urlscan.io logo urlscan.io
SecurityTrails logo

workingyourmoney.net Open in urlscan Pro
160.153.136.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.workingyourmoney.net/
Effective URL: https://workingyourmoney.net/
Submission: On September 21 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 11 domains to perform 66 HTTP transactions. The main IP is 160.153.136.3, located in Amsterdam, Netherlands and belongs to GODADDY, DE. The main domain is workingyourmoney.net.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 21st 2021. Valid for: a year.
This is the only time workingyourmoney.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    160.153.136.3 (Amsterdam, Netherlands)

ASN20773 (GODADDY, DE)
PTR: ip-160-153-136-3.ip.secureserver.net
www.workingyourmoney.net
workingyourmoney.net
40    209.170.113.8 (United States)

ASN1299 (TELIANET Telia Carrier, SE)
img1.wsimg.com
img6.wsimg.com
4    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
11    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
drive.google.com
www.youtube.com
2    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
doc-0c-04-docs.googleusercontent.com
doc-10-04-docs.googleusercontent.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:831::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
2    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    104.94.26.87 (Ballerup Municipality, Denmark)

ASN16625 (AKAMAI-AS, US)
PTR: a104-94-26-87.deploy.static.akamaitechnologies.com
img.secureserver.net
Domain Requested by
39 img1.wsimg.com 1 redirects workingyourmoney.net
img1.wsimg.com
9 www.youtube.com srcdoc
www.youtube.com
4 ajax.googleapis.com srcdoc
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 drive.google.com 2 redirects
2 fonts.googleapis.com srcdoc
1 img.secureserver.net
1 img6.wsimg.com workingyourmoney.net
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 fonts.gstatic.com www.youtube.com
1 doc-10-04-docs.googleusercontent.com srcdoc
1 doc-0c-04-docs.googleusercontent.com srcdoc
1 workingyourmoney.net
1 www.workingyourmoney.net 1 redirects
66 18

This site contains links to these domains. Also see Links.

Domain
www.godaddy.com
Subject Issuer Validity Valid
workingyourmoney.net
Go Daddy Secure Certificate Authority - G2		 2021-09-21 -
2022-10-22		 a year crt.sh
*.wsimg.com
Starfield Secure Certificate Authority - G2		 2021-03-05 -
2022-04-06		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.secureserver.net
Starfield Secure Certificate Authority - G2		 2019-10-22 -
2021-10-22		 2 years crt.sh

This page contains 6 frames:

Primary Page: https://workingyourmoney.net/
Frame ID: 3B4AE4A52A5D98A6109D0236D2D06B5D
Requests: 41 HTTP requests in this frame

Frame: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Frame ID: B341ADA25028F3F0E5E28598F26C5579
Requests: 1 HTTP requests in this frame

Frame: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Frame ID: 2E1CB8C082F4EAB42F3E239E28E277B2
Requests: 3 HTTP requests in this frame

Frame: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Frame ID: A86185267DAEF68452E6225D1647156C
Requests: 3 HTTP requests in this frame

Frame: https://www.youtube.com/embed/8_NckaJIcj4
Frame ID: E3A2D59E603A0F65EB9B431182AD9705
Requests: 18 HTTP requests in this frame

Frame: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Frame ID: 8E111398788227E0C548461EC4CF3F91
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Working Your Money - Financial Freedom, Financial Literacy

Page URL History Show full URLs

  1. https://www.workingyourmoney.net/ HTTP 301
    https://workingyourmoney.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

66
Requests

100 %
HTTPS

79 %
IPv6

11
Domains

18
Subdomains

15
IPs

4
Countries

2088 kB
Transfer

4749 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.workingyourmoney.net/ HTTP 301
    https://workingyourmoney.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://drive.google.com/uc?export=view&id=1BsZYdc6FmECztKpqVAG6feHZ3eiQtpDs HTTP 302
  • https://doc-0c-04-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/4shvpbtt5sc4eqioq0r50en3ho2u94va/1632260250000/16249847977865971652/*/1BsZYdc6FmECztKpqVAG6feHZ3eiQtpDs?e=view
Request Chain 21
  • https://drive.google.com/uc?export=view&id=1Tp8H8lBvfdsdacHxFKpid_uHRD_hatH4 HTTP 302
  • https://doc-10-04-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/eupmkbdikl5sc7u0ukhhsh4b0js9pcg3/1632260250000/16249847977865971652/*/1Tp8H8lBvfdsdacHxFKpid_uHRD_hatH4?e=view
Request Chain 28
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 40
  • https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js HTTP 302
  • https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js

66 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
workingyourmoney.net/
Redirect Chain
  • https://www.workingyourmoney.net/
  • https://workingyourmoney.net/
110 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://workingyourmoney.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.136.3 Amsterdam, Netherlands, ASN20773 (GODADDY, DE),
Reverse DNS
ip-160-153-136-3.ip.secureserver.net
Software
DPS/1.11.6 /
Resource Hash
e28397c6a3b1b11d36a5021583bf0f2e6ef0f2f63b39b7a9ab5f79bbfd144605
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'

Request headers

:method
GET
:authority
workingyourmoney.net
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

link
<//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.11.1.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/librefranklin/v7/jizOREVItHgc8qDIbSTKq4XkRg8T88bjFuXOnduhHMWkANDJ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/opensans/v23/memnYaGs126MiZpBA-UFUKWyV9hrIqM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/opensans/v23/mem6YaGs126MiZpBA-UFUK0Zdc0.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/opensans/v23/memnYaGs126MiZpBA-UFUKWiUNhrIqM.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/opensans/v23/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/opensans/v23/mem5YaGs126MiZpBA-UN8rsOUuhp.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control
max-age=30
content-security-policy
frame-ancestors 'self'
content-type
text/html;charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
server
DPS/1.11.6
x-siteid
4000
set-cookie
dps_site_id=4000; path=/; secure
etag
47b088ed0c3effbd0f2c226d0701d0f9
date
Tue, 21 Sep 2021 21:38:03 GMT

Redirect headers

location
https://workingyourmoney.net/
vary
Accept-Encoding
server
DPS/1.11.6
x-siteid
4000
set-cookie
dps_site_id=4000; path=/; secure
etag
47b088ed0c3effbd0f2c226d0701d0f9
date
Tue, 21 Sep 2021 21:38:03 GMT
UX.4.11.1.js
img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/ 		278 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
bd3cf49261a4bf9cc0a63893a1b19505524ebd8502f2539e1dcd2803a25cf4eb

Request headers

Referer
https://workingyourmoney.net/
Origin
https://workingyourmoney.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
content-encoding
gzip
etag
"3a741e87dfef0d80c56603b8f6439094"
x-forwarded-for
64.202.160.110
access-control-max-age
86400
x-forwarded-proto
https
content-length
87903
last-modified
Thu, 13 May 2021 18:16:35 GMT
x-amzn-trace-id
Root=1-609d6d01-49dc0a5f4fcfa913123763d4
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Wed, 21 Sep 2022 21:38:04 GMT
jizOREVItHgc8qDIbSTKq4XkRg8T88bjFuXOnduhHMWkANDJ.woff2
img1.wsimg.com/gfonts/s/librefranklin/v7/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/gfonts/s/librefranklin/v7/jizOREVItHgc8qDIbSTKq4XkRg8T88bjFuXOnduhHMWkANDJ.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
c655f3891478c0b239e88184195be8dcbe152780f3871525c3ea0ed7e2fdbbfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workingyourmoney.net/
Origin
https://workingyourmoney.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 21:06:26 GMT
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
14132
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 21 Sep 2022 21:38:04 GMT
memnYaGs126MiZpBA-UFUKWyV9hrIqM.woff2
img1.wsimg.com/gfonts/s/opensans/v23/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/gfonts/s/opensans/v23/memnYaGs126MiZpBA-UFUKWyV9hrIqM.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
7c9e72fed9f647684a0437f185bf4ed620de7b49f236453256716b639ac56f04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workingyourmoney.net/
Origin
https://workingyourmoney.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
x-content-type-options
nosniff
last-modified
Tue, 10 Aug 2021 00:23:39 GMT
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
13916
x-xss-protection
0
expires
Wed, 21 Sep 2022 21:38:04 GMT
mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
img1.wsimg.com/gfonts/s/opensans/v23/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/gfonts/s/opensans/v23/mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workingyourmoney.net/
Origin
https://workingyourmoney.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
x-content-type-options
nosniff
last-modified
Tue, 10 Aug 2021 00:23:08 GMT
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
13792
x-xss-protection
0
expires
Wed, 21 Sep 2022 21:38:04 GMT
memnYaGs126MiZpBA-UFUKWiUNhrIqM.woff2
img1.wsimg.com/gfonts/s/opensans/v23/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/gfonts/s/opensans/v23/memnYaGs126MiZpBA-UFUKWiUNhrIqM.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
b8c17e5dd0633499e73cab90d02e2ee089e60b718c6a917e9b1c3b418c15c179
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workingyourmoney.net/
Origin
https://workingyourmoney.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
x-content-type-options
nosniff
last-modified
Tue, 10 Aug 2021 00:23:46 GMT
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
13792
x-xss-protection
0
expires
Wed, 21 Sep 2022 21:38:04 GMT
mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
img1.wsimg.com/gfonts/s/opensans/v23/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/gfonts/s/opensans/v23/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workingyourmoney.net/
Origin
https://workingyourmoney.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
x-content-type-options
nosniff
last-modified
Tue, 10 Aug 2021 00:22:57 GMT
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
14992
x-xss-protection
0
expires
Wed, 21 Sep 2022 21:38:04 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
img1.wsimg.com/gfonts/s/opensans/v23/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/gfonts/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workingyourmoney.net/
Origin
https://workingyourmoney.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
x-content-type-options
nosniff
last-modified
Tue, 10 Aug 2021 00:23:25 GMT
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
14440
x-xss-protection
0
expires
Wed, 21 Sep 2022 21:38:04 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
img1.wsimg.com/gfonts/s/opensans/v23/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/gfonts/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workingyourmoney.net/
Origin
https://workingyourmoney.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
x-content-type-options
nosniff
last-modified
Tue, 10 Aug 2021 00:23:34 GMT
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
15112
x-xss-protection
0
expires
Wed, 21 Sep 2022 21:38:04 GMT
mem5YaGs126MiZpBA-UN8rsOUuhp.woff2
img1.wsimg.com/gfonts/s/opensans/v23/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/gfonts/s/opensans/v23/mem5YaGs126MiZpBA-UN8rsOUuhp.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
47300f73d115d5d1586ff7b01cc7319166b160bdad6e54a54ad02ac9312f6426
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workingyourmoney.net/
Origin
https://workingyourmoney.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
x-content-type-options
nosniff
last-modified
Tue, 10 Aug 2021 00:24:04 GMT
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
15188
x-xss-protection
0
expires
Wed, 21 Sep 2022 21:38:04 GMT
qt=q:1
img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:101,h:101,cg:true,m,i:true/ 		118 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:101,h:101,cg:true,m,i:true/qt=q:1
Requested by
Host: workingyourmoney.net
URL: https://workingyourmoney.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
02f41612cab443c4f20adf2773b67559fff7762fddc1dc5958fdc84971d6c1bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://workingyourmoney.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-version
0.4.4+sha-853f4aa
date
Tue, 21 Sep 2021 21:38:04 GMT
access-control-request-method
GET
etag
4122819719
x-height
101
access-control-max-age
864000
edge-cache-tag
/isteam/ip/static
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-track-origin-referer
https://workingyourmoney.net/
x-width
101
timing-allow-origin
*
content-length
118
expires
Wed, 21 Sep 2022 21:38:04 GMT
script.js
img1.wsimg.com/blobby/go/a1452716-82b6-4445-bda2-786be50ca0c4/gpub/6559d7af72841a25/ 		58 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/blobby/go/a1452716-82b6-4445-bda2-786be50ca0c4/gpub/6559d7af72841a25/script.js
Requested by
Host: workingyourmoney.net
URL: https://workingyourmoney.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
232547778c3299b37e1c80d2678ab029d5d490b6bbe80e08976dc8185e8cd758

Request headers

Referer
https://workingyourmoney.net/
Origin
https://workingyourmoney.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
content-encoding
gzip
etag
"75d38acc93e93f5506fb578f59379f67"
x-forwarded-for
50.63.4.64
access-control-max-age
86400
x-forwarded-proto
https
content-length
14566
last-modified
Fri, 21 May 2021 02:56:18 GMT
x-amzn-trace-id
Root=1-60a72151-3d8be6f10fd7e92e561a229a
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Wed, 21 Sep 2022 21:38:04 GMT
script.js
img1.wsimg.com/blobby/go/a1452716-82b6-4445-bda2-786be50ca0c4/gpub/dead09cb4cd19fee/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/blobby/go/a1452716-82b6-4445-bda2-786be50ca0c4/gpub/dead09cb4cd19fee/script.js
Requested by
Host: workingyourmoney.net
URL: https://workingyourmoney.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
0e3214fc7b7c8137717fc8d26994bc078371b65e4dd18515ed1ab95f0e9fbc3e

Request headers

Referer
https://workingyourmoney.net/
Origin
https://workingyourmoney.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
content-encoding
gzip
etag
"ab5c4ec95c7b1c58128a3bae1ab1a398"
x-forwarded-for
50.63.4.64
access-control-max-age
86400
x-forwarded-proto
https
content-length
10512
last-modified
Fri, 21 May 2021 02:56:18 GMT
x-amzn-trace-id
Root=1-60a72151-7b15116865b152d3784c3b9e
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Wed, 21 Sep 2022 21:38:04 GMT
rs=w:1920,m
img1.wsimg.com/isteam/ip/a1452716-82b6-4445-bda2-786be50ca0c4/Splash%20page%20v2-0010.png/:/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1.wsimg.com/isteam/ip/a1452716-82b6-4445-bda2-786be50ca0c4/Splash%20page%20v2-0010.png/:/rs=w:1920,m
Requested by
Host: workingyourmoney.net
URL: https://workingyourmoney.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
a715f8d9c229cf0c0c37738495d78c9810026aa72fcf89c055876e13511a3e42

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://workingyourmoney.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-version
0.4.4+sha-853f4aa
date
Tue, 21 Sep 2021 21:38:04 GMT
access-control-request-method
GET
etag
3245694086
x-height
1100
access-control-max-age
864000
edge-cache-tag
/isteam/ip/a1452716-82b6-4445-bda2-786be50ca0c4/Splash%20page%20v2-0010.png/:/rs=w:1920,m
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-track-origin-referer
https://workingyourmoney.net/
x-width
1920
timing-allow-origin
*
content-length
29742
expires
Wed, 21 Sep 2022 21:38:04 GMT
qt=q:1
img1.wsimg.com/isteam/ip/a1452716-82b6-4445-bda2-786be50ca0c4/Splash%20page%20v2-0010.png/:/rs=w:50,cg:true,mx/ 		82 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1.wsimg.com/isteam/ip/a1452716-82b6-4445-bda2-786be50ca0c4/Splash%20page%20v2-0010.png/:/rs=w:50,cg:true,mx/qt=q:1
Requested by
Host: workingyourmoney.net
URL: https://workingyourmoney.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
978b269c18fa7a6bed296f5193f080a7418add1c98ac12d11f475e1be35ba6d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://workingyourmoney.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-version
0.4.4+sha-853f4aa
date
Tue, 21 Sep 2021 21:38:04 GMT
access-control-request-method
GET
etag
1187528723
x-height
29
access-control-max-age
864000
edge-cache-tag
/isteam/ip/a1452716-82b6-4445-bda2-786be50ca0c4/Splash%20page%20v2-0010.png/:/rs=w:50,cg:true,mx/qt=q:1
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-track-origin-referer
https://workingyourmoney.net/
x-width
50
timing-allow-origin
*
content-length
82
expires
Wed, 21 Sep 2022 21:38:04 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ Frame B341 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://workingyourmoney.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:10:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
131257
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Tue, 20 Sep 2022 09:10:26 GMT
qt=q:1
img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:50,h:50,cg:true,m,i:true/ 		102 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1.wsimg.com/isteam/ip/static/transparent_placeholder.png/:/rs=w:50,h:50,cg:true,m,i:true/qt=q:1
Requested by
Host: workingyourmoney.net
URL: https://workingyourmoney.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
2a0385bf0984a140d8d02c26038da8f907cc6802a8a41ba9dadc21a1e247106a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://workingyourmoney.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-version
0.4.4+sha-853f4aa
date
Tue, 21 Sep 2021 21:38:04 GMT
access-control-request-method
GET
etag
634425635
x-height
50
access-control-max-age
864000
edge-cache-tag
/isteam/ip/static
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-track-origin-referer
https://oklahomahydrographics.com/
x-width
50
timing-allow-origin
*
content-length
102
expires
Wed, 21 Sep 2022 21:38:04 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ Frame 2E1C 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://workingyourmoney.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:10:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
131257
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Tue, 20 Sep 2022 09:10:26 GMT
css
fonts.googleapis.com/ Frame 2E1C 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli%7CRoboto:400,300,500,700,900
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c586b953b998d57151c3df1d8f7e48220df0a4f4f3828c35ba96fb4cff6eb4a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://workingyourmoney.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 21 Sep 2021 21:38:03 GMT
server
ESF
date
Tue, 21 Sep 2021 21:38:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 21 Sep 2021 21:38:03 GMT
1BsZYdc6FmECztKpqVAG6feHZ3eiQtpDs
doc-0c-04-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/4shvpbtt5sc4eqioq0r50en3ho2u94va/1632260250000/16249847977865971652/*/ Frame 2E1C
Redirect Chain
  • https://drive.google.com/uc?export=view&id=1BsZYdc6FmECztKpqVAG6feHZ3eiQtpDs
  • https://doc-0c-04-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/4shvpbtt5sc4eqioq0r50en3ho2u94va/1632260250000/16249847977865971652/*/1BsZYdc6FmECztKpqVAG6feHZ3eiQtpDs?e...
31 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doc-0c-04-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/4shvpbtt5sc4eqioq0r50en3ho2u94va/1632260250000/16249847977865971652/*/1BsZYdc6FmECztKpqVAG6feHZ3eiQtpDs?e=view
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
bd65da0c5c09666e983c494ee0aa6a50a0edead8f06176da8b074891d0ac0f91

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://workingyourmoney.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
access-control-allow-methods
GET,OPTIONS
server
UploadServer
access-control-allow-headers
Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout
x-guploader-uploadid
ADPycdtuDDv7upCH9I8G4gJTBJhcV_uI-NUmTCSg15GptUDELPWpS1XqeqzURo3SOMkHOMJ1MH9wePRLk4R2VcxzGLU
x-goog-hash
crc32c=oLlv/A==
content-type
image/jpeg
access-control-allow-origin
*
cache-control
private, max-age=0
access-control-allow-credentials
false
content-disposition
inline;filename="sales-meeting (1).jpg";filename*=UTF-8''sales-meeting%20%281%29.jpg
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31682
expires
Tue, 21 Sep 2021 21:38:04 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 21:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
location
https://doc-0c-04-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/4shvpbtt5sc4eqioq0r50en3ho2u94va/1632260250000/16249847977865971652/*/1BsZYdc6FmECztKpqVAG6feHZ3eiQtpDs?e=view
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-DKip4j9Rr/TT6GXpGemHeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
312
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ Frame A861 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://workingyourmoney.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:10:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
131257
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Tue, 20 Sep 2022 09:10:26 GMT
css
fonts.googleapis.com/ Frame A861 		11 KB
872 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli%7CRoboto:400,300,500,700,900
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c586b953b998d57151c3df1d8f7e48220df0a4f4f3828c35ba96fb4cff6eb4a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://workingyourmoney.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 21 Sep 2021 21:38:03 GMT
server
ESF
date
Tue, 21 Sep 2021 21:38:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 21 Sep 2021 21:38:03 GMT
1Tp8H8lBvfdsdacHxFKpid_uHRD_hatH4
doc-10-04-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/eupmkbdikl5sc7u0ukhhsh4b0js9pcg3/1632260250000/16249847977865971652/*/ Frame A861
Redirect Chain
  • https://drive.google.com/uc?export=view&id=1Tp8H8lBvfdsdacHxFKpid_uHRD_hatH4
  • https://doc-10-04-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/eupmkbdikl5sc7u0ukhhsh4b0js9pcg3/1632260250000/16249847977865971652/*/1Tp8H8lBvfdsdacHxFKpid_uHRD_hatH4?e...
813 KB
814 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doc-10-04-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/eupmkbdikl5sc7u0ukhhsh4b0js9pcg3/1632260250000/16249847977865971652/*/1Tp8H8lBvfdsdacHxFKpid_uHRD_hatH4?e=view
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a2eaec1aa25a8077b1a52c57d530af249151c40a11063f4d5fc115dca14a451c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://workingyourmoney.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
access-control-allow-methods
GET,OPTIONS
server
UploadServer
access-control-allow-headers
Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout
x-guploader-uploadid
ADPycdu2AkVvgY6QOMoWqyd5S7xoT_3vt0GbCp6p3xxd1UOapbFYNrRcx4uo6wuPDAbCFvJ90OODBRroLNiwIjQz6Lk
x-goog-hash
crc32c=yJESZg==
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=0
access-control-allow-credentials
false
content-disposition
inline;filename="Money Jars.png";filename*=UTF-8''Money%20Jars.png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
832860
expires
Tue, 21 Sep 2021 21:38:04 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 21:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
location
https://doc-10-04-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/eupmkbdikl5sc7u0ukhhsh4b0js9pcg3/1632260250000/16249847977865971652/*/1Tp8H8lBvfdsdacHxFKpid_uHRD_hatH4?e=view
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-lPCff8Xt1OnkDIb/lyFxqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
312
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
8_NckaJIcj4
www.youtube.com/embed/ Frame E3A2 		56 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/8_NckaJIcj4
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e117c9ea46f7a42aac2731a59226234acb5314936f6a6a21e6246662256e18b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/8_NckaJIcj4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://workingyourmoney.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://workingyourmoney.net/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 21 Sep 2021 21:38:04 GMT
strict-transport-security
max-age=31536000
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to
{"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=SARirphMzbo; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=QyUKD5oG6kY; Domain=.youtube.com; Expires=Sun, 20-Mar-2022 21:38:04 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+182; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
www-player-webp.css
www.youtube.com/s/player/202721c6/ Frame E3A2 		329 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/202721c6/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8_NckaJIcj4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c548c151337a815c681c21526d74a2a18d333af03de18c3416b7ecbec5efa49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/8_NckaJIcj4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 15:44:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
107626
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46356
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 00:16:39 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 20 Sep 2022 15:44:18 GMT
www-embed-player.js
www.youtube.com/s/player/202721c6/www-embed-player.vflset/ Frame E3A2 		201 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/202721c6/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8_NckaJIcj4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d246d268ccbb30f7aadd23581fb30e4e790b9570fe1906c8ecbaa451427dc283
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/8_NckaJIcj4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 15:44:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
107626
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67318
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 00:16:39 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 20 Sep 2022 15:44:18 GMT
base.js
www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/ Frame E3A2 		2 MB
505 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8_NckaJIcj4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0fc4119bc1cbfb84c3decc599049a609d37530c85c6272d2babb5e6f8aea51d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/8_NckaJIcj4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 15:44:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
107591
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
517198
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 00:16:39 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 20 Sep 2022 15:44:53 GMT
fetch-polyfill.js
www.youtube.com/s/player/202721c6/fetch-polyfill.vflset/ Frame E3A2 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/202721c6/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8_NckaJIcj4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/8_NckaJIcj4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 15:44:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
107626
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 00:16:39 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 20 Sep 2022 15:44:18 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E3A2 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8_NckaJIcj4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 19:58:13 GMT
x-content-type-options
nosniff
age
92391
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 Sep 2022 19:58:13 GMT
id
googleads.g.doubleclick.net/pagead/ Frame E3A2
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8_NckaJIcj4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
496bd5ad4e885c1b46c79dd59b4da8b13791b71abce493aaf9b1f4683964d1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 21 Sep 2021 21:38:04 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame E3A2 		29 B
424 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/202721c6/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:27:58 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
606
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Tue, 21 Sep 2021 21:42:58 GMT
remote.js
www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/ Frame E3A2 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
375ed48cd9e95d6226f860a4e264e95d284f7f2e1afd3e273a487b523a4667b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/8_NckaJIcj4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 15:44:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
107590
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29973
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 00:16:39 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 20 Sep 2022 15:44:54 GMT
PxKgO0L4LVFhGG72tZdtkRkX920XJx0tR7ZkYMc_JlY.js
www.google.com/js/th/ Frame E3A2 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/PxKgO0L4LVFhGG72tZdtkRkX920XJx0tR7ZkYMc_JlY.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f12a03b42f82d5161186ef6b5976d911917f76d17271d2d47b66460c73f2656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 05:08:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
577745
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13311
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 14:30:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 15 Sep 2022 05:08:59 GMT
embed.js
www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/ Frame E3A2 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fc0154a9a3bb9f72d51c7dc2438412bf3e5b7fd637af7947d78ba3260e20d21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/8_NckaJIcj4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 15:44:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
107590
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7353
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 00:16:39 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 20 Sep 2022 15:44:54 GMT
truncated
/ Frame E3A2 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
AKedOLTnogLAKfI41ZNdDb9QQXuXMUAgL7kH1Yfs-g=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame E3A2 		924 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLTnogLAKfI41ZNdDb9QQXuXMUAgL7kH1Yfs-g=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8_NckaJIcj4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bad6712758d43fe13504e73d81435aaac801f5fb6269ca0a9372e2743015a444
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
924
x-xss-protection
0
expires
Wed, 22 Sep 2021 21:38:04 GMT
sddefault.webp
i.ytimg.com/vi_webp/8_NckaJIcj4/ Frame E3A2 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/8_NckaJIcj4/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8_NckaJIcj4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c641fa517e5239a4f19a178930fd01c72f146b13f4a6098d273d9584b1b5f366
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
x-content-type-options
nosniff
server
sffe
etag
"1602644343"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6466
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 21 Sep 2021 23:38:04 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame E3A2 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview"
expires
Tue, 21 Sep 2021 21:38:04 GMT
generate_204
www.youtube.com/ Frame E3A2 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?_0CLCg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8_NckaJIcj4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/8_NckaJIcj4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/93/ Frame E3A2 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/93/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7a0b5f26abc2ee8452715addae1516723a88843bfb0a8b80537f4c334caf22d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1937
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15359
x-xss-protection
0
last-modified
Mon, 12 Jul 2021 15:09:13 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Wed, 22 Sep 2021 21:05:47 GMT
tcc_l.combined.1.0.6.min.js
img1.wsimg.com/tcc/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/a1452716-82b6-4445-bda2-786be50ca0c4/gpub/6559d7af72841a25/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
aa5c1ec4d2ea00eb517eadeb3b65e55b577b7a5ed42d7c2611d15d9050c18350

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://workingyourmoney.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
content-encoding
gzip
last-modified
Fri, 31 Mar 2017 16:26:41 GMT
etag
"52ef5c943baad21:0"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
4564
expires
Wed, 21 Sep 2022 21:38:04 GMT
tti.min.js
img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/
Redirect Chain
  • https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
  • https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
Requested by
Host: workingyourmoney.net
URL: https://workingyourmoney.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
6e74c12390bdb48bf5b0bb295ceed4f68add11467d2472d983a42e3023ecf312

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://workingyourmoney.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
654
x-amz-version-id
F4fYptXBkP0fCCCWFLfVGE1HXlZmORny
content-encoding
br
etag
"ce554d2333f3801abafb32da18213ff7"
x-amz-request-id
XNK8Z8KQATPTCZRH
x-edgeconnect-midmile-rtt
3
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
7498
x-amz-id-2
Bt3x3iTv8Fk+aaaS+GUkBMe+ASr0HEMDh339t8gjL9ozG+jBiKIjzxbTtgmm6ZRh5XVuxORtokQ=
last-modified
Wed, 16 Jun 2021 22:03:01 GMT
date
Tue, 21 Sep 2021 21:38:04 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

location
https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
date
Tue, 21 Sep 2021 21:38:04 GMT
cache-control
max-age=5
access-control-allow-origin
*
timing-allow-origin
*
content-length
0
expires
Tue, 21 Sep 2021 21:38:09 GMT
bs-layout17-Theme-publish-Theme-7d29e94a.js
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/bs-layout17-Theme-publish-Theme-7d29e94a.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/a1452716-82b6-4445-bda2-786be50ca0c4/gpub/6559d7af72841a25/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
7032b827a12020f2f67532ec00846a51b13d2949feab0846ef58af991be8580f

Request headers

Referer
https://workingyourmoney.net/
Origin
https://workingyourmoney.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
content-encoding
gzip
etag
"847c9a40110c094efbad082ee9e7330a"
x-forwarded-for
64.202.160.109
access-control-max-age
86400
x-forwarded-proto
https
content-length
2739
last-modified
Thu, 11 Mar 2021 19:04:43 GMT
x-amzn-trace-id
Root=1-604a69ca-5da376eb216572952052d608
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Wed, 21 Sep 2022 21:38:04 GMT
bs-Component-26629cc7.js
img1.wsimg.com/blobby/go/static/radpack/@widget/MESSAGING/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/MESSAGING/bs-Component-26629cc7.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/a1452716-82b6-4445-bda2-786be50ca0c4/gpub/6559d7af72841a25/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
4e5029be5ac717464ffcd85548111ade673fa57f0bdf1f21fac5654a1c455391

Request headers

Referer
https://workingyourmoney.net/
Origin
https://workingyourmoney.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
content-encoding
gzip
etag
"70df7308773efbbc5e70ba4d31cc7c09"
x-forwarded-for
64.202.160.109
access-control-max-age
86400
x-forwarded-proto
https
content-length
2587
last-modified
Fri, 26 Feb 2021 23:57:35 GMT
x-amzn-trace-id
Root=1-60398aee-6a69dd4a0f7d97f1167c00cb
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Wed, 21 Sep 2022 21:38:04 GMT
bs-_rollupPluginBabelHelpers-e060ef4e.js
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/ 		562 B
798 B 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-_rollupPluginBabelHelpers-e060ef4e.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/a1452716-82b6-4445-bda2-786be50ca0c4/gpub/6559d7af72841a25/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
9f91fc05a60d0038327dc0c927ebab74bfb17c1d710e6f4f9bc212ad47d15909

Request headers

Referer
https://workingyourmoney.net/
Origin
https://workingyourmoney.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
content-encoding
gzip
etag
"e4acc80079af96fa370e01a7a01cd1b1"
x-forwarded-for
64.202.160.110
access-control-max-age
86400
x-forwarded-proto
https
content-length
372
last-modified
Thu, 25 Feb 2021 22:07:54 GMT
x-amzn-trace-id
Root=1-60381fb9-7e152e4b2f1ff949192c0def
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Wed, 21 Sep 2022 21:38:04 GMT
bs-boldOutline-45b6c0ee.js
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-boldOutline-45b6c0ee.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/a1452716-82b6-4445-bda2-786be50ca0c4/gpub/6559d7af72841a25/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
c35a932b7984b023cfcb9715bf61e566cdef7fe85dee9ac57be5b2d7883f997e

Request headers

Referer
https://workingyourmoney.net/
Origin
https://workingyourmoney.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
content-encoding
gzip
etag
"fd9f97532d2c9d7b8b040c945e767dfe"
x-forwarded-for
64.202.160.105
access-control-max-age
86400
x-forwarded-proto
https
content-length
3728
last-modified
Thu, 25 Feb 2021 22:08:01 GMT
x-amzn-trace-id
Root=1-60381fc0-3060a6b31ce4c2752909be23
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Wed, 21 Sep 2022 21:38:04 GMT
bs-defaultSocialIconPack-ea7d3f6a.js
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-defaultSocialIconPack-ea7d3f6a.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/a1452716-82b6-4445-bda2-786be50ca0c4/gpub/6559d7af72841a25/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
061bed1c843bd226e9158cf984579caf6c8ffa4ef38d98d3ad2874bfb1ab3fc3

Request headers

Referer
https://workingyourmoney.net/
Origin
https://workingyourmoney.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
content-encoding
gzip
etag
"f1696c816980fdb6701eb41113e5c685"
x-forwarded-for
64.202.160.105
access-control-max-age
86400
x-forwarded-proto
https
content-length
5664
last-modified
Thu, 25 Feb 2021 22:08:02 GMT
x-amzn-trace-id
Root=1-60381fc1-5b10c0b67b8515bb75ede84b
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Wed, 21 Sep 2022 21:38:04 GMT
bs-headerTreatments-93051bc2.js
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-headerTreatments-93051bc2.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/a1452716-82b6-4445-bda2-786be50ca0c4/gpub/6559d7af72841a25/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
49425ef2abab693e4d6c1ed594f3289084e06c42486aaa9fb3d34f2e623125eb

Request headers

Referer
https://workingyourmoney.net/
Origin
https://workingyourmoney.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
content-encoding
gzip
etag
"2051ba935ee63b6f1f5162dddb07514b"
x-forwarded-for
64.202.160.107
access-control-max-age
86400
x-forwarded-proto
https
content-length
1445
last-modified
Wed, 12 May 2021 19:14:43 GMT
x-amzn-trace-id
Root=1-609c2922-64959d206b0d7bef1636582a
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Wed, 21 Sep 2022 21:38:04 GMT
bs-index-705f787e.js
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/ 		867 B
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index-705f787e.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/a1452716-82b6-4445-bda2-786be50ca0c4/gpub/6559d7af72841a25/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
41e578c2ccf59ad769443c5e37b00487abc751dd4f8ba0e7aaccdd3b724b66ec

Request headers

Referer
https://workingyourmoney.net/
Origin
https://workingyourmoney.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
content-encoding
gzip
etag
"a7dbb60f2f6b73d9b1d9e33e6fab4644"
x-forwarded-for
64.202.160.110
access-control-max-age
86400
x-forwarded-proto
https
content-length
574
last-modified
Thu, 25 Feb 2021 22:07:55 GMT
x-amzn-trace-id
Root=1-60381fba-3a0f0f8c55c76e2c1e6cb7f2
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Wed, 21 Sep 2022 21:38:04 GMT
bs-index3-0561793e.js
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/ 		222 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index3-0561793e.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/a1452716-82b6-4445-bda2-786be50ca0c4/gpub/6559d7af72841a25/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
1542589b74b28c0894a6dd40946dd5f2674b263f913e3fe00065e2f18e8b49e0

Request headers

Referer
https://workingyourmoney.net/
Origin
https://workingyourmoney.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
content-encoding
gzip
etag
"5e94d43f2c89b9ce2c867efa57c96c1f"
x-forwarded-for
64.202.160.107
access-control-max-age
86400
x-forwarded-proto
https
content-length
54937
last-modified
Fri, 07 May 2021 21:35:43 GMT
x-amzn-trace-id
Root=1-6095b2ae-79ec8df40fe926050d6c9813
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Wed, 21 Sep 2022 21:38:04 GMT
bs-legacyOverrides-3722db3b.js
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/ 		324 B
686 B 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-legacyOverrides-3722db3b.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/a1452716-82b6-4445-bda2-786be50ca0c4/gpub/6559d7af72841a25/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
9226b124eb0bba99fc34c28c55e9d911f7cbbf11bceaadc213a6c526fcff1b62

Request headers

Referer
https://workingyourmoney.net/
Origin
https://workingyourmoney.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
content-encoding
gzip
etag
"fcd997c9e2d30f01079b001a26e17cb9"
x-forwarded-for
64.202.160.111
access-control-max-age
86400
x-forwarded-proto
https
content-length
259
last-modified
Thu, 25 Feb 2021 22:07:59 GMT
x-amzn-trace-id
Root=1-60381fbe-5445de092b7eb86a1d564752
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Wed, 21 Sep 2022 21:38:04 GMT
bs-loaders-3ed72fce.js
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-loaders-3ed72fce.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/a1452716-82b6-4445-bda2-786be50ca0c4/gpub/6559d7af72841a25/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
d5781ebe11af5e11b201c124ef118ea1a3b2549e61570db1d075b3548ce1c716

Request headers

Referer
https://workingyourmoney.net/
Origin
https://workingyourmoney.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
content-encoding
gzip
etag
"068421e8d97090123835ef4850978293"
x-forwarded-for
64.202.160.107
access-control-max-age
86400
x-forwarded-proto
https
content-length
740
last-modified
Thu, 11 Mar 2021 19:04:44 GMT
x-amzn-trace-id
Root=1-604a69cb-434c87132bdf1b1d78362f15
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Wed, 21 Sep 2022 21:38:04 GMT
formIdentifiers-8d1eb835.js
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/common/constants/form/ 		421 B
751 B 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/common/constants/form/formIdentifiers-8d1eb835.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/a1452716-82b6-4445-bda2-786be50ca0c4/gpub/6559d7af72841a25/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
a14bdaafef643e9da989fa4fd96f73fb35ce92be6e1dd12ac47c14d30b146a89

Request headers

Referer
https://workingyourmoney.net/
Origin
https://workingyourmoney.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
content-encoding
gzip
etag
"ec47357ab58887161e840b985bc1cc3f"
x-forwarded-for
64.202.160.111
access-control-max-age
86400
x-forwarded-proto
https
content-length
324
last-modified
Fri, 30 Apr 2021 14:43:26 GMT
x-amzn-trace-id
Root=1-608c178d-0826f8bc5e97bb3f00eba013
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Wed, 21 Sep 2022 21:38:04 GMT
traffic2-f4096148.js
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/common/constants/ 		652 B
858 B 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/common/constants/traffic2-f4096148.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/a1452716-82b6-4445-bda2-786be50ca0c4/gpub/6559d7af72841a25/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
402d9963c41519360f378b1103a448e93153cf980c92194547f51c706ec45ce1

Request headers

Referer
https://workingyourmoney.net/
Origin
https://workingyourmoney.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
content-encoding
gzip
etag
"56b37779e560b1f33dae335fcdf417e5"
x-forwarded-for
64.202.160.107
access-control-max-age
86400
x-forwarded-proto
https
content-length
430
last-modified
Tue, 01 Dec 2020 17:54:55 GMT
x-amzn-trace-id
Root=1-5fc6836e-274d6c4c70fec5b058af7bae
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Wed, 21 Sep 2022 21:38:04 GMT
badge-a479b038.js
img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/Recaptcha/ 		557 B
795 B 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/Recaptcha/badge-a479b038.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/a1452716-82b6-4445-bda2-786be50ca0c4/gpub/6559d7af72841a25/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
7584a9b5afa3ef8d191200e7c1d180cc34b03a05f453fb95d2a60ed20066990f

Request headers

Referer
https://workingyourmoney.net/
Origin
https://workingyourmoney.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
content-encoding
gzip
etag
"8857679c4bd7c2c9238416f452bed34f"
x-forwarded-for
64.202.160.104
access-control-max-age
86400
x-forwarded-proto
https
content-length
367
last-modified
Wed, 21 Oct 2020 02:55:22 GMT
x-amzn-trace-id
Root=1-5f8fa319-4467925d4bc512bd5d8610c2
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Wed, 21 Sep 2022 21:38:04 GMT
bs-countVCTElement-7ef3ede8.js
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/ 		284 B
639 B 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-countVCTElement-7ef3ede8.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/a1452716-82b6-4445-bda2-786be50ca0c4/gpub/6559d7af72841a25/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
85523d65d50454e0a83545e05651697fb740d8570ac88884614b3a8b23769e50

Request headers

Referer
https://workingyourmoney.net/
Origin
https://workingyourmoney.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
content-encoding
gzip
etag
"b9fb116e4ba4fcac3d0fba16c571a166"
x-forwarded-for
64.202.160.108
access-control-max-age
86400
x-forwarded-proto
https
content-length
214
last-modified
Thu, 01 Apr 2021 20:16:46 GMT
x-amzn-trace-id
Root=1-60662a2d-2429cefd6bad71f756e39e05
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Wed, 21 Sep 2022 21:38:04 GMT
bs-index2-5c95fee7.js
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index2-5c95fee7.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/a1452716-82b6-4445-bda2-786be50ca0c4/gpub/6559d7af72841a25/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
e0e35bfa940f1627f696f6cd32a005f74837423f95692b73f1aaaeffec3d721a

Request headers

Referer
https://workingyourmoney.net/
Origin
https://workingyourmoney.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
content-encoding
gzip
etag
"7e423d40cea0013d0ce187496bb427f2"
x-forwarded-for
64.202.160.107
access-control-max-age
86400
x-forwarded-proto
https
content-length
672
last-modified
Thu, 25 Feb 2021 22:07:59 GMT
x-amzn-trace-id
Root=1-60381fbe-2b8a810818edc7333aa613ad
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Wed, 21 Sep 2022 21:38:04 GMT
bs-overlayTypes-7887de12.js
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/ 		284 B
660 B 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-overlayTypes-7887de12.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/a1452716-82b6-4445-bda2-786be50ca0c4/gpub/6559d7af72841a25/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
4fc9b089feb4de59d5bb8debd4beb80646a1edd1eb568274f79197a9a54fa571

Request headers

Referer
https://workingyourmoney.net/
Origin
https://workingyourmoney.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
content-encoding
gzip
etag
"097dc1773715fa24001253b96d7b13af"
x-forwarded-for
64.202.160.108
access-control-max-age
86400
x-forwarded-proto
https
content-length
234
last-modified
Thu, 01 Apr 2021 20:16:46 GMT
x-amzn-trace-id
Root=1-60662a2d-6f5ec107231c29c370fc5fa2
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Wed, 21 Sep 2022 21:38:04 GMT
bs-searchFormLocations-0e39c269.js
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/ 		304 B
671 B 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-searchFormLocations-0e39c269.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/a1452716-82b6-4445-bda2-786be50ca0c4/gpub/6559d7af72841a25/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
51ab381101eaab511651eb85835565fb2e0c1b09df8c939044bd281f70f0a96e

Request headers

Referer
https://workingyourmoney.net/
Origin
https://workingyourmoney.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
content-encoding
gzip
etag
"43a37bb8ce232be6ff3c919f20aaed11"
x-forwarded-for
64.202.160.106
access-control-max-age
86400
x-forwarded-proto
https
content-length
244
last-modified
Thu, 25 Feb 2021 22:07:58 GMT
x-amzn-trace-id
Root=1-60381fbd-6b4b679064c9c14c4ceda18a
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Wed, 21 Sep 2022 21:38:04 GMT
bs-LinkAwareComponent-bc2eca6b.js
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/bs-LinkAwareComponent-bc2eca6b.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/a1452716-82b6-4445-bda2-786be50ca0c4/gpub/6559d7af72841a25/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
56f9ea27e6203d1165300d8b0de686d07f83b93ef9e9ca1848a8b4c6d9d5c4c7

Request headers

Referer
https://workingyourmoney.net/
Origin
https://workingyourmoney.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
content-encoding
gzip
etag
"373bcb62f1635f6c93fe3b50701277d5"
x-forwarded-for
64.202.160.104
access-control-max-age
86400
x-forwarded-proto
https
content-length
872
last-modified
Thu, 11 Mar 2021 19:04:42 GMT
x-amzn-trace-id
Root=1-604a69c9-723263bf583aeb1429ad2ce8
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Wed, 21 Sep 2022 21:38:04 GMT
bs-Component-78381eea.js
img1.wsimg.com/blobby/go/static/radpack/@widget/HTML/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/HTML/bs-Component-78381eea.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/a1452716-82b6-4445-bda2-786be50ca0c4/gpub/6559d7af72841a25/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
1e2665fd65047419cbd2756907e6ed8c3f3e9bf1caeef5dc4aca827a8d9d5c71

Request headers

Referer
https://workingyourmoney.net/
Origin
https://workingyourmoney.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
content-encoding
gzip
etag
"b0b5f6a3c317f2ae953fd9448aca1b8a"
x-forwarded-for
64.202.160.108
access-control-max-age
86400
x-forwarded-proto
https
content-length
1181
last-modified
Mon, 12 Oct 2020 22:03:20 GMT
x-amzn-trace-id
Root=1-5f84d2a6-7d4683172e47e4f3361581a3
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Wed, 21 Sep 2022 21:38:04 GMT
bs-FlyoutMenu-Component-3b32297b.js
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/bs-FlyoutMenu-Component-3b32297b.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/a1452716-82b6-4445-bda2-786be50ca0c4/gpub/6559d7af72841a25/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
0462cb58105262213f2d2a4c83af94d2770bfce49eb5ae71b292675d9d344283

Request headers

Referer
https://workingyourmoney.net/
Origin
https://workingyourmoney.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
content-encoding
gzip
etag
"2023d8c8c038928f12cb0ebb221592d9"
x-forwarded-for
64.202.160.111
access-control-max-age
86400
x-forwarded-proto
https
content-length
1266
last-modified
Thu, 11 Mar 2021 19:04:40 GMT
x-amzn-trace-id
Root=1-604a69c7-65b1bb7759285941176ae8c3
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Wed, 21 Sep 2022 21:38:04 GMT
bs-Toggle-7bd7b6c9.js
img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-Toggle-7bd7b6c9.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/blobby/go/a1452716-82b6-4445-bda2-786be50ca0c4/gpub/6559d7af72841a25/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
dafe23720728b8eab118b6ab5de22f762bdf5e9f67a652337012c9c50c4cee36

Request headers

Referer
https://workingyourmoney.net/
Origin
https://workingyourmoney.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:38:04 GMT
content-encoding
gzip
etag
"2a0a5b3f66f80f1d945b1b873c46459c"
x-forwarded-for
64.202.160.110
access-control-max-age
86400
x-forwarded-proto
https
content-length
1018
last-modified
Fri, 07 May 2021 21:35:42 GMT
x-amzn-trace-id
Root=1-6095b2ad-2a7a5d090b6796d652a3069a
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-forwarded-port
443
timing-allow-origin
*
access-control-allow-headers
*
expires
Wed, 21 Sep 2022 21:38:04 GMT
qt=q:95
img1.wsimg.com/isteam/ip/a1452716-82b6-4445-bda2-786be50ca0c4/workingyourmoney%20%203.png/:/rs=w:101,h:101,cg:true,m/cr=w:101,h:101/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1.wsimg.com/isteam/ip/a1452716-82b6-4445-bda2-786be50ca0c4/workingyourmoney%20%203.png/:/rs=w:101,h:101,cg:true,m/cr=w:101,h:101/qt=q:95
Requested by
Host: workingyourmoney.net
URL: https://workingyourmoney.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.170.113.8 , United States, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
8be73208362ba6ab66a460a0910c8e1c3c53082f7a86b466a4b9243d958f033f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://workingyourmoney.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-version
0.4.4+sha-853f4aa
date
Tue, 21 Sep 2021 21:38:04 GMT
access-control-request-method
GET
etag
2556738795
x-height
101
access-control-max-age
864000
edge-cache-tag
/isteam/ip/a1452716-82b6-4445-bda2-786be50ca0c4/workingyourmoney%20%203.png/:/rs=w:101,h:101,cg:true,m/cr=w:101,h:101/qt=q:95
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-track-origin-referer
https://workingyourmoney.net/
x-width
101
timing-allow-origin
*
content-length
3242
expires
Wed, 21 Sep 2022 21:38:04 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ Frame 8E11 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://workingyourmoney.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:10:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
131258
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Tue, 20 Sep 2022 09:10:26 GMT
event
img.secureserver.net/t/1/tl/ 		43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.secureserver.net/t/1/tl/event?cts=1632260285147&tce=1632260283802&tcs=1632260283802&tdc=1632260284946&tdclee=1632260284607&tdcles=1632260284607&tdi=1632260284607&tdl=1632260283826&tdle=1632260283802&tdls=1632260283802&tfs=1632260283802&tns=1632260283708&trqs=1632260283803&tre=1632260283835&trps=1632260283823&tles=1632260284946&tlee=1632260284946&ht=perf&dh=workingyourmoney.net&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36&vci=1239826584&cv=1.0.6&z=1142083420&vg=25af86bd-5147-454d-b67a-07154178213e&vtg=25af86bd-5147-454d-b67a-07154178213e&ap=IPv2&trfd=%7B%22cts%22%3A1632260284678%2C%22tccl.baseHost%22%3A%22secureserver.net%22%2C%22websiteId%22%3A%22a1452716-82b6-4445-bda2-786be50ca0c4%22%2C%22pd%22%3A%222021-05-21T02%3A56%3A16.714Z%22%2C%22ap%22%3A%22IPv2%22%2C%22ds%22%3A%224000%22%2C%22meta.numWidgets%22%3A6%2C%22meta.theme%22%3A%22layout17%22%2C%22meta.headerMediaType%22%3A%22Image%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Afalse%2C%22meta.isMembership%22%3Afalse%2C%22hasPopupWidget%22%3Afalse%2C%22hasMessagingWidget%22%3Atrue%2C%22headerTreatment%22%3A%22Fill%22%2C%22hasSlideshow%22%3Afalse%2C%22hasFreemiumBanner%22%3Afalse%2C%22homepageFirstWidgetType%22%3A%22HTML%22%2C%22homepageFirstWidgetPreset%22%3A%22html1%22%2C%22businessCategory%22%3A%22nonprofit%22%2C%22theme%22%3A%22layout17%22%2C%22locale%22%3A%22en-US%22%2C%22fontPack%22%3A%22libre-franklin%22%2C%22cookieBannerEnabled%22%3Atrue%2C%22membershipEnabled%22%3Atrue%2C%22hasHomepageHTML%22%3Atrue%2C%22hasHomepageShop%22%3Afalse%2C%22hasHomepageOla%22%3Afalse%2C%22hasHomepageBlog%22%3Afalse%2C%22hasShop%22%3Afalse%2C%22hasOla%22%3Afalse%2C%22planType%22%3A%22business%22%2C%22isHomepage%22%3Atrue%2C%22htmlWidget%22%3Atrue%7D&dp=%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.26.87 Ballerup Municipality, Denmark, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-26-87.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://workingyourmoney.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Date
Tue, 21 Sep 2021 21:38:05 GMT
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://workingyourmoney.net, *
Access-Control-Max-Age
1000
Cache-Control
private
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
43
X-XSS-Protection
1; mode=block
log_event
www.youtube.com/youtubei/v1/ Frame E3A2 		28 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/202721c6/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/8_NckaJIcj4
X-YouTube-Client-Version
1.20210919.0.0
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtReVVLRDVvRzZrWSi8oamKBg%3D%3D
X-YouTube-Ad-Signals
dt=1632260284110&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java&u_nplug=3&u_nmime=4&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C591%2C480&vis=1&wgl=true&ca_type=image&bid=ANyPxKp0eBTw25sULa9MOsRw-u_hTz0s6196Bm_mZ4bcGVdvJ0uAR8iZ8P54F_RQixpTljzxZTWP055tpBorMYcvdERE_88auA

Response headers

date
Tue, 21 Sep 2021 21:38:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Tue, 21 Sep 2021 21:38:06 GMT

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect boolean| originAgentCluster function| guacImage object| guacDefer function| onVisualComplete function| markVisuallyComplete function| deferBootstrap function| onAllowCookieTracking object| bgEl object| match string| e object| t number| vctElements number| VISUAL_COMPLETE function| trackingEnabledForType function| logTcclEvent function| tccl_dpsid function| addTccl function| radpack object| _trfq object| _trfd function| define object| Core object| React object| ReactDOM function| keyMirror function| _ function| classNames object| PropTypes object| Dials function| cxs object| wsb object| scrollParent object| elementLinks number| originalLogoHeight number| originalNavHeight string| originalLogoShadow string| originalLogoMarginTop object| navContainer string| originalNavPaddingTop function| tcg function| tcp object| perfhandler object| TCCTracker object| true object| global object| tti

8 Cookies

Domain/Path Name / Value
www.workingyourmoney.net/ Name: dps_site_id
Value: 4000
workingyourmoney.net/ Name: dps_site_id
Value: 4000
.youtube.com/ Name: YSC
Value: SARirphMzbo
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: QyUKD5oG6kY
.doubleclick.net/ Name: IDE
Value: AHWqTUkFkM2UsLdWvaR-518MBAj9LpQTCkVTj0XWnZf1Wab9Gl7bnKlHVlKXi9yz
.google.com/ Name: NID
Value: 511=Jy5lJmaPYpPLBjmRB28jQ2KZDBcB_Ed_YhNT4YlIdVln1fKbPWnusL1ERN9BP8WzZhyMv9eVerQ2-eCE5orYhpDJoS3KxaWG_j7do6h-Sf52hJZXNhsZ08I44FLZAafrOU7D0F2A5WGd8ER2ggG4sZpOmgW_vCN5eubKqBrZhGo
workingyourmoney.net/ Name: _tccl_visitor
Value: 25af86bd-5147-454d-b67a-07154178213e
workingyourmoney.net/ Name: _tccl_visit
Value: 25af86bd-5147-454d-b67a-07154178213e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
doc-0c-04-docs.googleusercontent.com
doc-10-04-docs.googleusercontent.com
drive.google.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
img.secureserver.net
img1.wsimg.com
img6.wsimg.com
static.doubleclick.net
workingyourmoney.net
www.google.com
www.gstatic.com
www.workingyourmoney.net
www.youtube.com
yt3.ggpht.com
104.94.26.87
160.153.136.3
209.170.113.8
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2004
2a00:1450:4001:811::2003
2a00:1450:4001:812::2001
2a00:1450:4001:827::2003
2a00:1450:4001:827::2006
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2016
02f41612cab443c4f20adf2773b67559fff7762fddc1dc5958fdc84971d6c1bf
0462cb58105262213f2d2a4c83af94d2770bfce49eb5ae71b292675d9d344283
061bed1c843bd226e9158cf984579caf6c8ffa4ef38d98d3ad2874bfb1ab3fc3
0e3214fc7b7c8137717fc8d26994bc078371b65e4dd18515ed1ab95f0e9fbc3e
0fc4119bc1cbfb84c3decc599049a609d37530c85c6272d2babb5e6f8aea51d4
1542589b74b28c0894a6dd40946dd5f2674b263f913e3fe00065e2f18e8b49e0
1e2665fd65047419cbd2756907e6ed8c3f3e9bf1caeef5dc4aca827a8d9d5c71
232547778c3299b37e1c80d2678ab029d5d490b6bbe80e08976dc8185e8cd758
2a0385bf0984a140d8d02c26038da8f907cc6802a8a41ba9dadc21a1e247106a
375ed48cd9e95d6226f860a4e264e95d284f7f2e1afd3e273a487b523a4667b3
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f12a03b42f82d5161186ef6b5976d911917f76d17271d2d47b66460c73f2656
402d9963c41519360f378b1103a448e93153cf980c92194547f51c706ec45ce1
41e578c2ccf59ad769443c5e37b00487abc751dd4f8ba0e7aaccdd3b724b66ec
47300f73d115d5d1586ff7b01cc7319166b160bdad6e54a54ad02ac9312f6426
49425ef2abab693e4d6c1ed594f3289084e06c42486aaa9fb3d34f2e623125eb
496bd5ad4e885c1b46c79dd59b4da8b13791b71abce493aaf9b1f4683964d1bd
4e5029be5ac717464ffcd85548111ade673fa57f0bdf1f21fac5654a1c455391
4fc9b089feb4de59d5bb8debd4beb80646a1edd1eb568274f79197a9a54fa571
51ab381101eaab511651eb85835565fb2e0c1b09df8c939044bd281f70f0a96e
56f9ea27e6203d1165300d8b0de686d07f83b93ef9e9ca1848a8b4c6d9d5c4c7
5c548c151337a815c681c21526d74a2a18d333af03de18c3416b7ecbec5efa49
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6e74c12390bdb48bf5b0bb295ceed4f68add11467d2472d983a42e3023ecf312
6fc0154a9a3bb9f72d51c7dc2438412bf3e5b7fd637af7947d78ba3260e20d21
7032b827a12020f2f67532ec00846a51b13d2949feab0846ef58af991be8580f
7584a9b5afa3ef8d191200e7c1d180cc34b03a05f453fb95d2a60ed20066990f
7c9e72fed9f647684a0437f185bf4ed620de7b49f236453256716b639ac56f04
85523d65d50454e0a83545e05651697fb740d8570ac88884614b3a8b23769e50
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8be73208362ba6ab66a460a0910c8e1c3c53082f7a86b466a4b9243d958f033f
9226b124eb0bba99fc34c28c55e9d911f7cbbf11bceaadc213a6c526fcff1b62
978b269c18fa7a6bed296f5193f080a7418add1c98ac12d11f475e1be35ba6d7
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
9f91fc05a60d0038327dc0c927ebab74bfb17c1d710e6f4f9bc212ad47d15909
a14bdaafef643e9da989fa4fd96f73fb35ce92be6e1dd12ac47c14d30b146a89
a2eaec1aa25a8077b1a52c57d530af249151c40a11063f4d5fc115dca14a451c
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a715f8d9c229cf0c0c37738495d78c9810026aa72fcf89c055876e13511a3e42
aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b
aa5c1ec4d2ea00eb517eadeb3b65e55b577b7a5ed42d7c2611d15d9050c18350
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8c17e5dd0633499e73cab90d02e2ee089e60b718c6a917e9b1c3b418c15c179
bad6712758d43fe13504e73d81435aaac801f5fb6269ca0a9372e2743015a444
bd3cf49261a4bf9cc0a63893a1b19505524ebd8502f2539e1dcd2803a25cf4eb
bd65da0c5c09666e983c494ee0aa6a50a0edead8f06176da8b074891d0ac0f91
c35a932b7984b023cfcb9715bf61e566cdef7fe85dee9ac57be5b2d7883f997e
c586b953b998d57151c3df1d8f7e48220df0a4f4f3828c35ba96fb4cff6eb4a2
c641fa517e5239a4f19a178930fd01c72f146b13f4a6098d273d9584b1b5f366
c655f3891478c0b239e88184195be8dcbe152780f3871525c3ea0ed7e2fdbbfa
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
d246d268ccbb30f7aadd23581fb30e4e790b9570fe1906c8ecbaa451427dc283
d5781ebe11af5e11b201c124ef118ea1a3b2549e61570db1d075b3548ce1c716
d7a0b5f26abc2ee8452715addae1516723a88843bfb0a8b80537f4c334caf22d
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dafe23720728b8eab118b6ab5de22f762bdf5e9f67a652337012c9c50c4cee36
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e0e35bfa940f1627f696f6cd32a005f74837423f95692b73f1aaaeffec3d721a
e117c9ea46f7a42aac2731a59226234acb5314936f6a6a21e6246662256e18b7
e28397c6a3b1b11d36a5021583bf0f2e6ef0f2f63b39b7a9ab5f79bbfd144605
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9