urlscan.io logo urlscan.io
SecurityTrails logo

www.savingdarcy.com Open in urlscan Pro
52.18.127.138  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://brain-tree.ch/
Effective URL: https://www.savingdarcy.com/
Submission: On December 16 via api from CH — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 13 domains to perform 39 HTTP transactions. The main IP is 52.18.127.138, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.savingdarcy.com.
TLS certificate: Issued by R3 on December 2nd 2023. Valid for: 3 months.
This is the only time www.savingdarcy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    52.18.248.36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-248-36.eu-west-1.compute.amazonaws.com
brain-tree.ch
1    52.18.127.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-127-138.eu-west-1.compute.amazonaws.com
www.savingdarcy.com
5    151.101.130.2 (United States)

ASN54113 (FASTLY, US)
assets.jimstatic.com
u.jimcdn.com
6    151.101.2.2 (United States)

ASN54113 (FASTLY, US)
image.jimcdn.com
1    2001:8d8:100f:f000::279 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
c.andyhoppe.com
4    2606:4700:4400::6812:2926 (United States)

ASN13335 (CLOUDFLARENET, US)
fonts.jimstatic.com
8    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube-nocookie.com
1    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:829::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    54.72.164.245 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-164-245.eu-west-1.compute.amazonaws.com
a.jimdo.com
Apex Domain
Subdomains		 Transfer
8 youtube-nocookie.com
www.youtube-nocookie.com — Cisco Umbrella Rank: 3263
1002 KB
8 jimstatic.com
assets.jimstatic.com — Cisco Umbrella Rank: 89381
fonts.jimstatic.com — Cisco Umbrella Rank: 82700
336 KB
7 jimcdn.com
u.jimcdn.com — Cisco Umbrella Rank: 90112
image.jimcdn.com — Cisco Umbrella Rank: 69228
289 KB
4 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 203
40 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
48 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
ssl.google-analytics.com — Cisco Umbrella Rank: 587
17 KB
1 jimdo.com
a.jimdo.com — Cisco Umbrella Rank: 91633
312 B
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 226
5 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 89
28 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
20 KB
1 andyhoppe.com
c.andyhoppe.com
2 KB
1 savingdarcy.com
www.savingdarcy.com
9 KB
1 brain-tree.ch
brain-tree.ch
341 B
39 13
Domain Requested by
8 www.youtube-nocookie.com www.savingdarcy.com
www.youtube-nocookie.com
6 image.jimcdn.com www.savingdarcy.com
4 jnn-pa.googleapis.com www.youtube-nocookie.com
4 fonts.jimstatic.com u.jimcdn.com
fonts.jimstatic.com
4 assets.jimstatic.com www.savingdarcy.com
2 www.gstatic.com www.youtube-nocookie.com
www.gstatic.com
2 fonts.gstatic.com www.youtube-nocookie.com
1 a.jimdo.com assets.jimstatic.com
1 yt3.ggpht.com www.youtube-nocookie.com
1 i.ytimg.com www.youtube-nocookie.com
1 www.google.com www.youtube-nocookie.com
1 ssl.google-analytics.com www.savingdarcy.com
1 www.google-analytics.com www.savingdarcy.com
1 c.andyhoppe.com www.savingdarcy.com
1 u.jimcdn.com www.savingdarcy.com
1 www.savingdarcy.com
1 brain-tree.ch 1 redirects
39 17

This site contains links to these domains. Also see Links.

Domain
www.andyhoppe.com
cms.e.jimdo.com
a.jimdo.com
Subject Issuer Validity Valid
www.savingdarcy.com
R3		 2023-12-02 -
2024-03-01		 3 months crt.sh
*.jimstatic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-01 -
2024-09-01		 a year crt.sh
*.jimcdn.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-01 -
2024-09-01		 a year crt.sh
*.andyhoppe.com
Encryption Everywhere DV TLS CA - G2		 2023-05-08 -
2024-05-22		 a year crt.sh
fonts.jimstatic.com
E1		 2023-11-25 -
2024-02-23		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
prod.jimdo.systems
Amazon RSA 2048 M02		 2023-12-05 -
2025-01-03		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.savingdarcy.com/
Frame ID: B445A36C51FA9D17402BFADE3F5C2997
Requests: 20 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/k5oE_itjOQs?wmode=transparent&vq=hd1080
Frame ID: EB69C33622BE3B129656EA9A9623CF90
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BANDBIO - savingdarcys Webseite!

Page URL History Show full URLs

  1. https://brain-tree.ch/ HTTP 301
    https://www.savingdarcy.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

39
Requests

100 %
HTTPS

69 %
IPv6

13
Domains

17
Subdomains

16
IPs

3
Countries

1798 kB
Transfer

5017 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://brain-tree.ch/ HTTP 301
    https://www.savingdarcy.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.savingdarcy.com/
Redirect Chain
  • https://brain-tree.ch/
  • https://www.savingdarcy.com/
32 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.savingdarcy.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.18.127.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-127-138.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
560a41643c0db1c408fdedc038286525ebbde681c22e3934cd5cf82933c22332
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9
referer
https://www.google.ch/

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 16 Dec 2023 00:38:13 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=604800
x-jimdo-instance
i-0d61458b7fd66db64
x-jimdo-wid
s3108dfce7ab2bc97

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Sat, 16 Dec 2023 00:38:12 GMT
Server
nginx
Transfer-Encoding
chunked
cache-control
no-cache, no-store, must-revalidate
location
https://www.savingdarcy.com/
x-jimdo-instance
i-0df0541af2e378e26
x-jimdo-wid
s3108dfce7ab2bc97
ckies.js.0ebea1f10bb1204e4882.js
assets.jimstatic.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.jimstatic.com/ckies.js.0ebea1f10bb1204e4882.js
Requested by
Host: www.savingdarcy.com
URL: https://www.savingdarcy.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b7133bda5818238d4560f512e65a9002839f8f27d2a78e8bd7be78c1f0e61709

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by
cache-lcy-eglc8600069-LCY, cache-mxp6979-MXP
date
Sat, 16 Dec 2023 00:38:13 GMT
content-encoding
br
age
7845788
x-timer
S1702687094.677774,VS0,VE0
etag
"a6a3f25c925f854fceca26596196e034"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
HIT, HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
934
x-cache-hits
23, 2688
cookieControl.js.19a3c1397bfcee31bfb4.js
assets.jimstatic.com/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.jimstatic.com/cookieControl.js.19a3c1397bfcee31bfb4.js
Requested by
Host: www.savingdarcy.com
URL: https://www.savingdarcy.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5678c2f1f48b05eed423454ef3a502ccaa7d97b79d6415c51f0c2b496cc74b1a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by
cache-lcy-eglc8600079-LCY, cache-mxp6979-MXP
date
Sat, 16 Dec 2023 00:38:13 GMT
content-encoding
br
age
7845791
x-timer
S1702687094.677957,VS0,VE0
etag
"96ea391b1e900a2c0c8b4a33e923c9af"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
MISS, HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
8970
x-cache-hits
0, 2722
layout.css
u.jimcdn.com/cms/o/s3108dfce7ab2bc97/layout/dm_d00412ba6e47ed8139b348df625fbb0f/css/ 		41 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://u.jimcdn.com/cms/o/s3108dfce7ab2bc97/layout/dm_d00412ba6e47ed8139b348df625fbb0f/css/layout.css?t=1526995014
Requested by
Host: www.savingdarcy.com
URL: https://www.savingdarcy.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d548f43a9186cd0bfc556705e7f76f542d4a56384dcc16dae4b14d2db36ecc12
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by
cache-mxp6982-MXP
date
Sat, 16 Dec 2023 00:38:13 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-timer
S1702687094.679694,VS0,VE186
x-frame-options
SAMEORIGIN
x-cache
MISS
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=691200
vary
Accept-Encoding
accept-ranges
bytes
content-length
6436
x-cache-hits
0
web.css.6171c4a35b361b9030cb24d6de8164b8.css
assets.jimstatic.com/ 		228 KB
62 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.jimstatic.com/web.css.6171c4a35b361b9030cb24d6de8164b8.css
Requested by
Host: www.savingdarcy.com
URL: https://www.savingdarcy.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1cf1a445873e559c98a3a1b4bd4911017a97c5f058adba615f939fc9a4eef9a3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by
cache-lcy-eglc8600054-LCY, cache-mxp6979-MXP
date
Sat, 16 Dec 2023 00:38:13 GMT
content-encoding
br
age
9213999
x-timer
S1702687094.677808,VS0,VE0
etag
"cb1792b26d8bd6489d53a4e4b4677877"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
HIT, HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
63095
x-cache-hits
1, 2085
web.js.30196931e46e05701bed.js
assets.jimstatic.com/ 		696 KB
230 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.jimstatic.com/web.js.30196931e46e05701bed.js
Requested by
Host: www.savingdarcy.com
URL: https://www.savingdarcy.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c8278dfaa34997f4d5b9bb5d02347d688e8d7f7760fae6afaf278d704e6f3ab

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
MDifn36T9OAxy62mM7JSeirn1hgeqwly
content-encoding
br
date
Sat, 16 Dec 2023 00:38:14 GMT
age
171243
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
235578
x-served-by
cache-lcy-eglc8600076-LCY, cache-mxp6979-MXP
x-timer
S1702687094.079960,VS0,VE1
etag
"9cee83113d63de086aa8a6b684dd976c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
300814, 1
image.jpg
image.jimcdn.com/app/cms/image/transf/dimension=910x10000:format=jpg/path/s3108dfce7ab2bc97/image/i8a1257f890bdb897/version/1687675814/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/dimension=910x10000:format=jpg/path/s3108dfce7ab2bc97/image/i8a1257f890bdb897/version/1687675814/image.jpg
Requested by
Host: www.savingdarcy.com
URL: https://www.savingdarcy.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ed6c2a62ccc716d9e16b88e4d426ea56ac8d18bda4004708ae8dfe1d8ffa95a9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits
1, 0
strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish, 1.1 varnish
date
Sat, 16 Dec 2023 00:38:13 GMT
age
843218
x-cache
HIT, MISS
fastly-restarts
1
content-length
70751
x-served-by
cache-lcy-eglc8600030-LCY, cache-mxp6937-MXP
x-timer
S1702687094.679149,VS0,VE42
etag
"3a305a6f0fcb7806b9f0adbb87300e046ac17292"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400,public
accept-ranges
bytes
expires
Wed, 03 Jan 2024 07:19:37 GMT
1476451642
c.andyhoppe.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.andyhoppe.com/1476451642
Requested by
Host: www.savingdarcy.com
URL: https://www.savingdarcy.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::279 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
2261c6d6d350062bddc99e67ebaa235e7360771b07fc7a1f5680e6ff1834dc3c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 16 Dec 2023 00:38:13 GMT
cache-control
no-cache, no-store, must-revalidate
server
Apache
expires
0
image.jpg
image.jimcdn.com/app/cms/image/transf/none/path/s3108dfce7ab2bc97/image/i0c2d79cb73350871/version/1669155525/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/none/path/s3108dfce7ab2bc97/image/i0c2d79cb73350871/version/1669155525/image.jpg
Requested by
Host: www.savingdarcy.com
URL: https://www.savingdarcy.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d8d8e24aad3811720698bba6e1aed4de7117bb9136f2afa6d26d37b2e73d6470

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Wed, 13 Dec 2023 21:06:52 GMT
x-amz-version-id
tLmrAQzIQxGGsJkxEk5P.OLOWJ_GmAub
via
1.1 varnish, 1.1 varnish
date
Sat, 16 Dec 2023 00:38:13 GMT
x-amz-request-id
CNW76Q9W29DJ0NV3
age
0
x-cache
MISS, HIT
content-disposition
inline; filename*=UTF-8''1669155525.jpg
fastly-restarts
1
x-amz-id-2
/dyeQOF/+TzvMF0omxnFlumbtqZDf5CWs7CgR8ioQVS8EtuXWus1DC2o6OzO+V4qTgjENVba6U0=
x-served-by
cache-lcy-eglc8600063-LCY, cache-mxp6937-MXP
content-length
61773
last-modified
Tue, 22 Nov 2022 22:18:35 GMT
server
AmazonS3
x-timer
S1702687094.761429,VS0,VE166
etag
"94f22b0789e449db30216ee52051a067"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
0, 1
image.jpg
image.jimcdn.com/app/cms/image/transf/dimension=438x1024:format=jpg/path/s3108dfce7ab2bc97/image/i5724e8e1bfbec3a1/version/1572825682/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/dimension=438x1024:format=jpg/path/s3108dfce7ab2bc97/image/i5724e8e1bfbec3a1/version/1572825682/image.jpg
Requested by
Host: www.savingdarcy.com
URL: https://www.savingdarcy.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
81fa38fdfbf4525f81d45ced0720fe2178e6f57ba7f38eb96a0bd387100ad31e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits
1, 0
strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish, 1.1 varnish
date
Sat, 16 Dec 2023 00:38:13 GMT
age
0
x-cache
HIT, MISS
fastly-restarts
1
content-length
24441
x-served-by
cache-lcy-eglc8600067-LCY, cache-mxp6937-MXP
x-timer
S1702687094.789843,VS0,VE124
etag
"8ec8d917d83effec376d2a813bd5c66fd3dfc396"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400,public
accept-ranges
bytes
expires
Fri, 22 Dec 2023 08:50:22 GMT
image.jpg
image.jimcdn.com/app/cms/image/transf/dimension=443x1024:format=jpg/path/s3108dfce7ab2bc97/image/i709e1bf038221a15/version/1574728059/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/dimension=443x1024:format=jpg/path/s3108dfce7ab2bc97/image/i709e1bf038221a15/version/1574728059/image.jpg
Requested by
Host: www.savingdarcy.com
URL: https://www.savingdarcy.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
36ba015c73c493f95038d209199e999bfc487c1c5476e88c205693ba637a33a8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits
0, 0
strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish, 1.1 varnish
date
Sat, 16 Dec 2023 00:38:14 GMT
age
0
x-cache
MISS, MISS
fastly-restarts
1
content-length
73631
x-served-by
cache-lcy-eglc8600038-LCY, cache-mxp6937-MXP
x-timer
S1702687094.933968,VS0,VE220
etag
"528b639646f12c94e63e85cf307a85f417ba5798"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400,public
accept-ranges
bytes
expires
Tue, 16 Jan 2024 00:38:14 GMT
image.jpg
image.jimcdn.com/app/cms/image/transf/dimension=443x1024:format=jpg/path/s3108dfce7ab2bc97/image/i4f733dea20d2a6d3/version/1574728030/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/dimension=443x1024:format=jpg/path/s3108dfce7ab2bc97/image/i4f733dea20d2a6d3/version/1574728030/image.jpg
Requested by
Host: www.savingdarcy.com
URL: https://www.savingdarcy.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4156d3f8fc6363dcb8f779e31e63b4f4d4e6aa26626c2995df65ae68bc356a2f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits
0, 0
strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish, 1.1 varnish
date
Sat, 16 Dec 2023 00:38:14 GMT
age
0
x-cache
MISS, MISS
fastly-restarts
1
content-length
12742
x-served-by
cache-lcy-eglc8600057-LCY, cache-mxp6937-MXP
x-timer
S1702687094.086795,VS0,VE130
etag
"72f3f9e3db6f371eb7d8a436f5f7e47ca31822c9"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400,public
accept-ranges
bytes
expires
Tue, 16 Jan 2024 00:38:14 GMT
image.jpg
image.jimcdn.com/app/cms/image/transf/dimension=443x1024:format=jpg/path/s3108dfce7ab2bc97/image/i26792e91b95ff396/version/1574727978/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/dimension=443x1024:format=jpg/path/s3108dfce7ab2bc97/image/i26792e91b95ff396/version/1574727978/image.jpg
Requested by
Host: www.savingdarcy.com
URL: https://www.savingdarcy.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
98dcd00c420a73e36a2356a3359c97ed3725d3874fc839621d55c19f14929ed8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits
0, 0
strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish, 1.1 varnish
date
Sat, 16 Dec 2023 00:38:14 GMT
age
0
x-cache
MISS, MISS
fastly-restarts
1
content-length
44506
x-served-by
cache-lcy-eglc8600044-LCY, cache-mxp6937-MXP
x-timer
S1702687094.086915,VS0,VE189
etag
"6734fc8b00cabbf019379c614908684ac357b09f"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400,public
accept-ranges
bytes
expires
Tue, 16 Jan 2024 00:38:14 GMT
css
fonts.jimstatic.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.jimstatic.com/css?family=Roboto:400,400italic,700,700italic|Amatic+SC:700
Requested by
Host: u.jimcdn.com
URL: https://u.jimcdn.com/cms/o/s3108dfce7ab2bc97/layout/dm_d00412ba6e47ed8139b348df625fbb0f/css/layout.css?t=1526995014
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2926 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78134e96d1ba0c2f06309a272cc3e4e5e8923e9bb9f1b00e33fab91afcdcf099
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 00:38:13 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1450839
cf-polished
origSize=10267
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
cf-bgj
minify
last-modified
Tue, 28 Nov 2023 04:34:49 GMT
cross-origin-opener-policy
same-origin-allow-popups
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=86400
timing-allow-origin
*
cf-ray
8362dcc129d5233d-ZRH
expires
Tue, 28 Nov 2023 04:34:49 GMT
css
fonts.jimstatic.com/ 		5 KB
863 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.jimstatic.com/css?family=Roboto%3Aregular%7CAmatic%20SC%3Aregular%7CAmatic%20SC%3Aregular%7CAmatic%20SC%3Aregular%7CRoboto%3Aregular%7CAmatic%20SC%3Aregular%7CAmatic%20SC%3Aregular%7CAmatic%20SC%3Aregular%7CRoboto%3Aregular%7CRoboto%3Aregular%7CPT%20Mono%3Aregular%7CAmatic%20SC%3Aregular%7CAmatic%20SC%3Aregular%7CAmatic%20SC%3Aregular&subset=latin
Requested by
Host: u.jimcdn.com
URL: https://u.jimcdn.com/cms/o/s3108dfce7ab2bc97/layout/dm_d00412ba6e47ed8139b348df625fbb0f/css/layout.css?t=1526995014
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2926 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30c031119fb205a5fdcaaa246c0339b61cb90fe384f1aa003be2f1a8284877de
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 00:38:14 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
last-modified
Sat, 16 Dec 2023 00:38:14 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=86400
timing-allow-origin
*
cf-ray
8362dcc129db233d-ZRH
expires
Sat, 16 Dec 2023 00:38:14 GMT
k5oE_itjOQs
www.youtube-nocookie.com/embed/ Frame EB69 		90 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/k5oE_itjOQs?wmode=transparent&vq=hd1080
Requested by
Host: www.savingdarcy.com
URL: https://www.savingdarcy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
360f27472bda5280e0776ae0fc5cafc2fa3adb62d04da721f0f6300dbe5a689f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.savingdarcy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9
referer
https://www.google.ch/

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy-report-only
base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'report-sample' 'nonce-6DNvl-Nc2k6NOma76QExkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Sat, 16 Dec 2023 00:38:14 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmDnk0SIEsH4Bi0uvITor+113VdZiHamGsT0EG6UHXgEXROwfKYSeE1NWAqwKRr6CFPJ/xqXmMgs+r58fAMEMQgAAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
ga.js
www.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: www.savingdarcy.com
URL: https://www.savingdarcy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 15 Dec 2023 22:47:07 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6667
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Sat, 16 Dec 2023 00:47:07 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.jimstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.jimstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.jimstatic.com
URL: https://fonts.jimstatic.com/css?family=Roboto:400,400italic,700,700italic|Amatic+SC:700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2926 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.ch/
Origin
https://www.savingdarcy.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 00:38:14 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
MISS
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8362dcc24a352373-ZRH
expires
Thu, 12 Dec 2024 23:16:25 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.jimstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.jimstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.jimstatic.com
URL: https://fonts.jimstatic.com/css?family=Roboto:400,400italic,700,700italic|Amatic+SC:700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2926 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.ch/
Origin
https://www.savingdarcy.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 00:38:14 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
MISS
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8362dcc24a3a2373-ZRH
expires
Thu, 12 Dec 2024 23:21:10 GMT
__utm.gif
ssl.google-analytics.com/r/ 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=705320627&utmhn=www.savingdarcy.com&utme=8(websiteid)9(s3108dfce7ab2bc97)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=BANDBIO%20-%20savingdarcys%20Webseite!&utmhid=1664196778&utmr=-&utmp=%2F&utmht=1702687094168&utmac=UA-24230418-114&utmcc=__utma%3D29829309.1151571877.1702687094.1702687094.1702687094.1%3B%2B__utmz%3D29829309.1702687094.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=278037864&utmredir=1&utmu=qxQgAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.savingdarcy.com
URL: https://www.savingdarcy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 00:38:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-player.css
www.youtube-nocookie.com/s/player/d23221b6/ Frame EB69 		366 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/d23221b6/www-player.css
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/k5oE_itjOQs?wmode=transparent&vq=hd1080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee11928e9a31b92c22b88f0c49dae1f791043fe071dacf46b848efe85254c003
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 08:33:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
230685
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48218
x-xss-protection
0
last-modified
Wed, 13 Dec 2023 02:47:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 12 Dec 2024 08:33:29 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EB69 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/k5oE_itjOQs?wmode=transparent&vq=hd1080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.ch/
Origin
https://www.youtube-nocookie.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 23:26:56 GMT
x-content-type-options
nosniff
age
90678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:26:56 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EB69 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/k5oE_itjOQs?wmode=transparent&vq=hd1080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.ch/
Origin
https://www.youtube-nocookie.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 21:01:27 GMT
x-content-type-options
nosniff
age
185807
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Dec 2024 21:01:27 GMT
embed.js
www.youtube-nocookie.com/s/player/d23221b6/player_ias.vflset/de_DE/ Frame EB69 		53 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/d23221b6/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/k5oE_itjOQs?wmode=transparent&vq=hd1080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c9f933d72a7bd02697d7107a9f1ab3d66cba302fc93adb24b1d826f44a99e45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 08:33:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
230685
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16708
x-xss-protection
0
last-modified
Wed, 13 Dec 2023 02:47:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 12 Dec 2024 08:33:29 GMT
www-embed-player.js
www.youtube-nocookie.com/s/player/d23221b6/www-embed-player.vflset/ Frame EB69 		322 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/d23221b6/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/k5oE_itjOQs?wmode=transparent&vq=hd1080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c71106628b235959659a80caca8df6f9e8dfc9eac825605e79d2738726f287d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 08:33:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
230685
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98540
x-xss-protection
0
last-modified
Wed, 13 Dec 2023 02:47:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 12 Dec 2024 08:33:29 GMT
base.js
www.youtube-nocookie.com/s/player/d23221b6/player_ias.vflset/de_DE/ Frame EB69 		2 MB
769 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/d23221b6/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/k5oE_itjOQs?wmode=transparent&vq=hd1080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c31daae8b67df28286a285cba84cafe86ff3d2a9043bb26deb93d41156de489
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 08:33:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
230685
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
787370
x-xss-protection
0
last-modified
Wed, 13 Dec 2023 02:47:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 12 Dec 2024 08:33:29 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube-nocookie.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube-nocookie.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 16 Dec 2023 00:38:14 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame EB69 		87 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d23221b6/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c1c6865cbfb4e61a5f71ec705ccd784416aade776f08b84941b8cc1e710f97fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.google.ch/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 16 Dec 2023 00:38:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube-nocookie.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40876
x-xss-protection
0
remote.js
www.youtube-nocookie.com/s/player/d23221b6/player_ias.vflset/de_DE/ Frame EB69 		116 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/d23221b6/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d23221b6/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
078dbb8063078fcfb604273fdd6bad45d01b09af15fc3bc125b4df5cce8db33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 08:37:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
230424
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33731
x-xss-protection
0
last-modified
Wed, 13 Dec 2023 02:47:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 12 Dec 2024 08:37:50 GMT
sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js
www.google.com/js/th/ Frame EB69 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d23221b6/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0bc7aaac454e3a1847b40f762ac1ec96715d1e7f3d5ff43c43424b8453163e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 21:18:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
98411
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19840
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 13 Dec 2024 21:18:03 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/k5oE_itjOQs/ Frame EB69 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/k5oE_itjOQs/maxresdefault.webp
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/k5oE_itjOQs?wmode=transparent&vq=hd1080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
38d6aadf05feeb7370c5d1e7c1d106678bce9401a0b3bcb111e3f1d1442a8c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 00:38:14 GMT
x-content-type-options
nosniff
server
sffe
etag
"1660042766"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28584
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 16 Dec 2023 02:38:14 GMT
truncated
/ Frame EB69 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
AIf8zZT6CiySAP4OwEqLIz13gv6R7PHkuCrtJHDm02oU=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame EB69 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AIf8zZT6CiySAP4OwEqLIz13gv6R7PHkuCrtJHDm02oU=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/k5oE_itjOQs?wmode=transparent&vq=hd1080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
52836c5956b55138162dc4db8a797af28ad79f2bd849cbaba221e52f7a9d5991
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 00:38:15 GMT
x-content-type-options
nosniff
server
fife
etag
"v2e"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4460
x-xss-protection
0
expires
Sun, 17 Dec 2023 00:38:15 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame EB69 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d23221b6/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 00:38:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 16 Dec 2023 00:38:14 GMT
generate_204
www.youtube-nocookie.com/ Frame EB69 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube-nocookie.com/generate_204?p-zFaA
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/k5oE_itjOQs?wmode=transparent&vq=hd1080
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 00:38:14 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/120/ Frame EB69 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/120/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:32:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21951
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 15:04:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sat, 16 Dec 2023 18:32:23 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube-nocookie.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube-nocookie.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 16 Dec 2023 00:38:14 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame EB69 		90 B
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d23221b6/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c6c62404ad0a800f54c0ac3590fb2829fd84e0a18bad665975edabde60c8cd0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.google.ch/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 16 Dec 2023 00:38:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube-nocookie.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
loginstate
a.jimdo.com/app/web/ 		64 B
312 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.jimdo.com/app/web/loginstate?callback=jQuery112009284408775270678_1702687094134&owi=s3108dfce7ab2bc97&_=1702687094135
Requested by
Host: assets.jimstatic.com
URL: https://assets.jimstatic.com/web.js.30196931e46e05701bed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.164.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-164-245.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
29a4f00d9cfe198e237416beee53a535351e305ca148397b98e17a8561b1d30e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 00:38:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains
Content-Encoding
br
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
log_event
www.youtube-nocookie.com/youtubei/v1/ Frame EB69 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d23221b6/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
X-Goog-Request-Time
1702687096453
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.google.ch/
X-YouTube-Client-Version
1.20231212.01.00
X-YouTube-Time-Zone
Europe/Zurich
X-Goog-Visitor-Id
CgtrNzZZa2xFN25vTSj24vOrBjIKCgJDSBIEGgAgYA%3D%3D
X-YouTube-Ad-Signals
dt=1702687094306&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C910%2C512&vis=1&wgl=true&ca_type=image

Response headers

date
Sat, 16 Dec 2023 00:38:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Sat, 16 Dec 2023 00:38:16 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| ckies object| __core-js_shared__ object| CookieControlSet object| CookieControl function| loadCss function| loadCSS function| onloadCSS object| jimdoData object| __regModuleBuffer function| regModule object| _gaq function| loadJimdoWebJsonp object| picturefillCFG function| picturefill function| jimdoGen002 object| Mustache object| Modernizr object| _jimBlob function| _jmdlg object| jQuery112009284408775270678 object| ModalWindow function| changeCaptcha object| ModernizrVideo function| _ function| $f function| Froogaloop function| _onLoadGooglePlus object| jsonCallback string| PAYMILL_PUBLIC_KEY object| _jimDoge function| setSrcSetImgWidth function| gaOptOut object| _gat object| gaGlobal

9 Cookies

Domain/Path Name / Value
.savingdarcy.com/ Name: __utma
Value: 29829309.1151571877.1702687094.1702687094.1702687094.1
.savingdarcy.com/ Name: __utmb
Value: 29829309.0.10.1702687094
.savingdarcy.com/ Name: __utmc
Value: 29829309
.savingdarcy.com/ Name: __utmz
Value: 29829309.1702687094.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
www.savingdarcy.com/ Name: __utmt_b
Value: 1
www.savingdarcy.com/ Name: __utma
Value: 29829309.1151571877.1702687094.1702687094.1702687094.1
www.savingdarcy.com/ Name: __utmb
Value: 29829309.1.10.1702687094
www.savingdarcy.com/ Name: __utmc
Value: 29829309
www.savingdarcy.com/ Name: __utmz
Value: 29829309.1702687094.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

2 Console Messages

Source Level URL
Text
security warning URL: https://www.savingdarcy.com/
Message:
Mixed Content: The page at 'https://www.savingdarcy.com/' was loaded over HTTPS, but requested an insecure element 'http://c.andyhoppe.com/1476451642'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.savingdarcy.com/(Line 180)
Message:
Mixed Content: The page at 'https://www.savingdarcy.com/' was loaded over HTTPS, but requested an insecure element 'http://c.andyhoppe.com/1476451642'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=604800

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.jimdo.com
assets.jimstatic.com
brain-tree.ch
c.andyhoppe.com
fonts.gstatic.com
fonts.jimstatic.com
i.ytimg.com
image.jimcdn.com
jnn-pa.googleapis.com
ssl.google-analytics.com
u.jimcdn.com
www.google-analytics.com
www.google.com
www.gstatic.com
www.savingdarcy.com
www.youtube-nocookie.com
yt3.ggpht.com
151.101.130.2
151.101.2.2
2001:8d8:100f:f000::279
2606:4700:4400::6812:2926
2a00:1450:4001:806::2008
2a00:1450:4001:810::2004
2a00:1450:4001:813::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:827::200e
2a00:1450:4001:829::2016
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
52.18.127.138
52.18.248.36
54.72.164.245
078dbb8063078fcfb604273fdd6bad45d01b09af15fc3bc125b4df5cce8db33b
0c71106628b235959659a80caca8df6f9e8dfc9eac825605e79d2738726f287d
0c8278dfaa34997f4d5b9bb5d02347d688e8d7f7760fae6afaf278d704e6f3ab
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1cf1a445873e559c98a3a1b4bd4911017a97c5f058adba615f939fc9a4eef9a3
2261c6d6d350062bddc99e67ebaa235e7360771b07fc7a1f5680e6ff1834dc3c
29a4f00d9cfe198e237416beee53a535351e305ca148397b98e17a8561b1d30e
2c31daae8b67df28286a285cba84cafe86ff3d2a9043bb26deb93d41156de489
30c031119fb205a5fdcaaa246c0339b61cb90fe384f1aa003be2f1a8284877de
360f27472bda5280e0776ae0fc5cafc2fa3adb62d04da721f0f6300dbe5a689f
36ba015c73c493f95038d209199e999bfc487c1c5476e88c205693ba637a33a8
38d6aadf05feeb7370c5d1e7c1d106678bce9401a0b3bcb111e3f1d1442a8c54
3c9f933d72a7bd02697d7107a9f1ab3d66cba302fc93adb24b1d826f44a99e45
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4156d3f8fc6363dcb8f779e31e63b4f4d4e6aa26626c2995df65ae68bc356a2f
52836c5956b55138162dc4db8a797af28ad79f2bd849cbaba221e52f7a9d5991
560a41643c0db1c408fdedc038286525ebbde681c22e3934cd5cf82933c22332
5678c2f1f48b05eed423454ef3a502ccaa7d97b79d6415c51f0c2b496cc74b1a
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
78134e96d1ba0c2f06309a272cc3e4e5e8923e9bb9f1b00e33fab91afcdcf099
81fa38fdfbf4525f81d45ced0720fe2178e6f57ba7f38eb96a0bd387100ad31e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
98dcd00c420a73e36a2356a3359c97ed3725d3874fc839621d55c19f14929ed8
b0bc7aaac454e3a1847b40f762ac1ec96715d1e7f3d5ff43c43424b8453163e7
b7133bda5818238d4560f512e65a9002839f8f27d2a78e8bd7be78c1f0e61709
c1c6865cbfb4e61a5f71ec705ccd784416aade776f08b84941b8cc1e710f97fe
c6c62404ad0a800f54c0ac3590fb2829fd84e0a18bad665975edabde60c8cd0b
d548f43a9186cd0bfc556705e7f76f542d4a56384dcc16dae4b14d2db36ecc12
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8d8e24aad3811720698bba6e1aed4de7117bb9136f2afa6d26d37b2e73d6470
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed6c2a62ccc716d9e16b88e4d426ea56ac8d18bda4004708ae8dfe1d8ffa95a9
ee11928e9a31b92c22b88f0c49dae1f791043fe071dacf46b848efe85254c003
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615