapi=1&origin=https%3A%2F%2Ftremdaseleven.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 13:52:45 GMT
x-content-type-options
nosniff
age
25740
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jan 2024 13:52:45 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EB3B
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/coYirc_qoSA?autoplay=1&controls=0&disablekb=1&fs=0&iv_load_policy=3&loop=1&modestbranding=1&playsinline=1&rel=0&showinfo=0&mute=1&enablejsapi=1&origin=https%3A%2F%2Ftremdaseleven.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 23:12:16 GMT
x-content-type-options
nosniff
age
78569
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Jan 2024 23:12:16 GMT
www-embed-player.js
www.youtube.com/s/player/4248d311/www-embed-player.vflset/ Frame EB3B
342 KB
107 KB
Script
General
Full URL
https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/coYirc_qoSA?autoplay=1&controls=0&disablekb=1&fs=0&iv_load_policy=3&loop=1&modestbranding=1&playsinline=1&rel=0&showinfo=0&mute=1&enablejsapi=1&origin=https%3A%2F%2Ftremdaseleven.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.190 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f190.1e100.net
Software
sffe /
Resource Hash
a65c62d1be76bdf94ba77cc299c65eb0c831328d8aea0c2ca9c00f8e0dc90fc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/embed/coYirc_qoSA?autoplay=1&controls=0&disablekb=1&fs=0&iv_load_policy=3&loop=1&modestbranding=1&playsinline=1&rel=0&showinfo=0&mute=1&enablejsapi=1&origin=https%3A%2F%2Ftremdaseleven.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 00:46:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
72936
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109432
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 01:15:11 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 14 Jan 2024 00:46:09 GMT
base.js
www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/ Frame EB3B
2 MB
597 KB
Script
General
Full URL
https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/coYirc_qoSA?autoplay=1&controls=0&disablekb=1&fs=0&iv_load_policy=3&loop=1&modestbranding=1&playsinline=1&rel=0&showinfo=0&mute=1&enablejsapi=1&origin=https%3A%2F%2Ftremdaseleven.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.190 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f190.1e100.net
Software
sffe /
Resource Hash
f90057fc184b6c8eae37528418032d0c50678fd1ad00261808c71fbbe1cb1856
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/embed/coYirc_qoSA?autoplay=1&controls=0&disablekb=1&fs=0&iv_load_policy=3&loop=1&modestbranding=1&playsinline=1&rel=0&showinfo=0&mute=1&enablejsapi=1&origin=https%3A%2F%2Ftremdaseleven.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 01:16:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
157541
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
611243
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 01:15:11 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 13 Jan 2024 01:16:04 GMT
fetch-polyfill.js
www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/ Frame EB3B
9 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/coYirc_qoSA?autoplay=1&controls=0&disablekb=1&fs=0&iv_load_policy=3&loop=1&modestbranding=1&playsinline=1&rel=0&showinfo=0&mute=1&enablejsapi=1&origin=https%3A%2F%2Ftremdaseleven.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.190 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f190.1e100.net
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/embed/coYirc_qoSA?autoplay=1&controls=0&disablekb=1&fs=0&iv_load_policy=3&loop=1&modestbranding=1&playsinline=1&rel=0&showinfo=0&mute=1&enablejsapi=1&origin=https%3A%2F%2Ftremdaseleven.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 16:03:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
190701
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 01:15:11 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 12 Jan 2024 16:03:24 GMT
id
googleads.g.doubleclick.net/pagead/ Frame EB3B
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/coYirc_qoSA?autoplay=1&controls=0&disablekb=1&fs=0&iv_load_policy=3&loop=1&modestbranding=1&playsinline=1&rel=0&showinfo=0&mute=1&enablejsapi=1&origin=https%3A%2F%2Ftremdaseleven.com&widgetid=1
Protocol
H2
Server
172.217.194.157 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
f8fc9d093d01c3a704c32969edd354c80f785fabfe3cabb2a124df2528c6dfd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:01:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 14 Jan 2023 21:01:47 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame EB3B
29 B
587 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 21:01:25 GMT
x-content-type-options
nosniff
age
22
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 14 Jan 2023 21:16:25 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.95 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sat, 14 Jan 2023 21:01:47 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame EB3B
65 KB
30 KB
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.95 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
d21d70fd384e5eb13aaad7e7a8faca817eccbacb54b1381e02337ea8460bb2f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 14 Jan 2023 21:01:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30545
x-xss-protection
0
qoe
www.youtube.com/api/stats/ Frame EB3B
0
19 B
XHR
General
Full URL
https://www.youtube.com/api/stats/qoe?cpn=eFDKKBwqAlPm4-0W&el=embedded&ns=yt&fexp=23983296%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219381%2C24255163%2C24415864%2C24435508%2C24439360%2C24441986&cl=501313814&seq=1&event=streamingstats&docid=coYirc_qoSA&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20230111.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth::0.000:0;a6s.0&vis=0.000:0&bh=0.000:0.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.190 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f190.1e100.net
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/coYirc_qoSA?autoplay=1&controls=0&disablekb=1&fs=0&iv_load_policy=3&loop=1&modestbranding=1&playsinline=1&rel=0&showinfo=0&mute=1&enablejsapi=1&origin=https%3A%2F%2Ftremdaseleven.com&widgetid=1
X-YouTube-Client-Version
1.20230111.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgsyNDVTYjNlTEt4SSi4sIyeBg%3D%3D
X-YouTube-Ad-Signals
dt=1673730106559&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C1080&vis=1&wgl=true&ca_type=image

Response headers

pragma
no-cache
date
Sat, 14 Jan 2023 21:01:46 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
embed.js
www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/ Frame EB3B
26 KB
8 KB
Script
General
Full URL
https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.190 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f190.1e100.net
Software
sffe /
Resource Hash
39bfedc970a003d6ec90bcf8544220ad285c773d9b07d08b9233ea28d72f406d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/embed/coYirc_qoSA?autoplay=1&controls=0&disablekb=1&fs=0&iv_load_policy=3&loop=1&modestbranding=1&playsinline=1&rel=0&showinfo=0&mute=1&enablejsapi=1&origin=https%3A%2F%2Ftremdaseleven.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 16:11:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
190245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8333
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 01:15:11 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 12 Jan 2024 16:11:02 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame EB3B
0
0

GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
jnn-pa.googleapis.com
URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Domain
jnn-pa.googleapis.com
URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange object| _wpemojiSettings undefined| $ function| jQuery object| teluroFrontendData object| swv object| wpcf7 function| addResizeListener function| removeResizeListener object| __core-js_shared__ function| Colibri function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| twemoji object| wp object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| yt1

3 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: r20sqY6B4k8
.youtube.com/ Name: DEVICE_INFO
Value: ChxOekU0T0RZeE5qQTFOVEE1T1RVNE1qUXhNZz09ELewjJ4GGLewjJ4G
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 245Sb3eLKxI

2 Console Messages

Source Level URL
Text
other warning URL: https://www.youtube.com/s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js(Line 1112)
Message:
Unrecognized feature: 'web-share'.
security error URL: https://www.youtube.com/s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js(Line 1119)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://tremdaseleven.com').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
jnn-pa.googleapis.com
static.doubleclick.net
tremdaseleven.com
www.youtube.com
jnn-pa.googleapis.com
142.250.4.94
142.251.12.149
172.217.194.157
172.217.194.190
172.217.194.95
74.125.24.95
92.222.105.188
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
050911cb6d3880ea373bc5f7a22b4c50a4e1a1cf6ba38c885eee7a3bac854414
1e217d81311b2d0a6d84b117141356a405ab8da5395167b2b3004dd7a5a6aa21
23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228
33edd670871b8f661e1866d7d82d51df24587207deb300043ec8a67e3397b49b
39bfedc970a003d6ec90bcf8544220ad285c773d9b07d08b9233ea28d72f406d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4471f0e0712693e37d562bb4981a7da17248062fc39140f3df05826943879fb7
4964d584f49f0ae58c2f96eaf71bfa330c19aca9617c9e7ac5c8c2211cd8833f
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
50832ea78f43678a8aec1f11c5a0177e70050e6ff2367c200aa52bd8b1a3c2c0
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
70365ffb6359149f78f0260cad9627dd82573beda0a66ef3a3642b63babe104a
79fd5090a5c6183320b1f33277853bae56cf68f320de8f7d68be080d2cae837c
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
89da15dad3866545b2996725f35c04c237d08dc4cc0a3610491e5a4be1bbd3ba
94c886fee4ea35957d5e8a289a8059be7d3ca058617bbda38bbd0d5554d4d6d6
98efbe64145cec7f94cc48c8accd256d836e2e53b1313266ec5cd4b103006556
9a38595d63dfae35b88183515b69f8b742128b564b9ea4dbd79908c3aa73921a
a016fb11437501437ec8ec22da53d8b1355e2a4acda38c132ea91cee9e62d705
a65c62d1be76bdf94ba77cc299c65eb0c831328d8aea0c2ca9c00f8e0dc90fc9
bff70cc67f36c252a4a1053f3047356ca99d93d7e37ff6fc0df8ad6b33ee530c
c019fffeac15b1e50007df4726dfb478d1decf4c92bfb127903e847c60665f45
c09e34974609fb349c08fdbaf87f4fae3477311e8b96e1f3702a1192b3dc19a3
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c6fd612b36ba02b9fb5ed4e99ad75e492d46578eb4cb33b1fb981b3c0edbe380
c9efab02b803b99d5d2167d528c9f48a09e5aee17f8de0200aa45cbbbb911d5c
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d21d70fd384e5eb13aaad7e7a8faca817eccbacb54b1381e02337ea8460bb2f5
d30cabef7d76f8cb4de3b9ea0887a7ef5efa65befb6e2e469d04bb7f65f5c337
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7508d7103db83b430a507fe785887cc644a04fbd76facb676708f15709fc64b
e93aedda62a6669620fd0e452bd0d373d49dd74c0d9fc30a9a186fc4ce5e1933
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f54503ac9ce0180c2facebd1e0c6b06e6aa8832f42d84baf377cd2fd110c98e0
f84293668b02b8c83c20c5c2cf51f8a5a64ac5a15d34be26c85382496b107700
f8fc9d093d01c3a704c32969edd354c80f785fabfe3cabb2a124df2528c6dfd5
f90057fc184b6c8eae37528418032d0c50678fd1ad00261808c71fbbe1cb1856
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869