moneyheist5.ml Open in urlscan Pro
185.199.110.153 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.moneyheist5.ml/
Effective URL:
https://moneyheist5.ml/
Submission: On December 02 via automatic, source certstream-suspicious (December 2nd 2021, 6:15:38 am UTC) — Scanned from DE

Summary HTTP 86 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 11 domains to perform 86 HTTP transactions. The main IP is 185.199.110.153, located in United States and belongs to FASTLY, US. The main domain is moneyheist5.ml.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on May 6th 2020. Valid for: 2 years.

This is the only time moneyheist5.ml was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:50c0:800... 2606:50c0:8001::153	54113 (FASTLY) (FASTLY)
1	185.199.110.153 185.199.110.153	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
5	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
13	2606:4700:20:... 2606:4700:20::6818:510f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:400e:4f::a	15169 (GOOGLE) (GOOGLE)
2	141.94.130.128 141.94.130.128	16276 (OVH) (OVH)
4	2a00:1450:400... 2a00:1450:400e:2::a	() ()
86	15

1 2606:50c0:8001::153 (United States) 1 redirects

ASN54113 (FASTLY, US)

www.moneyheist5.ml	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.199.110.153 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-110-153.github.com

moneyheist5.ml	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

b-cloud.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a-cloud.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:20::6818:510f (United States)

ASN13335 (CLOUDFLARENET, US)

trkingrp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400e:4f::a (Ireland)

ASN15169 (GOOGLE, US)

r5---sn-5hne6nsz.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.130.128 (France)

ASN16276 (OVH, FR)
PTR: ns31442138.ip-141-94-130.eu

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400e:2::a (None, )

ASN- ()

r5---sn-5hnekn7k.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	youtube.com www.youtube.com	1 MB
13	trkingrp.com trkingrp.com	39 KB
12	googlevideo.com r5---sn-5hne6nsz.googlevideo.com r5---sn-5hnekn7k.googlevideo.com	2 MB
6	doubleclick.net 2 redirects googleads.g.doubleclick.net static.doubleclick.net	2 KB
5	gstatic.com fonts.gstatic.com	114 KB
5	b-cdn.net b-cloud.b-cdn.net a-cloud.b-cdn.net	260 KB
4	googleapis.com fonts.googleapis.com ajax.googleapis.com	234 KB
2	postimg.cc i.postimg.cc	121 KB
2	ggpht.com yt3.ggpht.com	6 KB
2	google.com www.google.com	27 KB
2	moneyheist5.ml 1 redirects www.moneyheist5.ml moneyheist5.ml	4 KB
86	11

	Domain	Requested by
30	www.youtube.com	moneyheist5.ml www.youtube.com b-cloud.b-cdn.net
13	trkingrp.com	moneyheist5.ml trkingrp.com
8	r5---sn-5hne6nsz.googlevideo.com	www.youtube.com
5	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
4	r5---sn-5hnekn7k.googlevideo.com	www.youtube.com
4	googleads.g.doubleclick.net	2 redirects www.youtube.com
4	b-cloud.b-cdn.net	moneyheist5.ml
2	i.postimg.cc	moneyheist5.ml
2	yt3.ggpht.com	www.youtube.com
2	www.google.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	ajax.googleapis.com	moneyheist5.ml
2	fonts.googleapis.com	moneyheist5.ml trkingrp.com
1	a-cloud.b-cdn.net	moneyheist5.ml
1	moneyheist5.ml
1	www.moneyheist5.ml	1 redirects
86	16

This site contains links to these domains. Also see Links.

Domain
trkingrp.com

Subject Issuer	Validity	Valid
www.github.com DigiCert SHA2 High Assurance Server CA	`2020-05-06` - `2022-04-14`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-07` - `2022-11-11`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-28` - `2022-06-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-11-09` - `2022-01-18`	2 months	crt.sh
postimg.cc R3	`2021-11-30` - `2022-02-28`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://moneyheist5.ml/
Frame ID: 34CAAA5811809537A0B27878001D5543
Requests: 30 HTTP requests in this frame

Frame: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1&wmode=transparent
Frame ID: C45BD6BF789F1ACCD1506076036A23E7
Requests: 58 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home

Page URL History Show full URLs

https://www.moneyheist5.ml/ HTTP 301
https://moneyheist5.ml/ Page URL

Page Statistics

86
Requests

90 %
HTTPS

80 %
IPv6

11
Domains

16
Subdomains

15
IPs

4
Countries

4468 kB
Transfer

9003 kB
Size

2
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://trkingrp.com/show.php?cl=true&l=1032887&u=63652&id=37982
Title: Laden Sie den neuen Leitfaden für Herbstmänner herunter!

Search URL Search Domain Scan URL

URL: https://trkingrp.com/show.php?cl=true&l=1032887&u=63652&id=33640
Title: Holen Sie sich einen 250 € Netto-Gutschein!

Search URL Search Domain Scan URL

URL: https://trkingrp.com/show.php?cl=true&l=1032887&u=63652&id=32199
Title: Registrieren Sie sich und hören Sie Audible 5 Minuten lang!

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.moneyheist5.ml/ HTTP 301
https://moneyheist5.ml/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 67

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

86 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
moneyheist5.ml/
Redirect Chain

https://www.moneyheist5.ml/
https://moneyheist5.ml/

23 KB
4 KB

403ms
101ms

Document
text/html

185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://moneyheist5.ml/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-110-153.github.com
Software: GitHub.com /
Resource Hash: 7f18343fc740d154cc1a98bfcb01e87bfc6a412c9b051dca86e8138aac173c65

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: GitHub.com
content-type: text/html; charset=utf-8
x-origin-cache: HIT
last-modified: Thu, 02 Dec 2021 06:13:23 GMT
access-control-allow-origin: *
etag: W/"61a86403-5cb4"
expires: Thu, 02 Dec 2021 06:25:33 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: B73C:41FE:99DE2A:9FFF71:61A86485
accept-ranges: bytes
date: Thu, 02 Dec 2021 06:15:33 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-hhn4025-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1638425733.339115,VS0,VE95
vary: Accept-Encoding
x-fastly-request-id: 6a52ef7e29bea31789d27a65495b3decd495e165
content-length: 3895

Redirect headers

server: GitHub.com
content-type: text/html
location: https://moneyheist5.ml/
x-github-request-id: B08C:192C:3C2E05:3E990A:61A86484
accept-ranges: bytes
date: Thu, 02 Dec 2021 06:15:33 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-hhn4041-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1638425733.935321,VS0,VE95
vary: Accept-Encoding
x-fastly-request-id: 6aa774413297753aa35ab6187d37cddeb066e639
content-length: 162

GET
H2 200 css
fonts.googleapis.com/ 33 KB
2 KB 136ms
49ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Overpass:100,100italic,200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,800,800italic,900,900italic&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap

Requested by

Host: moneyheist5.ml
URL: https://moneyheist5.ml/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e86e6025776ff5a7bdaa10960af61644884567fde97773da378c8d2a627b8810

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moneyheist5.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 06:15:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 02 Dec 2021 06:15:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Dec 2021 06:15:33 GMT

GET
H2 200 group-3.css
b-cloud.b-cdn.net/builds/free/208-cloud/editor/css/ 82 KB
9 KB 43ms
18ms Stylesheet
text/css 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://b-cloud.b-cdn.net/builds/free/208-cloud/editor/css/group-3.css
Requested by: Host: moneyheist5.ml
URL: https://moneyheist5.ml/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 5eaf0358b8017b6e127b26020473b13edc81606c5e2bbdf004016f5216dc98ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moneyheist5.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:33 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: 5DWHMJF74JEJ59JT
cdn-cachedat: 11/10/2021 02:15:09
cdn-pullzone: 246147
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: MFLiKHVvWhd5xGYuDu7eqnY+/SPOgFv+IS9F/vWnNB0O50QiAQBqXQM6UX71kefQogQZV9GAS1Q=
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Tue, 09 Nov 2021 11:57:55 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestid: c5386f75314e7862c2a6f16ae37e7f9d
cdn-requestcountrycode: DE
link: <https://s3.amazonaws.com/brizy.cloud/builds/free/208-cloud/editor/css/group-3.css>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 preview.css
b-cloud.b-cdn.net/builds/free/208-cloud/editor/css/ 204 KB
33 KB 32ms
7ms Stylesheet
text/css 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://b-cloud.b-cdn.net/builds/free/208-cloud/editor/css/preview.css
Requested by: Host: moneyheist5.ml
URL: https://moneyheist5.ml/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: b81b6b01c95ce8af9d4eddddb85ef47b77113193b1387e71cfdb98c19ebecf0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moneyheist5.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:33 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: QDXP7GH3QHBJWRCF
cdn-cachedat: 11/09/2021 15:56:41
cdn-pullzone: 246147
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: KWIl7kpAFDY5lhQhRC3LclBgLLQKqbzn0X5IAnpC4cIT7n/AkNxBz2VLWYg+Al3oK+QF7HnjyNM=
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Tue, 09 Nov 2021 11:57:55 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestid: 3e84a4ab4e5b634fac7a6321e1ae20d6
cdn-requestcountrycode: DE
link: <https://s3.amazonaws.com/brizy.cloud/builds/free/208-cloud/editor/css/preview.css>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 script_include.php Show response
trkingrp.com/ 37 KB
9 KB 243ms
205ms Script
text/javascript 2606:4700:20::6818:510f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trkingrp.com/script_include.php?id=1032887
Requested by: Host: moneyheist5.ml
URL: https://moneyheist5.ml/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6818:510f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dd6f65de3d871f9f6b0f8c697c9a9bf18406612e2df764c4108814dee79ccf6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moneyheist5.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a4qTPNNlOOEP0jTq1yEaiGvPj6w3jdIuDLtyat2hHkUfPM5bYHAvm7Ao85tS39xYflwXh9ZlNpc2P1eURWBCQonHp8Gz8eAZaCOw3JMXueLUp4bKpAqMz5BMYimJyJL4ysbu%2Fu%2BkVde7rA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cf-ray: 6b726be25a3e6927-FRA

GET
H2 200 group-3.js Show response
b-cloud.b-cdn.net/builds/free/208-cloud/editor/js/ 117 KB
44 KB 43ms
19ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://b-cloud.b-cdn.net/builds/free/208-cloud/editor/js/group-3.js
Requested by: Host: moneyheist5.ml
URL: https://moneyheist5.ml/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 4b40523a01d7c05b5fba80d9b5fd59d28749a2113348a32a357b7dac05abf5e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moneyheist5.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:33 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: 5DWG6Q6XMESDJY5Y
cdn-cachedat: 11/10/2021 02:15:09
cdn-pullzone: 246147
x-amz-id-2: 7VKeblHGqmagzKmaGlr9YIGKcB9G9cuSDLE++hY1oVF+kwX44ohMtIJpfRpoddgq7KK1rWV+MNA=
server: BunnyCDN-DE1-756
last-modified: Tue, 09 Nov 2021 12:00:12 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cache-control: public, max-age=31919000
cdn-requestid: 8cf8eaa5ca23af37514ec8c27a5e7d9a
cdn-requestcountrycode: DE
link: <https://s3.amazonaws.com/brizy.cloud/builds/free/208-cloud/editor/js/group-3.js>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 preview.js Show response
b-cloud.b-cdn.net/builds/free/208-cloud/editor/js/ 66 KB
21 KB 32ms
8ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://b-cloud.b-cdn.net/builds/free/208-cloud/editor/js/preview.js
Requested by: Host: moneyheist5.ml
URL: https://moneyheist5.ml/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: c3817eea0e1c913ae9bf007f6198b290297fac049ed5f33e5bc01a0e67479539

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moneyheist5.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:33 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: EVTG2E0TPMGQS9G7
cdn-cachedat: 11/09/2021 15:56:42
cdn-pullzone: 246147
x-amz-id-2: 1onJtakVAoW9VJLErTp6+z6ORw2mgXTpBJ5CfplOS9zTIKZV7I13CVMxcl8ms3USzKq6Lf+vyBA=
server: BunnyCDN-DE1-756
last-modified: Tue, 09 Nov 2021 12:00:12 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cache-control: public, max-age=31919000
cdn-requestid: 5a07af09b9ae0aee6e51705662619603
cdn-requestcountrycode: DE
link: <https://s3.amazonaws.com/brizy.cloud/builds/free/208-cloud/editor/js/preview.js>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 6f8d33836023f7f86786e3c8c88bf855.png
a-cloud.b-cdn.net/media/iW=5000&iH=any/ 153 KB
154 KB 24ms
15ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a-cloud.b-cdn.net/media/iW=5000&iH=any/6f8d33836023f7f86786e3c8c88bf855.png
Requested by: Host: moneyheist5.ml
URL: https://moneyheist5.ml/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 08de9f24b5576b2d84b6e8ff0ceeada1c3cf801bbfdfd876517d787bb3ec63a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moneyheist5.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:33 GMT
x-downloadsize: 1630299
cdn-edgestorageid: 756
x-bo-processingtime: 23
cdn-cachedat: 12/02/2021 07:15:33
cdn-pullzone: 465925
content-length: 157040
server: BunnyCDN-DE1-756
x-bo-server: DE-40
last-modified: Thu, 02 Dec 2021 06:15:22 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
x-bo-origindownloadtime: 805
content-type: image/webp
cdn-cache: MISS
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cache-control: public, max-age=31919000
x-bo-compressionratio: 90.37%
cdn-requestid: b04335398524fc27d461c65a6ec3360e
cdn-requestcountrycode: DE
x-bo-cachehit: HIT
link: <https://www.brizy.cloud/media/iW=5000&iH=any/6f8d33836023f7f86786e3c8c88bf855.png>; rel="canonical"
cdn-status: 200
x-bo-lb-server: DE-40
cdn-requestpullsuccess: True

GET
H2 200 qFdH35WCmI96Ajtm81GlU9s.woff2
fonts.gstatic.com/s/overpass/v7/ 38 KB
38 KB 128ms
40ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v7/qFdH35WCmI96Ajtm81GlU9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Overpass:100,100italic,200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,800,800italic,900,900italic&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

995dfb0c839090c9461662fca31b3d886f80dd9e881db8ea224374866eade55f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://moneyheist5.ml
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 02:43:29 GMT
x-content-type-options: nosniff
age: 99124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38496
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:13:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 01 Dec 2022 02:43:29 GMT

GET
H2 200 95b51iWL1Uc Show response
www.youtube.com/embed/ Frame C45B 60 KB
26 KB 184ms
97ms Document
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1

Requested by

Host: moneyheist5.ml
URL: https://moneyheist5.ml/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35c4cec30c440f6bcd2fbafe6caa916b01c79f364535c90142b9ffd59b2132eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://moneyheist5.ml/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 02 Dec 2021 06:15:33 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 preload.php Show response
trkingrp.com/common/ 934 B
848 B 214ms
214ms Script
application/javascript 2606:4700:20::6818:510f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trkingrp.com/common/preload.php?a=1&t=1638425733&lkt=1&dat=6b6b6f6d6a6c414141416f6d6c4169686b6b6e6c69416b6e70416c6e416e6c686a684169696a6a411f41412632322e317267672b2d2c233726232731326d662b2a67416a6868
Requested by: Host: trkingrp.com
URL: https://trkingrp.com/script_include.php?id=1032887
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6818:510f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a864b8d9b03d0c0edaeb2a3edcdd53b3a65f9944bd7e4fbee4db0d2648a6e8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moneyheist5.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kOkspjIBiDuFUtwG1KVnIYdrH%2Bh%2FX62CtURbn7zDSEz55VV4sltpJoVfGezUcPnYGqw65E5eKAxFqeCyY8OvjP9QIDVgH%2FWi7OEktGS9qvW9xL6yhIlFbEjbxYrccDm%2FLef3f3vj5gQUWw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 6b726be43de06927-FRA
access-control-allow-headers: Content-Type

GET
H2 200 scriptcss.php
trkingrp.com/common/boxes/grey/ 3 KB
1 KB 106ms
106ms Stylesheet
text/css 2606:4700:20::6818:510f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trkingrp.com/common/boxes/grey/scriptcss.php?l=o6af3nbg48&s=rbwfyy8
Requested by: Host: trkingrp.com
URL: https://trkingrp.com/script_include.php?id=1032887
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6818:510f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b84f94f45164fa64d9348218260f94835d4a5726edf5161a20e43f012877ed1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moneyheist5.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74z%2FgZoYPNcnbfkOPqUO8YCLdd%2F7rqway6cI7jdf2jhSsFeaTwwPJD29i%2FnMJI4stoDnlBsWPTTLIvjP0LCRUskVfTH%2BddruPYxDSC7ZjWQKFjXGm7lNOBfv2p6ZfGEpI%2BCHL1%2BaqGBHQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cf-ray: 6b726be43de36927-FRA

GET
H2 200 ie_functions.js Show response
trkingrp.com/common/ 4 KB
1 KB 197ms
196ms Script
application/javascript 2606:4700:20::6818:510f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trkingrp.com/common/ie_functions.js
Requested by: Host: trkingrp.com
URL: https://trkingrp.com/script_include.php?id=1032887
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6818:510f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be4d7c12f9e05aff0d4b1050019d8d08ac408a5b42d92b218f7385458b80398f

Request headers

Referer: https://moneyheist5.ml/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 02 Dec 2021 06:15:33 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 06 Mar 2020 00:23:30 GMT
server: cloudflare
etag: W/"e94-5a024a9bd7f56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m595NuGDyf4svsXaIcVD6dbtgZkYLALw6wvS%2F599Fu3nrWdNFUpSqhkQ0eLVDOFTqZtwRTBCZXMj%2Bpn8il%2BQtdFXz%2FJ6YW58YS7KneJrKJ2nQxwypqrz9SagMwMyebdZ4JlP%2F68nxKtkqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b726be43ded6927-FRA

GET
H2 200 css
fonts.googleapis.com/ 664 B
428 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: trkingrp.com
URL: https://trkingrp.com/script_include.php?id=1032887

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8f5705ee03667d1a28565f6dc84b7748bb9d7c4ded30c270354edd054b86b32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moneyheist5.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 06:11:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 02 Dec 2021 06:15:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Dec 2021 06:15:33 GMT

GET
H2 200 back.png
trkingrp.com/common/ 4 KB
5 KB 192ms
191ms Image
image/png 2606:4700:20::6818:510f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trkingrp.com/common/back.png
Requested by: Host: trkingrp.com
URL: https://trkingrp.com/script_include.php?id=1032887
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6818:510f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c10b464a02589dd3755b4992a91e6a7a47d1bae064e0f53f100ca38cf6d82a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moneyheist5.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:33 GMT
cf-cache-status: MISS
last-modified: Fri, 06 Mar 2020 00:23:29 GMT
server: cloudflare
etag: "10f6-5a024a9aabab5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=da6uTLVx3M%2FZC34HwQS2Hozq9%2FviZVyhUJyqRG4d%2FBZUzt7IqsdDpkTkuWICOnz2zdxR6C9dsHhugHGcBsfF6Sp01wMDgN7r5O47S5%2BYBQDmkjxC6jPg3ImyKtkwsA3LedaxMAKQqcuPnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b726be43def6927-FRA
content-length: 4342

GET
H2 200 loader.gif
trkingrp.com/common/ 723 B
1 KB 193ms
192ms Image
image/gif 2606:4700:20::6818:510f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trkingrp.com/common/loader.gif
Requested by: Host: trkingrp.com
URL: https://trkingrp.com/script_include.php?id=1032887
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6818:510f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7a6d3a1d2b1703af26b81a9319bd7e5aaef5459600799322fae93ad515fc490

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moneyheist5.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:33 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 23 Aug 2021 23:31:42 GMT
server: cloudflare
etag: "2d3-5ca426b68a89d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Quhk8at29pbK7GnRpm%2FGswvsMAEpy2gaPkvERME%2FiZDVZVd0Sg7wiKEQzBQ2T9iXiDZi6oAP%2BD04zSm%2Fj6M8soxrWAML%2BoMaYJHC2z7woNDyM4N5V9Fc6ZCuVjKxoEfvrlGPiJRHCsjrrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b726be43df26927-FRA
content-length: 723

GET
H2 200 spinner.gif
trkingrp.com/assets/images/ 664 B
987 B 193ms
192ms Image
image/gif 2606:4700:20::6818:510f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trkingrp.com/assets/images/spinner.gif
Requested by: Host: trkingrp.com
URL: https://trkingrp.com/script_include.php?id=1032887
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6818:510f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a31c6c106edae3d89a940cb914b821edea7ae2d4d1000ba513f4c8a3e1be21d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moneyheist5.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:33 GMT
cf-cache-status: MISS
last-modified: Fri, 06 Mar 2020 00:23:22 GMT
server: cloudflare
etag: "298-5a024a945271f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZWPmoFCimlZQyBowOZIbZwcullSwh7BFWslpSX8JusNp9DQBnwQ6PQeyYrdA9FB8Ze%2FiAm9NKr%2FlJoSmH4MMAkvdFtBsccbP0%2FWu99lhicLQ2xg6PT0P9STibEtvI2IYWDNWrEKgSQiiBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b726be43df36927-FRA
content-length: 664

GET
H2 200 www-player-webp.css
www.youtube.com/s/player/eea703f3/ Frame C45B 336 KB
46 KB 40ms
40ms Stylesheet
text/css 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/eea703f3/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d98637a1c12b32b467e6238367e35c66a1af6ee1d7cf1ec86fa8762b5e613fe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 15:45:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52220
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47245
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 01:17:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 01 Dec 2022 15:45:13 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C45B 15 KB
15 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 17:06:41 GMT
x-content-type-options: nosniff
age: 133732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 30 Nov 2022 17:06:41 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/eea703f3/www-embed-player.vflset/ Frame C45B 217 KB
71 KB 53ms
51ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/eea703f3/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b7e0684261e3babc0afab1dc64eeca6a6c19bb4fa8921fa68eb1c89dfbfcf6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 15:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52088
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72721
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 01:17:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 01 Dec 2022 15:47:25 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/ Frame C45B 2 MB
523 KB 62ms
41ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c43f85c11ab4e37bd37c12bcaad089f0e81fb2779c50e07e946818a8829c397b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 15:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52088
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 535543
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 01:17:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 01 Dec 2022 15:47:25 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/eea703f3/fetch-polyfill.vflset/ Frame C45B 8 KB
3 KB 59ms
40ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/eea703f3/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 15:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52088
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 01:17:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 01 Dec 2022 15:47:25 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 93 KB
34 KB 126ms
40ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: moneyheist5.ml
URL: https://moneyheist5.ml/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moneyheist5.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 14:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33845
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Dec 2022 14:02:56 GMT

GET
H3 200 iframe_api Show response
www.youtube.com/ 980 B
512 B 62ms
62ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: b-cloud.b-cdn.net
URL: https://b-cloud.b-cdn.net/builds/free/208-cloud/editor/js/preview.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

da00ef9657c42042dccf096ce357b5062c144bf65eece9b2f823be34c0d3d824

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moneyheist5.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
expires: Thu, 02 Dec 2021 06:15:34 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/eea703f3/www-widgetapi.vflset/ 147 KB
48 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/eea703f3/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a499c62bd4a1555dc2be24483a7de1cb92605c2dee544ce0435a7add53b52c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moneyheist5.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 444
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49040
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 01:17:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 02 Dec 2022 06:08:10 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame C45B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

106ms
59ms

XHR
application/json

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1

Protocol

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e6e88c3618f316080f2e3eec0c20cadcfc4669996f83209fa75d0a2465b735e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Dec 2021 06:15:34 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame C45B 29 B
588 B 124ms
38ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/eea703f3/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:12:28 GMT
x-content-type-options: nosniff
age: 186
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Dec 2021 06:27:28 GMT

GET
H2 200 IDOD8C4CBaKZ_NWTTkU4YSP0GrQsu4HTxIRjNmv5cpY.js Show response
www.google.com/js/th/ Frame C45B 35 KB
14 KB 123ms
39ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/IDOD8C4CBaKZ_NWTTkU4YSP0GrQsu4HTxIRjNmv5cpY.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203383f02e0205a299fcd5934e45386123f41ab42cbb81d3c48463366bf97296

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 18:59:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13297
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Dec 2022 18:59:09 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/ Frame C45B 24 KB
7 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8ab897b4678f2f58ca6c636aa13fa95adbd0f0a30497785cd359a8f7c5864ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 15:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52089
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7353
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 01:17:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 01 Dec 2022 15:47:25 GMT

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame C45B 62 KB
19 KB 122ms
122ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

7bda7a3d39354bc52985b5c59c69d10a26b76adda7a149b8e040c6b902be0b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20211130.01.00
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
X-Goog-Visitor-Id: CgttNFQ3S2QzMHdSUSiFyaGNBg%3D%3D
Content-Type: application/json

Response headers

date: Thu, 02 Dec 2021 06:15:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19819
x-xss-protection: 0
expires: Thu, 02 Dec 2021 06:15:34 GMT

GET
DATA 200
OK truncated
/ Frame C45B 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 UFNLDJS5_N0yB1wcVrAS221D-QOhvGB3xzbVhqQgmFxyZ0c_fIc7KLJeq5_Aaa9orNHuDvOPDQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame C45B 3 KB
3 KB 123ms
39ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/UFNLDJS5_N0yB1wcVrAS221D-QOhvGB3xzbVhqQgmFxyZ0c_fIc7KLJeq5_Aaa9orNHuDvOPDQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1295ac73daf7a2c3c55b9eabcf01002b4cdd28445d329da67de517ba2b5c2974

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 03:52:42 GMT
x-content-type-options: nosniff
age: 8572
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2682
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 30 Nov 2021 11:52:14 GMT

GET
H3 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.8.19/ 198 KB
198 KB 83ms
39ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.19/jquery-ui.min.js

Requested by

Host: moneyheist5.ml
URL: https://moneyheist5.ml/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82476fa2d1bb366936df648fc59ffcad435d90adbde4c5b5d8c8b9b01a91f29b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moneyheist5.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:29:04 GMT
x-content-type-options: nosniff
age: 524790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202400
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 26 Nov 2022 04:29:04 GMT

POST
H3 204 qoe
www.youtube.com/api/stats/ Frame C45B 0
19 B 48ms
48ms Ping
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=244&afmt=251&cpn=uYIjdu3BQbvDIQOc&ei=hmSoYYaNDcSM6dsPpKWRkAM&el=embedded&docid=95b51iWL1Uc&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24064555%2C24080738%2C24082661%2C24104617%2C24115508%2C24126632%2C24129402%2C24129452%2C24136255&cl=413258872&seq=1&cbr=Chrome&cbrver=96.0.4664.45&c=WEB_EMBEDDED_PLAYER&cver=1.20211130.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.006:B,0.157:B,0.157:B&cmt=0.006:0.000,0.157:0.000&afs=0.157:251::i&vfs=0.157:244:247::r&view=0.157:1600:899&bwe=0.157:130000&bat=0.157:1:1&vis=0.157:0&bh=0.157:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 06:15:34 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r5---sn-5hne6nsz.googlevideo.com/ Frame C45B 148 KB
149 KB 77ms
19ms XHR
video/webm 2a00:1450:400e:4f::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-5hne6nsz.googlevideo.com/videoplayback?expire=1638447334&ei=hmSoYYaNDcSM6dsPpKWRkAM&ip=2a03%3A1b20%3A6%3Af011%3A%3A5e&id=o-AHjOKYWJSJC0D1SBOLXGbubwqGbHTnw_-az8yKu7taBX&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=gi&mm=31%2C26&mn=sn-5hne6nsz%2Csn-5goeen7y&ms=au%2Conr&mv=u&mvi=5&pl=48&vprv=1&mime=video%2Fwebm&ns=KqkFBkmVE1QTDo23yTlZKiMG&gir=yes&clen=5634667&dur=122.999&lmt=1638379357561747&mt=1638425463&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5535432&n=6avb2UpwQ2_NRg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAIMxCuTLCNAFukQMidrkI38yei92Co06hMasDtjM1EdFAiAYcyR38zHsatbFw0mHv7LuKlHP5UFyQ4hY3S3nUjMlRg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgCiyPLk8d6yHlWPVtOAz48_zENovQRtuRKMlBu0YwAbICIQDg1VDKQsvTXqMPswdw2BH26w0JQYkO2A5KWmL6ISgx0Q%3D%3D&alr=yes&cpn=uYIjdu3BQbvDIQOc&cver=1.20211130.01.00&range=0-151335&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:4f::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

1a71df7eb39c6722f30264aeac503818ffe27be3800509d3ef5819cd80e4e58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 02 Dec 2021 06:15:34 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 151336
Last-Modified: Wed, 01 Dec 2021 17:22:37 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Thu, 02 Dec 2021 06:15:34 GMT

GET
H/1.1 200
OK videoplayback Show response
r5---sn-5hne6nsz.googlevideo.com/ Frame C45B 64 KB
66 KB 77ms
20ms XHR
audio/webm 2a00:1450:400e:4f::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-5hne6nsz.googlevideo.com/videoplayback?expire=1638447334&ei=hmSoYYaNDcSM6dsPpKWRkAM&ip=2a03%3A1b20%3A6%3Af011%3A%3A5e&id=o-AHjOKYWJSJC0D1SBOLXGbubwqGbHTnw_-az8yKu7taBX&itag=251&source=youtube&requiressl=yes&mh=gi&mm=31%2C26&mn=sn-5hne6nsz%2Csn-5goeen7y&ms=au%2Conr&mv=u&mvi=5&pl=48&vprv=1&mime=audio%2Fwebm&ns=KqkFBkmVE1QTDo23yTlZKiMG&gir=yes&clen=1900717&dur=123.021&lmt=1638376069974885&mt=1638425463&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5531432&n=6avb2UpwQ2_NRg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgVz6mwipniRO-hBSah7e_2BLj5FUVHeA-2VDMiBa43AoCIQCjPP37fT26baN5XjF86iSr4HsEbpGz-Czeg_nG9xW-8w%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgCiyPLk8d6yHlWPVtOAz48_zENovQRtuRKMlBu0YwAbICIQDg1VDKQsvTXqMPswdw2BH26w0JQYkO2A5KWmL6ISgx0Q%3D%3D&alr=yes&cpn=uYIjdu3BQbvDIQOc&cver=1.20211130.01.00&range=0-66012&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:4f::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

abd062821ee8204b9c41511403dda5ecb95d25c95344f9fc8fcc3644a7b8c605

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 02 Dec 2021 06:15:34 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 66013
Last-Modified: Wed, 01 Dec 2021 16:27:49 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Thu, 02 Dec 2021 06:15:34 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/ Frame C45B 26 KB
7 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b37cdaa7bef11616202d3fa71591a3d0263389fbcd4ea4b28a3a466e70296967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 15:47:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52088
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7215
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 01:17:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 01 Dec 2022 15:47:26 GMT

GET
H3 200 annotations_module.js Show response
www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/ Frame C45B 66 KB
19 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/annotations_module.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5174eb2d172d4dc8444d7548a07a9521011afb88d023ee8c2fe6a003dc4381c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 15:50:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51919
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19755
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 01:17:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 01 Dec 2022 15:50:15 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame C45B 63 KB
5 KB 239ms
238ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

537ef31661fee2ec6ce8f43ff9b23dce6be17a540994cc6196f0eeab37a6dc0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20211130.01.00
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
X-Goog-Visitor-Id: CgttNFQ3S2QzMHdSUSiFyaGNBg%3D%3D
Content-Type: application/json

Response headers

date: Thu, 02 Dec 2021 06:15:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5011
x-xss-protection: 0
expires: Thu, 02 Dec 2021 06:15:34 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame C45B 0
9 B 40ms
39ms Image
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?Ol3IJQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 jquery.tipsy.js Show response
trkingrp.com/common/js/ 10 KB
3 KB 190ms
190ms Script
application/javascript 2606:4700:20::6818:510f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trkingrp.com/common/js/jquery.tipsy.js
Requested by: Host: moneyheist5.ml
URL: https://moneyheist5.ml/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6818:510f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e20b6d7bb3534f8f6fde7683fca8bb047c534f436d30ccba816cbadf6f8fe54a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moneyheist5.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:34 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 06 Mar 2020 00:23:31 GMT
server: cloudflare
etag: W/"268d-5a024a9c785b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eS9FOrOdxR03gGDBgQrMN%2FeF%2BIInCFnZkGB2u38GcVx0QRt84hQkkzqgAsTSY82qui3KPKXAo7TAo6dq76IirHHFH0tvrt%2BmcZaR4oErt%2BskpZxJV2I2qRi6N%2FqM7WxoWEpbyArHnDx6wA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b726be83de56927-FRA

GET
H3 200 videoplayback Show response
r5---sn-5hne6nsz.googlevideo.com/ Frame C45B 652 B
678 B 40ms
22ms XHR
video/webm 2a00:1450:400e:4f::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-5hne6nsz.googlevideo.com/videoplayback?expire=1638447334&ei=hmSoYYaNDcSM6dsPpKWRkAM&ip=2a03%3A1b20%3A6%3Af011%3A%3A5e&id=o-AHjOKYWJSJC0D1SBOLXGbubwqGbHTnw_-az8yKu7taBX&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=gi&mm=31%2C26&mn=sn-5hne6nsz%2Csn-5goeen7y&ms=au%2Conr&mv=u&mvi=5&pl=48&vprv=1&mime=video%2Fwebm&ns=KqkFBkmVE1QTDo23yTlZKiMG&gir=yes&clen=9338209&dur=122.999&lmt=1638379357572555&mt=1638425463&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5535432&n=6avb2UpwQ2_NRg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgFPCbrSJ7beNlikp7cQERlURKqmsJS0OUcDf8vlFg2MgCIEOa0kcyi-OdDyVIbnt9vVsZii3-mCpqEjtUAAtm2YqE&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgCiyPLk8d6yHlWPVtOAz48_zENovQRtuRKMlBu0YwAbICIQDg1VDKQsvTXqMPswdw2BH26w0JQYkO2A5KWmL6ISgx0Q%3D%3D&alr=yes&cpn=uYIjdu3BQbvDIQOc&cver=1.20211130.01.00&range=0-651&rn=3&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:4f::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

f03ebb6c700488e635baf352719068d88d56a2016b2e6a142e7c67f09d262b69

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:34 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 652
client-protocol: quic
last-modified: Wed, 01 Dec 2021 17:22:37 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Thu, 02 Dec 2021 06:15:34 GMT

GET
H3 200 videoplayback Show response
r5---sn-5hne6nsz.googlevideo.com/ Frame C45B 78 KB
78 KB 20ms
14ms XHR
video/webm 2a00:1450:400e:4f::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:4f::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

cbb64fe5eb14fd8a4bdd82916e5f71f01f90eacdd34f6c57dc75aa81925d9fbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:34 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79791
client-protocol: quic
last-modified: Wed, 01 Dec 2021 17:22:37 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Thu, 02 Dec 2021 06:15:34 GMT

POST
H3 204 qoe
www.youtube.com/api/stats/ Frame C45B 0
19 B 47ms
47ms Ping
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=247&afmt=251&cpn=uYIjdu3BQbvDIQOc&ei=hmSoYYaNDcSM6dsPpKWRkAM&el=embedded&docid=95b51iWL1Uc&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24064555%2C24080738%2C24082661%2C24104617%2C24115508%2C24126632%2C24129402%2C24129452%2C24136255&cl=413258872&seq=2&cbr=Chrome&cbrver=96.0.4664.45&c=WEB_EMBEDDED_PLAYER&cver=1.20211130.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&user_intent=0&vfs=0.323:247:247:244:r&view=0.323:1600:899&vps=0.323:B,0.323:B&bwm=0.323:297792:0.303&bwe=0.323:658155&bat=0.323:1:1&cmt=0.323:0.020&bh=0.323:2.708&df=0.323:0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 06:15:34 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 videoplayback Show response
r5---sn-5hne6nsz.googlevideo.com/ Frame C45B 352 KB
352 KB 14ms
14ms XHR
video/webm 2a00:1450:400e:4f::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-5hne6nsz.googlevideo.com/videoplayback?expire=1638447334&ei=hmSoYYaNDcSM6dsPpKWRkAM&ip=2a03%3A1b20%3A6%3Af011%3A%3A5e&id=o-AHjOKYWJSJC0D1SBOLXGbubwqGbHTnw_-az8yKu7taBX&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=gi&mm=31%2C26&mn=sn-5hne6nsz%2Csn-5goeen7y&ms=au%2Conr&mv=u&mvi=5&pl=48&vprv=1&mime=video%2Fwebm&ns=KqkFBkmVE1QTDo23yTlZKiMG&gir=yes&clen=9338209&dur=122.999&lmt=1638379357572555&mt=1638425463&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5535432&n=6avb2UpwQ2_NRg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgFPCbrSJ7beNlikp7cQERlURKqmsJS0OUcDf8vlFg2MgCIEOa0kcyi-OdDyVIbnt9vVsZii3-mCpqEjtUAAtm2YqE&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgCiyPLk8d6yHlWPVtOAz48_zENovQRtuRKMlBu0YwAbICIQDg1VDKQsvTXqMPswdw2BH26w0JQYkO2A5KWmL6ISgx0Q%3D%3D&alr=yes&cpn=uYIjdu3BQbvDIQOc&cver=1.20211130.01.00&range=360677-721075&rn=5&rbuf=4083

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:4f::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

2775f4f0abd3e3b6b2c604569f44e5a26a05385679b7e524016d7353119354f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:34 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360399
client-protocol: quic
last-modified: Wed, 01 Dec 2021 17:22:37 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Thu, 02 Dec 2021 06:15:34 GMT

GET
H3 200 videoplayback Show response
r5---sn-5hne6nsz.googlevideo.com/ Frame C45B 76 KB
77 KB 14ms
14ms XHR
audio/webm 2a00:1450:400e:4f::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-5hne6nsz.googlevideo.com/videoplayback?expire=1638447334&ei=hmSoYYaNDcSM6dsPpKWRkAM&ip=2a03%3A1b20%3A6%3Af011%3A%3A5e&id=o-AHjOKYWJSJC0D1SBOLXGbubwqGbHTnw_-az8yKu7taBX&itag=251&source=youtube&requiressl=yes&mh=gi&mm=31%2C26&mn=sn-5hne6nsz%2Csn-5goeen7y&ms=au%2Conr&mv=u&mvi=5&pl=48&vprv=1&mime=audio%2Fwebm&ns=KqkFBkmVE1QTDo23yTlZKiMG&gir=yes&clen=1900717&dur=123.021&lmt=1638376069974885&mt=1638425463&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5531432&n=6avb2UpwQ2_NRg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgVz6mwipniRO-hBSah7e_2BLj5FUVHeA-2VDMiBa43AoCIQCjPP37fT26baN5XjF86iSr4HsEbpGz-Czeg_nG9xW-8w%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgCiyPLk8d6yHlWPVtOAz48_zENovQRtuRKMlBu0YwAbICIQDg1VDKQsvTXqMPswdw2BH26w0JQYkO2A5KWmL6ISgx0Q%3D%3D&alr=yes&cpn=uYIjdu3BQbvDIQOc&cver=1.20211130.01.00&range=66013-144339&rn=6&rbuf=4339

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:4f::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

cdb55f4834a3affa9587cf810faa5fd3fe2f746e05e458b96ccf73615c11e8ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:34 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78327
client-protocol: quic
last-modified: Wed, 01 Dec 2021 16:27:49 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 02 Dec 2021 06:15:34 GMT

GET
H3 204 playback
www.youtube.com/api/stats/ Frame C45B 0
17 B 49ms
48ms Image
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=uYIjdu3BQbvDIQOc&docid=95b51iWL1Uc&ver=2&cmt=0.051&fmt=247&fs=0&rt=0.383&euri=https%3A%2F%2Fmoneyheist5.ml%2F&lact=402&cl=413258872&mos=1&volume=100&cbr=Chrome&cbrver=96.0.4664.45&c=WEB_EMBEDDED_PLAYER&cver=1.20211130.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&hl=de_DE&cr=DE&len=123.021&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24064555%2C24080738%2C24082661%2C24104617%2C24115508%2C24126632%2C24129402%2C24129452%2C24136255&rtn=2&afmt=251&size=1600%3A899&inview=0&muted=1&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F95b51iWL1Uc%3Fautoplay%3D1%26controls%3D0%26start%3D0%26end%3D0%26modestbranding%3D1%26wmode%3Dtransparent%26enablejsapi%3D1%26loop%3D0%26rel%3D0%26mute%3D1&ei=hmSoYYaNDcSM6dsPpKWRkAM&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBS1JhaHdDR3dJTjBkMlE1TEN0bW9fM1FQZnlIc2t6U2RKMzNOREZ4dzYxaF8xTkRUUWJQQVBta0tESk1nV2RmR21tWUNPOVZYRmpKTGRRcGZCRU4wenVPY1dwYkxldGhFSmJHRGhTNzhINEV0S3lPclZOQ3dUSnRDTHMxQzVVQVFEX3k

Requested by

Host: moneyheist5.ml
URL: https://moneyheist5.ml/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 06:15:34 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking
www.youtube.com/ Frame C45B 0
19 B 47ms
47ms Image
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=95b51iWL1Uc&cpn=uYIjdu3BQbvDIQOc&ei=hmSoYYaNDcSM6dsPpKWRkAM&ptk=youtube_none&pltype=contentugc

Requested by

Host: moneyheist5.ml
URL: https://moneyheist5.ml/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 06:15:34 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 videoplayback Show response
r5---sn-5hne6nsz.googlevideo.com/ Frame C45B 998 KB
998 KB 15ms
14ms XHR
video/webm 2a00:1450:400e:4f::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-5hne6nsz.googlevideo.com/videoplayback?expire=1638447334&ei=hmSoYYaNDcSM6dsPpKWRkAM&ip=2a03%3A1b20%3A6%3Af011%3A%3A5e&id=o-AHjOKYWJSJC0D1SBOLXGbubwqGbHTnw_-az8yKu7taBX&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=gi&mm=31%2C26&mn=sn-5hne6nsz%2Csn-5goeen7y&ms=au%2Conr&mv=u&mvi=5&pl=48&vprv=1&mime=video%2Fwebm&ns=KqkFBkmVE1QTDo23yTlZKiMG&gir=yes&clen=9338209&dur=122.999&lmt=1638379357572555&mt=1638425463&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5535432&n=6avb2UpwQ2_NRg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgFPCbrSJ7beNlikp7cQERlURKqmsJS0OUcDf8vlFg2MgCIEOa0kcyi-OdDyVIbnt9vVsZii3-mCpqEjtUAAtm2YqE&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgCiyPLk8d6yHlWPVtOAz48_zENovQRtuRKMlBu0YwAbICIQDg1VDKQsvTXqMPswdw2BH26w0JQYkO2A5KWmL6ISgx0Q%3D%3D&alr=yes&cpn=uYIjdu3BQbvDIQOc&cver=1.20211130.01.00&range=721076-1742733&rn=7&rbuf=7625

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:4f::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

af5ec8542718307352d000e4779e1a6cacd89d44a4436a2c41276f9d5d81aadd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:34 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1021658
client-protocol: quic
last-modified: Wed, 01 Dec 2021 17:22:37 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Thu, 02 Dec 2021 06:15:34 GMT

GET
H2 200 scriptjs.php Show response
trkingrp.com/common/ 9 KB
4 KB 186ms
186ms Script
text/javascript 2606:4700:20::6818:510f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trkingrp.com/common/scriptjs.php?l=o6af3nbg48&s=rbwfyy8
Requested by: Host: moneyheist5.ml
URL: https://moneyheist5.ml/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6818:510f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e8aa3d0f1277346d09659191c0f75334484471b719433a47a11116055cb5c85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moneyheist5.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2mSIq0Hp8V80cN7YbpqYZ2lMszC9t3yl92w%2FWrhMvHw0ETQZhMI5D6YxpIGvzSmxRoEMJ1UTa0CEFyHYUwhKX3fxJSMBPLqyDpcuu77kXzvHNKiZoYTycMdLLGvfzlA1G0hgFdkJAVAhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cf-ray: 6b726be9681a6927-FRA

GET
H3 200 videoplayback Show response
r5---sn-5hne6nsz.googlevideo.com/ Frame C45B 158 KB
158 KB 15ms
14ms XHR
audio/webm 2a00:1450:400e:4f::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-5hne6nsz.googlevideo.com/videoplayback?expire=1638447334&ei=hmSoYYaNDcSM6dsPpKWRkAM&ip=2a03%3A1b20%3A6%3Af011%3A%3A5e&id=o-AHjOKYWJSJC0D1SBOLXGbubwqGbHTnw_-az8yKu7taBX&itag=251&source=youtube&requiressl=yes&mh=gi&mm=31%2C26&mn=sn-5hne6nsz%2Csn-5goeen7y&ms=au%2Conr&mv=u&mvi=5&pl=48&vprv=1&mime=audio%2Fwebm&ns=KqkFBkmVE1QTDo23yTlZKiMG&gir=yes&clen=1900717&dur=123.021&lmt=1638376069974885&mt=1638425463&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5531432&n=6avb2UpwQ2_NRg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgVz6mwipniRO-hBSah7e_2BLj5FUVHeA-2VDMiBa43AoCIQCjPP37fT26baN5XjF86iSr4HsEbpGz-Czeg_nG9xW-8w%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgCiyPLk8d6yHlWPVtOAz48_zENovQRtuRKMlBu0YwAbICIQDg1VDKQsvTXqMPswdw2BH26w0JQYkO2A5KWmL6ISgx0Q%3D%3D&alr=yes&cpn=uYIjdu3BQbvDIQOc&cver=1.20211130.01.00&range=144340-305759&rn=8&rbuf=9524

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:4f::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

44a4243f76cf5b8c8970466742035e7905fb0a615fa2fc7416f39c2db0fdba86

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:34 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 161420
client-protocol: quic
last-modified: Wed, 01 Dec 2021 16:27:49 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 02 Dec 2021 06:15:34 GMT

GET
H2 200 Money-Heist-Season-5-Volume-2-Trailer-Release-date-cast-1-1.jpg
i.postimg.cc/2SdXS3PD/ 60 KB
60 KB 53ms
17ms Image
image/jpeg 141.94.130.128
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/2SdXS3PD/Money-Heist-Season-5-Volume-2-Trailer-Release-date-cast-1-1.jpg
Requested by: Host: moneyheist5.ml
URL: https://moneyheist5.ml/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.130.128 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31442138.ip-141-94-130.eu
Software: nginx /
Resource Hash: 5848e08235a5c267a03abc3416a59d8784cff7351fd97d31a3343b7e93184564

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moneyheist5.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:34 GMT
last-modified: Thu, 02 Dec 2021 02:56:33 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 61457
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 204 watchtime
www.youtube.com/api/stats/ Frame C45B 0
17 B 48ms
48ms Image
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=uYIjdu3BQbvDIQOc&docid=95b51iWL1Uc&ver=2&cmt=1.414&fmt=247&fs=0&rt=2.001&euri=https%3A%2F%2Fmoneyheist5.ml%2F&lact=2020&cl=413258872&state=playing&volume=100%2C100&cbr=Chrome&cbrver=96.0.4664.45&c=WEB_EMBEDDED_PLAYER&cver=1.20211130.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&splay=1&hl=de_DE&cr=DE&len=123&rtn=12&afmt=251&idpj=-9&ldpj=-27&rti=2&size=1600%3A899&inview=0&st=0%2C0&et=0.2%2C1.414&muted=1%2C1&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F95b51iWL1Uc%3Fautoplay%3D1%26controls%3D0%26start%3D0%26end%3D0%26modestbranding%3D1%26wmode%3Dtransparent%26enablejsapi%3D1%26loop%3D0%26rel%3D0%26mute%3D1&ei=hmSoYYaNDcSM6dsPpKWRkAM&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBS1JhaHdDR3dJTjBkMlE1TEN0bW9fM1FQZnlIc2t6U2RKMzNOREZ4dzYxaF8xTkRUUWJQQVBta0tESk1nV2RmR21tWUNPOVZYRmpKTGRRcGZCRU4wenVPY1dwYkxldGhFSmJHRGhTNzhINEV0S3lPclZOQ3dUSnRDTHMxQzVVQVFEX3k

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 06:15:36 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame C45B 28 B
54 B 55ms
52ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/eea703f3/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1
X-YouTube-Client-Version: 1.20211130.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgttNFQ3S2QzMHdSUSiFyaGNBg%3D%3D
X-YouTube-Ad-Signals: dt=1638425733938&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C899&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 02 Dec 2021 06:15:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 02 Dec 2021 06:15:36 GMT

GET
H2 200 controls.png
trkingrp.com/common/boxes/grey/images/ 2 KB
2 KB 211ms
210ms Image
image/png 2606:4700:20::6818:510f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trkingrp.com/common/boxes/grey/images/controls.png
Requested by: Host: trkingrp.com
URL: https://trkingrp.com/common/boxes/grey/scriptcss.php?l=o6af3nbg48&s=rbwfyy8
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6818:510f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd66392b830be1152442db4ba9818b44a4f22adfc11571f1c5c6400c6b73ed85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trkingrp.com/common/boxes/grey/scriptcss.php?l=o6af3nbg48&s=rbwfyy8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:38 GMT
cf-cache-status: MISS
last-modified: Fri, 06 Mar 2020 00:23:28 GMT
server: cloudflare
etag: "7f1-5a024a99bb319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T5U9U8Cer3pc14V91wF3COAyDwWX%2BGHj0PZdC0%2Bu%2BwCI1OwYSM5o7wbXL5xd3pwYQ0%2BEIQa9r3V6DmjHvOJYsgC%2FjIQUR61%2FKuRvC9%2FZv%2FhvnqWu8TQcXKMHqbbuTTnFaqOeU71uO4cXpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b726bfd5e4c6927-FRA
content-length: 2033

GET
H2 200 border.png
trkingrp.com/common/boxes/grey/images/ 163 B
558 B 185ms
184ms Image
image/png 2606:4700:20::6818:510f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trkingrp.com/common/boxes/grey/images/border.png
Requested by: Host: trkingrp.com
URL: https://trkingrp.com/common/boxes/grey/scriptcss.php?l=o6af3nbg48&s=rbwfyy8
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6818:510f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d7a1c311e234b25bdde3c3563aad9dfdccb7c076dcc37bfc908d31ebe0bb307

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trkingrp.com/common/boxes/grey/scriptcss.php?l=o6af3nbg48&s=rbwfyy8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:37 GMT
cf-cache-status: MISS
last-modified: Fri, 06 Mar 2020 00:23:28 GMT
server: cloudflare
etag: "a3-5a024a99c95a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1px%2BgJoGXZTMPLqK7PeTG5FgkmDV%2BT2cYDrSaI96cUNHvh8S5ZQ%2FivmaGs%2Byqzv%2FKOuBU%2FRBQi5imIM6QKZeW6US%2BUlASlQPWH1p4ORAKZP70D5dvs785iSXvnnEmb4Apbs6s%2Fq4HwmoAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b726bfd5e4f6927-FRA
content-length: 163

GET
H2 200 Money-Heist-Season-5-Volume-2-Trailer-Release-date-cast-1-1.jpg
i.postimg.cc/2SdXS3PD/ 60 KB
60 KB 17ms
16ms Image
image/jpeg 141.94.130.128
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/2SdXS3PD/Money-Heist-Season-5-Volume-2-Trailer-Release-date-cast-1-1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.130.128 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31442138.ip-141-94-130.eu
Software: nginx /
Resource Hash: 5848e08235a5c267a03abc3416a59d8784cff7351fd97d31a3343b7e93184564

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moneyheist5.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:37 GMT
last-modified: Thu, 02 Dec 2021 02:56:33 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 61457
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 loading_background.png
trkingrp.com/common/boxes/grey/images/ 166 B
494 B 191ms
191ms Image
image/png 2606:4700:20::6818:510f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trkingrp.com/common/boxes/grey/images/loading_background.png
Requested by: Host: trkingrp.com
URL: https://trkingrp.com/common/boxes/grey/scriptcss.php?l=o6af3nbg48&s=rbwfyy8
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6818:510f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e076334a5467b74c691321c411b4a8dd2a916c39d78a103b5d538bd0a0d6a82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trkingrp.com/common/boxes/grey/scriptcss.php?l=o6af3nbg48&s=rbwfyy8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:38 GMT
cf-cache-status: MISS
last-modified: Fri, 06 Mar 2020 00:23:28 GMT
server: cloudflare
etag: "a6-5a024a99e56df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FtNisl5fdPt%2FWVGD%2BrY6Bp27JWSo33qBVU0kroplMEl%2Fr6OuipUBJ%2FRj2Kd3%2FSeHJCiQZYjFjmqDd4QVvIj0gtJm0yFOfRRQlmU27gIBjg%2BJe80vdu7GeVqPPdJaHukDyod%2F5zWyG2JLtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b726bfd5e506927-FRA
content-length: 166

GET
H2 200 loading.gif
trkingrp.com/common/boxes/grey/images/ 9 KB
10 KB 195ms
194ms Image
image/gif 2606:4700:20::6818:510f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trkingrp.com/common/boxes/grey/images/loading.gif
Requested by: Host: trkingrp.com
URL: https://trkingrp.com/common/boxes/grey/scriptcss.php?l=o6af3nbg48&s=rbwfyy8
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6818:510f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34ef55242fc24c94f0790902c09601d228e9074bf7a1f88c4de6a39b40ce38fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trkingrp.com/common/boxes/grey/scriptcss.php?l=o6af3nbg48&s=rbwfyy8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:38 GMT
cf-cache-status: MISS
last-modified: Fri, 06 Mar 2020 00:23:28 GMT
server: cloudflare
etag: "24d3-5a024a99d7450"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDn9MQYfu5YLvoyLoHljjXLSqrKOwlgjGDOzpPSPTkphfMxoVs6ZoUo7qT5U0J0FjzOPESOK3BoNPeLXF76LfEy8olSP2LL97MLNquFGHIuAi14h4QtpD7wEvbUQhCT3DZsUWI4ecwjrOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b726bfd5e516927-FRA
content-length: 9427

GET
H3 200 95b51iWL1Uc Show response
www.youtube.com/embed/ Frame C45B 59 KB
24 KB 82ms
81ms Document
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1&wmode=transparent

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c436043a184f07c5d0614d216f5f64eaa1b32c0ccfb78b7c120fbb5bb942ae49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://moneyheist5.ml/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 02 Dec 2021 06:15:37 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
content-encoding: br
server: ESF
x-xss-protection: 0
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST atr
www.youtube.com/api/stats/ Frame C45B 0
0

POST qoe
www.youtube.com/api/stats/ Frame C45B 0
0

GET watchtime
www.youtube.com/api/stats/ Frame C45B 0
0

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/eea703f3/ Frame C45B 336 KB
46 KB 39ms
39ms Stylesheet
text/css 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/eea703f3/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1&wmode=transparent

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d98637a1c12b32b467e6238367e35c66a1af6ee1d7cf1ec86fa8762b5e613fe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 15:45:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52224
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47245
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 01:17:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 01 Dec 2022 15:45:13 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/eea703f3/www-embed-player.vflset/ Frame C45B 217 KB
71 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/eea703f3/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1&wmode=transparent

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b7e0684261e3babc0afab1dc64eeca6a6c19bb4fa8921fa68eb1c89dfbfcf6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 15:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52092
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72721
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 01:17:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 01 Dec 2022 15:47:25 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/ Frame C45B 2 MB
523 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1&wmode=transparent

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c43f85c11ab4e37bd37c12bcaad089f0e81fb2779c50e07e946818a8829c397b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 15:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52092
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 535543
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 01:17:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 01 Dec 2022 15:47:25 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/eea703f3/fetch-polyfill.vflset/ Frame C45B 8 KB
3 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/eea703f3/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1&wmode=transparent

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 15:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52092
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 01:17:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 01 Dec 2022 15:47:25 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C45B 15 KB
15 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1&wmode=transparent

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 17:06:41 GMT
x-content-type-options: nosniff
age: 133736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 30 Nov 2022 17:06:41 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame C45B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

59ms
59ms

XHR
application/json

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1&wmode=transparent

Protocol

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75f8bfe28b97a694fb7fe494511e2bb545da864e03c0adeb445bae993f6c2e92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Dec 2021 06:15:38 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame C45B 29 B
54 B 81ms
36ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/eea703f3/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:12:28 GMT
x-content-type-options: nosniff
age: 190
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Dec 2021 06:27:28 GMT

GET
H3 200 IDOD8C4CBaKZ_NWTTkU4YSP0GrQsu4HTxIRjNmv5cpY.js Show response
www.google.com/js/th/ Frame C45B 35 KB
13 KB 90ms
40ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/IDOD8C4CBaKZ_NWTTkU4YSP0GrQsu4HTxIRjNmv5cpY.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203383f02e0205a299fcd5934e45386123f41ab42cbb81d3c48463366bf97296

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 18:59:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13297
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Dec 2022 18:59:09 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/ Frame C45B 24 KB
7 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8ab897b4678f2f58ca6c636aa13fa95adbd0f0a30497785cd359a8f7c5864ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 15:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52093
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7353
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 01:17:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 01 Dec 2022 15:47:25 GMT

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame C45B 62 KB
19 KB 99ms
99ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

7942f6b37cfb51911a05dcf3250d2bdcb2931cc2e641cc968874ea45a5e9d6d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1&wmode=transparent
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20211130.01.00
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
X-Goog-Visitor-Id: CgttNFQ3S2QzMHdSUSiJyaGNBg%3D%3D
Content-Type: application/json

Response headers

date: Thu, 02 Dec 2021 06:15:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19772
x-xss-protection: 0
expires: Thu, 02 Dec 2021 06:15:38 GMT

GET
DATA 200
OK truncated
/ Frame C45B 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFNLDJS5_N0yB1wcVrAS221D-QOhvGB3xzbVhqQgmFxyZ0c_fIc7KLJeq5_Aaa9orNHuDvOPDQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame C45B 3 KB
3 KB 89ms
40ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/UFNLDJS5_N0yB1wcVrAS221D-QOhvGB3xzbVhqQgmFxyZ0c_fIc7KLJeq5_Aaa9orNHuDvOPDQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1&wmode=transparent

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1295ac73daf7a2c3c55b9eabcf01002b4cdd28445d329da67de517ba2b5c2974

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 03:52:42 GMT
x-content-type-options: nosniff
age: 8576
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2682
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 30 Nov 2021 11:52:14 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame C45B 0
9 B 39ms
39ms Image
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?we7e7A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 204 qoe
www.youtube.com/api/stats/ Frame C45B 0
19 B 49ms
48ms Ping
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=244&afmt=251&cpn=A5riZJy6n20oj-CR&ei=imSoYf_wDviH6dsPmd2m2AY&el=embedded&docid=95b51iWL1Uc&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24064555%2C24080738%2C24082661%2C24104617%2C24115508%2C24126632%2C24129402%2C24129452%2C24136255&cl=413258872&seq=1&cbr=Chrome&cbrver=96.0.4664.45&c=WEB_EMBEDDED_PLAYER&cver=1.20211130.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.004:B,0.185:B,0.185:B&cmt=0.004:0.000,0.185:0.000&afs=0.185:251::i&vfs=0.185:244:247::r&view=0.185:1600:899&bwe=0.185:130000&bat=0.185:1:1&vis=0.185:0&bh=0.185:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1&wmode=transparent
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 06:15:38 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 videoplayback
r5---sn-5hnekn7k.googlevideo.com/ Frame C45B 148 KB
148 KB 69ms
22ms XHR
video/webm 2a00:1450:400e:2::a

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-5hnekn7k.googlevideo.com/videoplayback?expire=1638447338&ei=imSoYf_wDviH6dsPmd2m2AY&ip=2a03%3A1b20%3A6%3Af011%3A%3A5e&id=o-ANPE37hvrWcbqGCWv4_VmQ-VALEl_Vlxyb3USzlNkFQv&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=gi&mm=31%2C29&mn=sn-5hnekn7k%2Csn-5hne6nsz&ms=au%2Crdu&mv=u&mvi=5&pl=48&vprv=1&mime=video%2Fwebm&ns=6fo4dIzbHt7R9B_HuLQloA0G&gir=yes&clen=5634667&dur=122.999&lmt=1638379357561747&mt=1638425463&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5535432&n=VqKBOlu3SEeapQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMWU0-6oCo1mfcI15qkkI_c79vaImVcRpQvUVsJfvjsJAiEAh7A6unhpypj87lvRmkei0btUduomU-sT_t5kZ8Y3_VY%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgJhDZwyuE4o_s4HZjOUJKHtUURoFA60Lc_gB1Cuz9hQ4CIQCwrkUXZWUbw1KLfHhFOHmjVNv0TDAoBne92cLAHzj9rA%3D%3D&alr=yes&cpn=A5riZJy6n20oj-CR&cver=1.20211130.01.00&range=0-151335&rn=1&rbuf=0&altitags=243%2C242

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:2::a -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:38 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 151336
client-protocol: quic
last-modified: Wed, 01 Dec 2021 17:22:37 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Thu, 02 Dec 2021 06:15:38 GMT

GET
H3 200 videoplayback Show response
r5---sn-5hnekn7k.googlevideo.com/ Frame C45B 64 KB
64 KB 61ms
14ms XHR
audio/webm 2a00:1450:400e:2::a

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-5hnekn7k.googlevideo.com/videoplayback?expire=1638447338&ei=imSoYf_wDviH6dsPmd2m2AY&ip=2a03%3A1b20%3A6%3Af011%3A%3A5e&id=o-ANPE37hvrWcbqGCWv4_VmQ-VALEl_Vlxyb3USzlNkFQv&itag=251&source=youtube&requiressl=yes&mh=gi&mm=31%2C29&mn=sn-5hnekn7k%2Csn-5hne6nsz&ms=au%2Crdu&mv=u&mvi=5&pl=48&vprv=1&mime=audio%2Fwebm&ns=6fo4dIzbHt7R9B_HuLQloA0G&gir=yes&clen=1900717&dur=123.021&lmt=1638376069974885&mt=1638425463&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5531432&n=VqKBOlu3SEeapQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgT8jKY705_VFot51EXB0AKpNNjmCtI7oc5JnMuDncB84CIQDOMvSJfem-x56Q6gHCPIdPq5AueopEqK_cAaNVIg_3Bw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgJhDZwyuE4o_s4HZjOUJKHtUURoFA60Lc_gB1Cuz9hQ4CIQCwrkUXZWUbw1KLfHhFOHmjVNv0TDAoBne92cLAHzj9rA%3D%3D&alr=yes&cpn=A5riZJy6n20oj-CR&cver=1.20211130.01.00&range=0-66012&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:2::a -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

abd062821ee8204b9c41511403dda5ecb95d25c95344f9fc8fcc3644a7b8c605

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:38 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66013
client-protocol: quic
last-modified: Wed, 01 Dec 2021 16:27:49 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 02 Dec 2021 06:15:38 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/ Frame C45B 26 KB
7 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b37cdaa7bef11616202d3fa71591a3d0263389fbcd4ea4b28a3a466e70296967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 15:47:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52092
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7215
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 01:17:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 01 Dec 2022 15:47:26 GMT

GET
H3 200 annotations_module.js Show response
www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/ Frame C45B 66 KB
19 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/annotations_module.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5174eb2d172d4dc8444d7548a07a9521011afb88d023ee8c2fe6a003dc4381c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/95b51iWL1Uc?autoplay=1&controls=0&start=0&end=0&modestbranding=1&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 15:50:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51923
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19755
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 01:17:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 01 Dec 2022 15:50:15 GMT

POST next
www.youtube.com/youtubei/v1/ Frame C45B 0
0

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
22 KB 51ms
50ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://moneyheist5.ml
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:27:49 GMT
x-content-type-options: nosniff
age: 524869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 04:27:49 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 39ms
38ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://moneyheist5.ml
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 21:26:28 GMT
x-content-type-options: nosniff
age: 204550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 29 Nov 2022 21:26:28 GMT

GET
H3 200 videoplayback
r5---sn-5hnekn7k.googlevideo.com/ Frame C45B 652 B
678 B 15ms
15ms XHR
video/webm 2a00:1450:400e:2::a

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-5hnekn7k.googlevideo.com/videoplayback?expire=1638447338&ei=imSoYf_wDviH6dsPmd2m2AY&ip=2a03%3A1b20%3A6%3Af011%3A%3A5e&id=o-ANPE37hvrWcbqGCWv4_VmQ-VALEl_Vlxyb3USzlNkFQv&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=gi&mm=31%2C29&mn=sn-5hnekn7k%2Csn-5hne6nsz&ms=au%2Crdu&mv=u&mvi=5&pl=48&vprv=1&mime=video%2Fwebm&ns=6fo4dIzbHt7R9B_HuLQloA0G&gir=yes&clen=9338209&dur=122.999&lmt=1638379357572555&mt=1638425463&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5535432&n=VqKBOlu3SEeapQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgInDZUVlaL4AkdE8larI-77GfaxqTCSAxwxIJUd0EHv0CIFRmc9uQ_OGc4MlHkrTx-xj1U4LzAvEKlonoxH1eemH2&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgJhDZwyuE4o_s4HZjOUJKHtUURoFA60Lc_gB1Cuz9hQ4CIQCwrkUXZWUbw1KLfHhFOHmjVNv0TDAoBne92cLAHzj9rA%3D%3D&alr=yes&cpn=A5riZJy6n20oj-CR&cver=1.20211130.01.00&range=0-651&rn=3&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:2::a -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:38 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 652
client-protocol: quic
last-modified: Wed, 01 Dec 2021 17:22:37 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Thu, 02 Dec 2021 06:15:38 GMT

GET
H3 200 videoplayback
r5---sn-5hnekn7k.googlevideo.com/ Frame C45B 78 KB
78 KB 15ms
14ms XHR
video/webm 2a00:1450:400e:2::a

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/eea703f3/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:2::a -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 06:15:38 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79791
client-protocol: quic
last-modified: Wed, 01 Dec 2021 17:22:37 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Thu, 02 Dec 2021 06:15:38 GMT

POST qoe
www.youtube.com/api/stats/ Frame C45B 0
0

GET videoplayback
r5---sn-5hnekn7k.googlevideo.com/ Frame C45B 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=uYIjdu3BQbvDIQOc&docid=95b51iWL1Uc&ver=2&cmt=3.168&fmt=247&fs=0&rt=3.754&euri=https%3A%2F%2Fmoneyheist5.ml%2F&lact=3773&cl=413258872&mos=1&volume=100&cbr=Chrome&cbrver=96.0.4664.45&c=WEB_EMBEDDED_PLAYER&cver=1.20211130.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&splay=1&hl=de_DE&cr=DE&len=123&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24064555%2C24080738%2C24082661%2C24104617%2C24115508%2C24126632%2C24129402%2C24129452%2C24136255&afmt=251&muted=1&vis=3&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F95b51iWL1Uc%3Fautoplay%3D1%26controls%3D0%26start%3D0%26end%3D0%26modestbranding%3D1%26wmode%3Dtransparent%26enablejsapi%3D1%26loop%3D0%26rel%3D0%26mute%3D1&ei=hmSoYYaNDcSM6dsPpKWRkAM&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBS1JhaHdDR3dJTjBkMlE1TEN0bW9fM1FQZnlIc2t6U2RKMzNOREZ4dzYxaF8xTkRUUWJQQVBta0tESk1nV2RmR21tWUNPOVZYRmpKTGRRcGZCRU4wenVPY1dwYkxldGhFSmJHRGhTNzhINEV0S3lPclZOQ3dUSnRDTHMxQzVVQVFEX3k

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=247&afmt=251&cpn=uYIjdu3BQbvDIQOc&ei=hmSoYYaNDcSM6dsPpKWRkAM&el=embedded&docid=95b51iWL1Uc&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24064555%2C24080738%2C24082661%2C24104617%2C24115508%2C24126632%2C24129402%2C24129452%2C24136255&cl=413258872&seq=3&cbr=Chrome&cbrver=96.0.4664.45&c=WEB_EMBEDDED_PLAYER&cver=1.20211130.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&cmt=0.381:0.051,0.541:0.000,0.547:0.000,0.548:0.002,1.131:0.545,3.755:3.168&vps=0.381:PL,0.541:S,0.547:B,0.548:PL,3.755:N&bwm=0.541:1621804:0.147&bwe=0.541:4400442,3.755:4400442&bat=0.541:1:1,3.755:1:1&bh=0.541:20.001,3.755:17.041&vis=3.755:3

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=uYIjdu3BQbvDIQOc&docid=95b51iWL1Uc&ver=2&cmt=3.168&fmt=247&fs=0&rt=3.756&euri=https%3A%2F%2Fmoneyheist5.ml%2F&lact=3775&cl=413258872&state=paused&volume=100%2C100&cbr=Chrome&cbrver=96.0.4664.45&c=WEB_EMBEDDED_PLAYER&cver=1.20211130.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&final=1&splay=1&hl=de_DE&cr=DE&len=123&afmt=251&idpj=-9&ldpj=-27&size=1600%3A899&inview=0&st=1.414%2C3.097&et=3.097%2C3.168&muted=1%2C1&vis=0%2C3&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F95b51iWL1Uc%3Fautoplay%3D1%26controls%3D0%26start%3D0%26end%3D0%26modestbranding%3D1%26wmode%3Dtransparent%26enablejsapi%3D1%26loop%3D0%26rel%3D0%26mute%3D1&ei=hmSoYYaNDcSM6dsPpKWRkAM&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBS1JhaHdDR3dJTjBkMlE1TEN0bW9fM1FQZnlIc2t6U2RKMzNOREZ4dzYxaF8xTkRUUWJQQVBta0tESk1nV2RmR21tWUNPOVZYRmpKTGRRcGZCRU4wenVPY1dwYkxldGhFSmJHRGhTNzhINEV0S3lPclZOQ3dUSnRDTHMxQzVVQVFEX3k

Domain: www.youtube.com
URL: https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=247&afmt=251&cpn=A5riZJy6n20oj-CR&ei=imSoYf_wDviH6dsPmd2m2AY&el=embedded&docid=95b51iWL1Uc&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24064555%2C24080738%2C24082661%2C24104617%2C24115508%2C24126632%2C24129402%2C24129452%2C24136255&cl=413258872&seq=2&cbr=Chrome&cbrver=96.0.4664.45&c=WEB_EMBEDDED_PLAYER&cver=1.20211130.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&cmt=0.312:0.005,0.319:0.012&vps=0.312:PL,0.319:PL,0.319:PL&user_intent=0&vfs=0.319:247:247:244:r&view=0.319:1600:899&bwm=0.319:297792:0.238&bwe=0.319:731852&bat=0.319:1:1&bh=0.319:2.708&df=0.319:0

Domain: r5---sn-5hnekn7k.googlevideo.com
URL: https://r5---sn-5hnekn7k.googlevideo.com/videoplayback?expire=1638447338&ei=imSoYf_wDviH6dsPmd2m2AY&ip=2a03%3A1b20%3A6%3Af011%3A%3A5e&id=o-ANPE37hvrWcbqGCWv4_VmQ-VALEl_Vlxyb3USzlNkFQv&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=gi&mm=31%2C29&mn=sn-5hnekn7k%2Csn-5hne6nsz&ms=au%2Crdu&mv=u&mvi=5&pl=48&vprv=1&mime=video%2Fwebm&ns=6fo4dIzbHt7R9B_HuLQloA0G&gir=yes&clen=9338209&dur=122.999&lmt=1638379357572555&mt=1638425463&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5535432&n=VqKBOlu3SEeapQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgInDZUVlaL4AkdE8larI-77GfaxqTCSAxwxIJUd0EHv0CIFRmc9uQ_OGc4MlHkrTx-xj1U4LzAvEKlonoxH1eemH2&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgJhDZwyuE4o_s4HZjOUJKHtUURoFA60Lc_gB1Cuz9hQ4CIQCwrkUXZWUbw1KLfHhFOHmjVNv0TDAoBne92cLAHzj9rA%3D%3D&alr=yes&cpn=A5riZJy6n20oj-CR&cver=1.20211130.01.00&range=360677-721075&rn=5&rbuf=4083

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: p_JrEzXCpas
			.youtube.com/	1970-01-20 03:26:17	Name: VISITOR_INFO1_LIVE Value: m4T7Kd30wRQ

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://trkingrp.com/script_include.php?id=1032887(Line 90) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://trkingrp.com/common/ie_functions.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://trkingrp.com/script_include.php?id=1032887(Line 90) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://trkingrp.com/common/ie_functions.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a-cloud.b-cdn.net
ajax.googleapis.com
b-cloud.b-cdn.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.postimg.cc
moneyheist5.ml
r5---sn-5hne6nsz.googlevideo.com
r5---sn-5hnekn7k.googlevideo.com
static.doubleclick.net
trkingrp.com
www.google.com
www.moneyheist5.ml
www.youtube.com
yt3.ggpht.com
r5---sn-5hnekn7k.googlevideo.com
www.youtube.com
141.94.130.128
185.199.110.153
2606:4700:20::6818:510f
2606:50c0:8001::153
2a00:1450:4001:803::200a
2a00:1450:4001:810::200e
2a00:1450:4001:829::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2006
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:400e:2::a
2a00:1450:400e:4f::a
89.187.169.47
08de9f24b5576b2d84b6e8ff0ceeada1c3cf801bbfdfd876517d787bb3ec63a8
0a31c6c106edae3d89a940cb914b821edea7ae2d4d1000ba513f4c8a3e1be21d
1295ac73daf7a2c3c55b9eabcf01002b4cdd28445d329da67de517ba2b5c2974
1a71df7eb39c6722f30264aeac503818ffe27be3800509d3ef5819cd80e4e58a
1dd6f65de3d871f9f6b0f8c697c9a9bf18406612e2df764c4108814dee79ccf6
1e8aa3d0f1277346d09659191c0f75334484471b719433a47a11116055cb5c85
203383f02e0205a299fcd5934e45386123f41ab42cbb81d3c48463366bf97296
2775f4f0abd3e3b6b2c604569f44e5a26a05385679b7e524016d7353119354f1
2a499c62bd4a1555dc2be24483a7de1cb92605c2dee544ce0435a7add53b52c4
34ef55242fc24c94f0790902c09601d228e9074bf7a1f88c4de6a39b40ce38fa
35c4cec30c440f6bcd2fbafe6caa916b01c79f364535c90142b9ffd59b2132eb
3b84f94f45164fa64d9348218260f94835d4a5726edf5161a20e43f012877ed1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44a4243f76cf5b8c8970466742035e7905fb0a615fa2fc7416f39c2db0fdba86
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4b40523a01d7c05b5fba80d9b5fd59d28749a2113348a32a357b7dac05abf5e2
537ef31661fee2ec6ce8f43ff9b23dce6be17a540994cc6196f0eeab37a6dc0a
5848e08235a5c267a03abc3416a59d8784cff7351fd97d31a3343b7e93184564
5e6e88c3618f316080f2e3eec0c20cadcfc4669996f83209fa75d0a2465b735e
5eaf0358b8017b6e127b26020473b13edc81606c5e2bbdf004016f5216dc98ae
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b7e0684261e3babc0afab1dc64eeca6a6c19bb4fa8921fa68eb1c89dfbfcf6c
6d7a1c311e234b25bdde3c3563aad9dfdccb7c076dcc37bfc908d31ebe0bb307
75f8bfe28b97a694fb7fe494511e2bb545da864e03c0adeb445bae993f6c2e92
7942f6b37cfb51911a05dcf3250d2bdcb2931cc2e641cc968874ea45a5e9d6d9
7bda7a3d39354bc52985b5c59c69d10a26b76adda7a149b8e040c6b902be0b53
7f18343fc740d154cc1a98bfcb01e87bfc6a412c9b051dca86e8138aac173c65
82476fa2d1bb366936df648fc59ffcad435d90adbde4c5b5d8c8b9b01a91f29b
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
995dfb0c839090c9461662fca31b3d886f80dd9e881db8ea224374866eade55f
9a864b8d9b03d0c0edaeb2a3edcdd53b3a65f9944bd7e4fbee4db0d2648a6e8e
9c10b464a02589dd3755b4992a91e6a7a47d1bae064e0f53f100ca38cf6d82a4
9e076334a5467b74c691321c411b4a8dd2a916c39d78a103b5d538bd0a0d6a82
abd062821ee8204b9c41511403dda5ecb95d25c95344f9fc8fcc3644a7b8c605
af5ec8542718307352d000e4779e1a6cacd89d44a4436a2c41276f9d5d81aadd
b37cdaa7bef11616202d3fa71591a3d0263389fbcd4ea4b28a3a466e70296967
b81b6b01c95ce8af9d4eddddb85ef47b77113193b1387e71cfdb98c19ebecf0f
be4d7c12f9e05aff0d4b1050019d8d08ac408a5b42d92b218f7385458b80398f
c3817eea0e1c913ae9bf007f6198b290297fac049ed5f33e5bc01a0e67479539
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c436043a184f07c5d0614d216f5f64eaa1b32c0ccfb78b7c120fbb5bb942ae49
c43f85c11ab4e37bd37c12bcaad089f0e81fb2779c50e07e946818a8829c397b
cbb64fe5eb14fd8a4bdd82916e5f71f01f90eacdd34f6c57dc75aa81925d9fbf
cdb55f4834a3affa9587cf810faa5fd3fe2f746e05e458b96ccf73615c11e8ca
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8ab897b4678f2f58ca6c636aa13fa95adbd0f0a30497785cd359a8f7c5864ab
d98637a1c12b32b467e6238367e35c66a1af6ee1d7cf1ec86fa8762b5e613fe3
da00ef9657c42042dccf096ce357b5062c144bf65eece9b2f823be34c0d3d824
dd66392b830be1152442db4ba9818b44a4f22adfc11571f1c5c6400c6b73ed85
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e20b6d7bb3534f8f6fde7683fca8bb047c534f436d30ccba816cbadf6f8fe54a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5174eb2d172d4dc8444d7548a07a9521011afb88d023ee8c2fe6a003dc4381c
e7a6d3a1d2b1703af26b81a9319bd7e5aaef5459600799322fae93ad515fc490
e86e6025776ff5a7bdaa10960af61644884567fde97773da378c8d2a627b8810
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f03ebb6c700488e635baf352719068d88d56a2016b2e6a142e7c67f09d262b69
f8f5705ee03667d1a28565f6dc84b7748bb9d7c4ded30c270354edd054b86b32

moneyheist5.ml Open in urlscan Pro 185.199.110.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

86 Requests

90 %HTTPS

80 %IPv6

11 Domains

16 Subdomains

15 IPs

4 Countries

4468 kBTransfer

9003 kBSize

2 Cookies

3 Outgoing links

Page URL History

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

moneyheist5.ml Open in urlscan Pro
185.199.110.153 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

90 %
HTTPS

80 %
IPv6

11
Domains

16
Subdomains

15
IPs

4
Countries

4468 kB
Transfer

9003 kB
Size

2
Cookies

86 HTTP transactions
2 data transactions