www.paytheransomnyc.com Open in urlscan Pro
198.185.159.144 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://paytheransomnyc.com/
Effective URL:
https://www.paytheransomnyc.com/
Submission: On November 30 via api (November 30th 2022, 10:07:56 am UTC) from US — Scanned from DE

Summary HTTP 76 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 11 domains to perform 76 HTTP transactions. The main IP is 198.185.159.144, located in United States and belongs to SQUARESPACE, US. The main domain is www.paytheransomnyc.com.
TLS certificate: Issued by R3 on November 30th 2022. Valid for: 3 months.

This is the only time www.paytheransomnyc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	198.185.159.144 198.185.159.144	53831 (SQUARESPACE) (SQUARESPACE)
11	151.101.192.237 151.101.192.237	54113 (FASTLY) (FASTLY)
9	2a02:26f0:480... 2a02:26f0:480:f::213:7ee1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7edb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:402... 2a00:1450:4023:b::8	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:23::8	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2016	15169 (GOOGLE) (GOOGLE)
76	16

7 198.185.159.144 (United States) 1 redirects

ASN53831 (SQUARESPACE, US)

paytheransomnyc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.paytheransomnyc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.192.237 (United States)

ASN54113 (FASTLY, US)

assets.squarespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:480:f::213:7ee1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7edb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4023:b::8 (Ireland)

ASN15169 (GOOGLE, US)

rr3---sn-2gb7sn7r.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:23::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr3---sn-4g5edndk.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	youtube.com www.youtube.com — Cisco Umbrella Rank: 93	904 KB
12	googlevideo.com rr3---sn-2gb7sn7r.googlevideo.com — Cisco Umbrella Rank: 301977 rr3---sn-4g5edndk.googlevideo.com — Cisco Umbrella Rank: 50910	3 MB
11	squarespace.com assets.squarespace.com — Cisco Umbrella Rank: 7842	800 KB
10	typekit.net use.typekit.net — Cisco Umbrella Rank: 873 p.typekit.net — Cisco Umbrella Rank: 1025	324 KB
7	paytheransomnyc.com 1 redirects paytheransomnyc.com www.paytheransomnyc.com	133 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 107 jnn-pa.googleapis.com — Cisco Umbrella Rank: 277	31 KB
3	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 237	65 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 static.doubleclick.net — Cisco Umbrella Rank: 350	1 KB
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 108	238 KB
2	gstatic.com fonts.gstatic.com	31 KB
1	google.com www.google.com — Cisco Umbrella Rank: 16	15 KB
76	11

	Domain	Requested by
21	www.youtube.com	assets.squarespace.com www.youtube.com
11	assets.squarespace.com	www.paytheransomnyc.com
9	use.typekit.net	www.paytheransomnyc.com
8	rr3---sn-2gb7sn7r.googlevideo.com	www.youtube.com
6	www.paytheransomnyc.com	www.paytheransomnyc.com assets.squarespace.com
4	rr3---sn-4g5edndk.googlevideo.com	www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
3	yt3.ggpht.com
2	i.ytimg.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	fonts.gstatic.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	p.typekit.net	www.paytheransomnyc.com
1	fonts.googleapis.com	www.paytheransomnyc.com
1	paytheransomnyc.com	1 redirects
76	16

This site contains links to these domains. Also see Links.

Domain
instagram.com

Subject Issuer	Validity	Valid
www.paytheransomnyc.com R3	`2022-11-30` - `2023-02-28`	3 months	crt.sh
*.squarespace.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-12` - `2023-03-25`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-11-08` - `2023-01-17`	2 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.paytheransomnyc.com/
Frame ID: 2892B131737EAD94014DE662166FBCA5
Requests: 30 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Mq1f1eYPTNA?autohide=1&autoplay=0&controls=0&enablejsapi=1&iv_load_policy=3&loop=0&modestbranding=1&playsinline=1&rel=0&showinfo=0&wmode=opaque&origin=https%3A%2F%2Fwww.paytheransomnyc.com&widgetid=1
Frame ID: FABC61A973924100C89547D7D3B0014C
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RVN$OM

Page URL History Show full URLs

http://paytheransomnyc.com/ HTTP 301
https://www.paytheransomnyc.com/ Page URL

Detected technologies

Squarespace (CMS) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

76
Requests

97 %
HTTPS

87 %
IPv6

11
Domains

16
Subdomains

16
IPs

3
Countries

5215 kB
Transfer

10778 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://instagram.com/paytheransom

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://paytheransomnyc.com/ HTTP 301
https://www.paytheransomnyc.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

76 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.paytheransomnyc.com/
Redirect Chain

http://paytheransomnyc.com/
https://www.paytheransomnyc.com/

317 KB
27 KB

492ms
182ms

Document
text/html

198.185.159.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paytheransomnyc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.185.159.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

fb2e23022d2760ac5a28bcbb2212741f9171bf847aa93d86ed8efa8aa500321c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 29939
content-encoding: gzip
content-length: 27664
content-type: text/html;charset=utf-8
date: Wed, 30 Nov 2022 01:48:50 GMT
etag: W/"c2620f3c89fdbcdcc0a262615caa9726"
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: Squarespace
strict-transport-security: max-age=0
vary: Accept-Encoding
x-content-type-options: nosniff
x-contextid: HZUf7wnn/XqNxD17p

Redirect headers

Age: 94809
Content-Length: 0
Date: Tue, 29 Nov 2022 07:47:39 GMT
Location: https://www.paytheransomnyc.com/
Server: Squarespace
X-Contextid: HVfDNKPc/x4M6M48l

GET
H2 200 slide-normalize-f3e05d707a08546a77c65-min.en-US.css
assets.squarespace.com/universal/styles-compressed/ 2 KB
886 B 55ms
8ms Stylesheet
text/css 151.101.192.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/styles-compressed/slide-normalize-f3e05d707a08546a77c65-min.en-US.css
Requested by: Host: www.paytheransomnyc.com
URL: https://www.paytheransomnyc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6c1873397af5694fd5d6be1a2ca30f869b1dd6ed51f7d9398a896e5a45b8b038

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paytheransomnyc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 1, 864
date: Wed, 30 Nov 2022 10:07:49 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 3607220
x-cache: HIT, HIT
content-length: 701
x-served-by: cache-iad-kjyo7100092-IAD, cache-hhn4057-HHN
last-modified: Fri, 12 Mar 2021 21:49:07 GMT
server: UploadServer
x-timer: S1669802870.749011,VS0,VE0
etag: "e9487da1e61c124b8335ba6140b24d2a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Oct 2023 16:07:29 GMT

GET
H2 200 XkjSzkfrUXQW8D6nqBtypUFyKAkjT3aT4TViKEenyKJfeltff4e6pUJ6wRMU5QwXFmvu5e9ujRZRjhIuFDq3jAJUFQZRjQ4c5QJ-T3I7Ocuzdc8UiA9lScB0ShNlOAoyZWb0SaBujW48Sagyjh90jhNlOeUzjhBC-eNDifUldhoTSWm8OW4yd1FzdPu0jAmXO1FUi... Show response
use.typekit.net/ik/ 18 KB
7 KB 204ms
114ms Script
text/javascript 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ik/XkjSzkfrUXQW8D6nqBtypUFyKAkjT3aT4TViKEenyKJfeltff4e6pUJ6wRMU5QwXFmvu5e9ujRZRjhIuFDq3jAJUFQZRjQ4c5QJ-T3I7Ocuzdc8UiA9lScB0ShNlOAoyZWb0SaBujW48Sagyjh90jhNlOeUzjhBC-eNDifUldhoTSWm8OW4yd1FzdPu0jAmXO1FUiABkZWF3jAF8OcFzdPU3jW8X-emkjAoDdhu0pAw0jhNlOYiaikoldhoTSWm8OW4yd1FzdPu0jAmXO1FUiABkZWF3jAF8OcFzdPUaiaS0SeBoiey8ScB0ShNld18ROcFzdPJVZ148-AiGifuK-ASlSY4zJygcScmTZhyXOWFyd1wlSY4zJ68ciWsuScIlSYb7f6KkqMIbMg6IJMJ7fbKP-sMgeM96MKG4fJZmIMJjMkMfH6qJyB9bMy6IJMJ7fbRxmgMfeM96MKG4fJBmIMJjgkMfH6qJym9bMy65JMJ7fbKfmsMfegI6MTMgldxKa39.js

Requested by

Host: www.paytheransomnyc.com
URL: https://www.paytheransomnyc.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

63d61c69ffdb2aac7730f81832e045db8eed6047dd770302e78450adcc809081

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paytheransomnyc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Wed, 30 Nov 2022 10:07:49 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6865

GET
H2 200 css2
fonts.googleapis.com/ 684 B
866 B 43ms
19ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Sanchez:wght@400

Requested by

Host: www.paytheransomnyc.com
URL: https://www.paytheransomnyc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a388d06a9e184c0a018d0cb4a2739cff38da8e4c3429cc8d87b8ef88ec994e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paytheransomnyc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 30 Nov 2022 10:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 10:07:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Nov 2022 10:07:49 GMT

GET
H2 200 modern.js Show response
assets.squarespace.com/@sqs/polyfiller/1.2.2/ 80 KB
29 KB 53ms
7ms Script
text/javascript 151.101.192.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/@sqs/polyfiller/1.2.2/modern.js
Requested by: Host: www.paytheransomnyc.com
URL: https://www.paytheransomnyc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6a801f781b109838b64c593ffbabaeb97e553d349540a9636cb63e23a8479423

Request headers

Referer: https://www.paytheransomnyc.com/
Origin: https://www.paytheransomnyc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 1, 143454
date: Wed, 30 Nov 2022 10:07:49 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2218112
x-cache: HIT, HIT
content-length: 29224
x-served-by: cache-bwi5144-BWI, cache-hhn4070-HHN
last-modified: Wed, 08 Sep 2021 20:21:24 GMT
server: UploadServer
x-timer: S1669802870.748858,VS0,VE0
etag: "03e5ef7c77d113abf6178fce61ec6344"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 10:43:13 GMT

GET
H2 200 extract-css-runtime-0ed6ed412602b5ef03ce6-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 44 KB
15 KB 55ms
9ms Script
text/javascript 151.101.192.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-0ed6ed412602b5ef03ce6-min.en-US.js
Requested by: Host: www.paytheransomnyc.com
URL: https://www.paytheransomnyc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e2253ddd092a522ae61737d767ad132e0df09c487885507f0fbed02a1d4bccda

Request headers

Referer: https://www.paytheransomnyc.com/
Origin: https://www.paytheransomnyc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 1, 93171
date: Wed, 30 Nov 2022 10:07:49 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 637604
x-cache: HIT, HIT
content-length: 15248
x-served-by: cache-iad-kiad7000137-IAD, cache-hhn4070-HHN
last-modified: Wed, 23 Nov 2022 00:23:04 GMT
server: UploadServer
x-timer: S1669802870.749234,VS0,VE0
etag: "3e792a81690e992fbf9f4eccad825827"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 01:01:04 GMT

GET
H2 200 extract-css-moment-js-vendor-5082e2dab696b020ac83a-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 575 KB
86 KB 55ms
9ms Script
text/javascript 151.101.192.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/extract-css-moment-js-vendor-5082e2dab696b020ac83a-min.en-US.js
Requested by: Host: www.paytheransomnyc.com
URL: https://www.paytheransomnyc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a59acd7a8cbaf68d5d628ac09c501f01a2f3f42c9affa8f3d101f2860d1cc3f7

Request headers

Referer: https://www.paytheransomnyc.com/
Origin: https://www.paytheransomnyc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 1, 113663
date: Wed, 30 Nov 2022 10:07:49 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 750699
x-cache: HIT, HIT
content-length: 87950
x-served-by: cache-iad-kiad7000132-IAD, cache-hhn4070-HHN
last-modified: Mon, 21 Nov 2022 16:44:05 GMT
server: UploadServer
x-timer: S1669802870.749240,VS0,VE0
etag: "c790849e8518999c8594a0bbb6597784"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 17:36:10 GMT

GET
H2 200 cldr-resource-pack-33f25cea66c84971c39d6-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 119 KB
18 KB 65ms
19ms Script
text/javascript 151.101.192.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/cldr-resource-pack-33f25cea66c84971c39d6-min.en-US.js
Requested by: Host: www.paytheransomnyc.com
URL: https://www.paytheransomnyc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: eaf57fca6ef0d907fc24c69ea4bd4dbf7117d8344e894e2dbf691e515d38298a

Request headers

Referer: https://www.paytheransomnyc.com/
Origin: https://www.paytheransomnyc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 1, 124466
date: Wed, 30 Nov 2022 10:07:49 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 751435
x-cache: HIT, HIT
content-length: 18492
x-served-by: cache-iad-kjyo7100033-IAD, cache-hhn4070-HHN
last-modified: Mon, 21 Nov 2022 16:42:30 GMT
server: UploadServer
x-timer: S1669802870.749516,VS0,VE0
etag: "bf4aa98d55eee8cce95ff27af398f599"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 17:23:55 GMT

GET
H2 200 common-vendors-stable-ded59447778e1491d87fa-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 240 KB
69 KB 56ms
10ms Script
text/javascript 151.101.192.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-ded59447778e1491d87fa-min.en-US.js
Requested by: Host: www.paytheransomnyc.com
URL: https://www.paytheransomnyc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a02052cb1eaf0f90100a8d53276c90b181e9a26ba962412fe649bcd41c6c7bcc

Request headers

Referer: https://www.paytheransomnyc.com/
Origin: https://www.paytheransomnyc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 1, 94626
date: Wed, 30 Nov 2022 10:07:49 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 649186
x-cache: HIT, HIT
content-length: 70636
x-served-by: cache-iad-kiad7000044-IAD, cache-hhn4070-HHN
last-modified: Tue, 22 Nov 2022 21:08:15 GMT
server: UploadServer
x-timer: S1669802870.749170,VS0,VE0
etag: "a2aba54ac71d7b847b67a49a66957627"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 21:48:02 GMT

GET
H2 200 common-vendors-efcb604347cd0affcf80e-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 734 KB
166 KB 55ms
9ms Script
text/javascript 151.101.192.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-efcb604347cd0affcf80e-min.en-US.js
Requested by: Host: www.paytheransomnyc.com
URL: https://www.paytheransomnyc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: af8b561d1f67163a1aa01ee3dc40b406eec6a2cd403768fa6331a3ddb2554e70

Request headers

Referer: https://www.paytheransomnyc.com/
Origin: https://www.paytheransomnyc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 1, 94721
date: Wed, 30 Nov 2022 10:07:49 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 649187
x-cache: HIT, HIT
content-length: 169275
x-served-by: cache-iad-kcgs7200038-IAD, cache-hhn4070-HHN
last-modified: Tue, 22 Nov 2022 21:08:47 GMT
server: UploadServer
x-timer: S1669802870.749199,VS0,VE0
etag: "0912bb4e750558eb5fb9c41c5bab4953"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 21:48:02 GMT

GET
H2 200 common-7eff1f00f7ccf8fae989f-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 947 KB
222 KB 55ms
10ms Script
text/javascript 151.101.192.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-7eff1f00f7ccf8fae989f-min.en-US.js
Requested by: Host: www.paytheransomnyc.com
URL: https://www.paytheransomnyc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: bf82349bd5d6e15837d93998807362142df44fdc2feab14b4f0c336066628a28

Request headers

Referer: https://www.paytheransomnyc.com/
Origin: https://www.paytheransomnyc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 1, 93408
date: Wed, 30 Nov 2022 10:07:49 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 637604
x-cache: HIT, HIT
content-length: 227347
x-served-by: cache-iad-kjyo7100107-IAD, cache-hhn4070-HHN
last-modified: Wed, 23 Nov 2022 00:23:53 GMT
server: UploadServer
x-timer: S1669802870.749203,VS0,VE0
etag: "477807e8201f33592615a836846464ad"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 01:01:04 GMT

GET
H2 200 slides-a60d23d75ab0cf2900675-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 802 KB
177 KB 74ms
29ms Script
text/javascript 151.101.192.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/slides-a60d23d75ab0cf2900675-min.en-US.js
Requested by: Host: www.paytheransomnyc.com
URL: https://www.paytheransomnyc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3022e148f712ddb2e24a4aa1cb9c93c379eed037db1ccc17a0e432f3b16be78d

Request headers

Referer: https://www.paytheransomnyc.com/
Origin: https://www.paytheransomnyc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 1, 1
date: Wed, 30 Nov 2022 10:07:49 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 637605
x-cache: HIT, HIT
content-length: 181393
x-served-by: cache-iad-kjyo7100155-IAD, cache-hhn4070-HHN
last-modified: Wed, 23 Nov 2022 00:23:30 GMT
server: UploadServer
x-timer: S1669802870.749503,VS0,VE9
etag: "5f4834d365d0f694a67cdcc1fd9ca2b0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 01:01:04 GMT

GET
H2 200 slides-b495d0a0d2ec53a70d5ed-min.en-US.css
assets.squarespace.com/universal/styles-compressed/ 32 KB
5 KB 52ms
6ms Stylesheet
text/css 151.101.192.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/styles-compressed/slides-b495d0a0d2ec53a70d5ed-min.en-US.css
Requested by: Host: www.paytheransomnyc.com
URL: https://www.paytheransomnyc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1502092d4c2b36ec4bb6c9b0439aeabd4d8544d67808a8f24f9a397c72d18ef7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paytheransomnyc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 1, 642
date: Wed, 30 Nov 2022 10:07:49 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 1916540
x-cache: HIT, HIT
content-length: 4918
x-served-by: cache-iad-kiad7000123-IAD, cache-hhn4057-HHN
last-modified: Fri, 16 Sep 2022 18:48:49 GMT
server: UploadServer
x-timer: S1669802870.748981,VS0,VE0
etag: "48ea56d88c9592b8cf7307f30ec969c6"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Nov 2023 05:45:29 GMT

GET
H2 200 performance-7c2e2a5656405fba2e7db-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 35 KB
11 KB 7ms
7ms Script
text/javascript 151.101.192.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/performance-7c2e2a5656405fba2e7db-min.en-US.js
Requested by: Host: www.paytheransomnyc.com
URL: https://www.paytheransomnyc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: bec887bd092b6407367b97448b67a7ec35656167c40485af6537f3dbbf81eed8

Request headers

Referer: https://www.paytheransomnyc.com/
Origin: https://www.paytheransomnyc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 1, 86837
date: Wed, 30 Nov 2022 10:07:49 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 637533
x-cache: HIT, HIT
content-length: 10803
x-served-by: cache-iad-kcgs7200045-IAD, cache-hhn4070-HHN
last-modified: Wed, 23 Nov 2022 00:22:55 GMT
server: UploadServer
x-timer: S1669802870.834123,VS0,VE0
etag: "6bfa990825c407d0460f5e921ad3ea7e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 01:02:16 GMT

GET
H2 200 social-accounts.svg
www.paytheransomnyc.com/universal/svg/ 105 KB
105 KB 133ms
133ms Other
image/svg+xml 198.185.159.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paytheransomnyc.com/universal/svg/social-accounts.svg
Requested by: Host: www.paytheransomnyc.com
URL: https://www.paytheransomnyc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.185.159.144 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: 628a4b936040bd387e58c9dff075de75d3dcf5d29635b06f0362c8b36651f876

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paytheransomnyc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: cache
date: Wed, 30 Nov 2022 10:03:46 GMT
surrogate-key: universal
last-modified: Wed, 23 Nov 2022 14:26:03 GMT
server: Squarespace
age: 244
etag: "d49a4c8afd502aa06d8ea512e01bb976"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-contextid: HZUf7wnn/nA48N4YP
accept-ranges: bytes
timing-allow-origin: *
content-length: 107352
expires: Wed, 29 Nov 2023 12:20:30 GMT

GET
H2 200 l
use.typekit.net/af/a91824/000000000000000077359f9d/30/ 17 KB
17 KB 97ms
21ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/a91824/000000000000000077359f9d/30/l?subset_id=2&fvd=n4&v=3
Requested by: Host: www.paytheransomnyc.com
URL: https://www.paytheransomnyc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d9737fa5e8051e8b762a0f697195e736252fdb3fc4385ec26eb457a908017be6

Request headers

Referer: https://www.paytheransomnyc.com/
Origin: https://www.paytheransomnyc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 10:07:50 GMT
server: nginx
etag: "96ff2ad7b6710e2768cc869b6edb08fc48d1eeb2"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17316

GET
H2 200 l
use.typekit.net/af/2cd6bf/00000000000000000001008f/27/ 41 KB
42 KB 100ms
25ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2cd6bf/00000000000000000001008f/27/l?subset_id=2&fvd=n5&v=3
Requested by: Host: www.paytheransomnyc.com
URL: https://www.paytheransomnyc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: bf2d68276696fd7c8903c75e24b32536f8a4d9f39a952b389c13ee8c793a530c

Request headers

Referer: https://www.paytheransomnyc.com/
Origin: https://www.paytheransomnyc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 10:07:50 GMT
server: nginx
etag: "87868ea7533b245fa343d5fd2e370ee0daee1db8"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 42384

GET
H2 200 l
use.typekit.net/af/9b05f3/000000000000000000013365/27/ 46 KB
46 KB 132ms
56ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/9b05f3/000000000000000000013365/27/l?subset_id=2&fvd=n4&v=3
Requested by: Host: www.paytheransomnyc.com
URL: https://www.paytheransomnyc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2d36e12bfbde85feb98c8b66f8a4a40f9a5db6918f49234a2ddece526d933237

Request headers

Referer: https://www.paytheransomnyc.com/
Origin: https://www.paytheransomnyc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 10:07:50 GMT
server: nginx
etag: "0ffa5e8c8eb076cc21ede9987250dfa4f2af4438"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 46668

POST
H2 200 RecordHit Show response
www.paytheransomnyc.com/api/census/ 17 B
111 B 204ms
204ms XHR
application/json 198.185.159.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paytheransomnyc.com/api/census/RecordHit

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-efcb604347cd0affcf80e-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.185.159.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.paytheransomnyc.com/
X-CSRF-Token: Bcyq6UXWN4+BOWY2ZDE2MjQzNWYwMTM1ZGJlNGUyM2UzM2I0ZDlj
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 30 Nov 2022 10:07:50 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
x-contextid: HZUf7wnn/9EK3RdOn
content-length: 17

POST
H2 200 button-render Show response
www.paytheransomnyc.com/api/census/ 17 B
60 B 198ms
197ms XHR
application/json 198.185.159.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paytheransomnyc.com/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-efcb604347cd0affcf80e-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.185.159.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.paytheransomnyc.com/
X-CSRF-Token: Bcyq6UXWN4+BOWY2ZDE2MjQzNWYwMTM1ZGJlNGUyM2UzM2I0ZDlj
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 30 Nov 2022 10:07:50 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
x-contextid: HZUf7wnn/34wacuTx
content-length: 17

POST
H2 200 button-render Show response
www.paytheransomnyc.com/api/census/ 17 B
60 B 224ms
224ms XHR
application/json 198.185.159.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paytheransomnyc.com/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-efcb604347cd0affcf80e-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.185.159.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.paytheransomnyc.com/
X-CSRF-Token: Bcyq6UXWN4+BOWY2ZDE2MjQzNWYwMTM1ZGJlNGUyM2UzM2I0ZDlj
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 30 Nov 2022 10:07:50 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
x-contextid: HZUf7wnn/GTmPqL5v
content-length: 17

GET
H2 200 settings Show response
www.paytheransomnyc.com/api/1/performance/ 53 B
153 B 180ms
180ms XHR
application/json 198.185.159.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paytheransomnyc.com/api/1/performance/settings
Requested by: Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-7eff1f00f7ccf8fae989f-min.en-US.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.185.159.144 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: da62f3c813c6effb42c3cd57c78e9428a70e0fb0203669db30b123de2bd4e3be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paytheransomnyc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 10:07:50 GMT
x-contextid: HZUf7wnn/YmWTA1jV
server: Squarespace
content-length: 53
vary: Accept-Encoding, User-Agent
content-type: application/json

GET
H2 200 l
use.typekit.net/af/8dd886/000000000000000000010b5c/27/ 15 KB
15 KB 48ms
35ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8dd886/000000000000000000010b5c/27/l?subset_id=2&fvd=n5&v=3
Requested by: Host: www.paytheransomnyc.com
URL: https://www.paytheransomnyc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 93a8e52ff490e33763ca1cf70d9609e691dff02c63fcd4223f3eda3d7f2bf292

Request headers

Referer: https://www.paytheransomnyc.com/
Origin: https://www.paytheransomnyc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 10:07:50 GMT
server: nginx
etag: "2a570292600b561bac7945e57ca7546a078e7bc1"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14884

GET
H2 200 l
use.typekit.net/af/ae4f6c/000000000000000000010096/27/ 67 KB
67 KB 35ms
23ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ae4f6c/000000000000000000010096/27/l?subset_id=2&fvd=n3&v=3
Requested by: Host: www.paytheransomnyc.com
URL: https://www.paytheransomnyc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 634a4f9f8a22e44867bf4f68b9671e1471fe6e7339bbf2777ad5264be64d4049

Request headers

Referer: https://www.paytheransomnyc.com/
Origin: https://www.paytheransomnyc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 10:07:50 GMT
server: nginx
etag: "dcb4afde1e053f9caf987fd66290b8eca72ab6f0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 68532

GET
H2 200 l
use.typekit.net/af/309dfe/000000000000000000010091/27/ 39 KB
40 KB 68ms
56ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/309dfe/000000000000000000010091/27/l?subset_id=2&fvd=n7&v=3
Requested by: Host: www.paytheransomnyc.com
URL: https://www.paytheransomnyc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d76f8e42213513ab33c721c98a652b012ee11ff86efc7661ca19a344c4c117a8

Request headers

Referer: https://www.paytheransomnyc.com/
Origin: https://www.paytheransomnyc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 10:07:50 GMT
server: nginx
etag: "78f589bb61056c7dc2c42601e2fd59aa96941141"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 40404

GET
H2 200 l
use.typekit.net/af/cf3e4e/000000000000000000010095/27/ 51 KB
51 KB 36ms
25ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/cf3e4e/000000000000000000010095/27/l?subset_id=2&fvd=i4&v=3
Requested by: Host: www.paytheransomnyc.com
URL: https://www.paytheransomnyc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c179f4705953614c7889729591e98ed11f9f773243ea9782d9f889221398a021

Request headers

Referer: https://www.paytheransomnyc.com/
Origin: https://www.paytheransomnyc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 10:07:50 GMT
server: nginx
etag: "3f4899217323502feaae94c179311206f731a52e"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 52160

GET
H2 200 l
use.typekit.net/af/eb729a/000000000000000000010092/27/ 39 KB
40 KB 46ms
35ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/eb729a/000000000000000000010092/27/l?subset_id=2&fvd=i7&v=3
Requested by: Host: www.paytheransomnyc.com
URL: https://www.paytheransomnyc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7fcb4ef179e88dd6fd4181433f9b97f869c03930f5c698113ef4a18785a2f6df

Request headers

Referer: https://www.paytheransomnyc.com/
Origin: https://www.paytheransomnyc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 10:07:50 GMT
server: nginx
etag: "599bfc6908295758da16f495738fa5c76ccf9542"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 40216

GET
H2 200 iframe_api Show response
www.youtube.com/ 1 KB
2 KB 54ms
25ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/slides-a60d23d75ab0cf2900675-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5b1605058258254ea94937ec2d5809402bf498d30bc2096ad5c37cc265b1057c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paytheransomnyc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 10:07:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 30 Nov 2022 10:07:50 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/e87a69df/www-widgetapi.vflset/ 161 KB
53 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e87a69df/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc41640dd72382f686ce37ae82b916bcb605c9deb6762bb179a3d57f318d02b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paytheransomnyc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 10:06:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54004
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 01:19:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 30 Nov 2023 10:06:31 GMT

GET
H2 200 p.gif
p.typekit.net/ 35 B
214 B 95ms
22ms Image
image/gif 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=2&k=2019345_58e5b6cca5790ab156ca2f92&ht=tk&h=www.paytheransomnyc.com&f=18482.13458.10886.10884.10879.10881.10885.10882&a=2019345&js=1.21.0&app=typekit&e=js&_=1669802870420
Requested by: Host: www.paytheransomnyc.com
URL: https://www.paytheransomnyc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paytheransomnyc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 10:07:50 GMT
last-modified: Sat, 09 Oct 2021 02:10:03 GMT
server: nginx
etag: "6160f9fb-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H3 200 Mq1f1eYPTNA Show response
www.youtube.com/embed/ Frame FABC 68 KB
28 KB 107ms
106ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Mq1f1eYPTNA?autohide=1&autoplay=0&controls=0&enablejsapi=1&iv_load_policy=3&loop=0&modestbranding=1&playsinline=1&rel=0&showinfo=0&wmode=opaque&origin=https%3A%2F%2Fwww.paytheransomnyc.com&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e87a69df/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d5918b4bd519b19cb5f428a70ac45a53c02bad62296b5c5bf90a97e46b961e23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paytheransomnyc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 10:07:50 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/e87a69df/ Frame FABC 359 KB
49 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e87a69df/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Mq1f1eYPTNA?autohide=1&autoplay=0&controls=0&enablejsapi=1&iv_load_policy=3&loop=0&modestbranding=1&playsinline=1&rel=0&showinfo=0&wmode=opaque&origin=https%3A%2F%2Fwww.paytheransomnyc.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b47e5ab37362998b55b8d8eddca591867a23f45f2d8169f07e0d908463cd375c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Mq1f1eYPTNA?autohide=1&autoplay=0&controls=0&enablejsapi=1&iv_load_policy=3&loop=0&modestbranding=1&playsinline=1&rel=0&showinfo=0&wmode=opaque&origin=https%3A%2F%2Fwww.paytheransomnyc.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:12:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 125742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49788
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 01:19:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 28 Nov 2023 23:12:08 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/e87a69df/www-embed-player.vflset/ Frame FABC 313 KB
97 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e87a69df/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c817db476b37a065f362546ca25d7785a9a610687f435a03e34910c271d0abb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Mq1f1eYPTNA?autohide=1&autoplay=0&controls=0&enablejsapi=1&iv_load_policy=3&loop=0&modestbranding=1&playsinline=1&rel=0&showinfo=0&wmode=opaque&origin=https%3A%2F%2Fwww.paytheransomnyc.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:12:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 125739
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99247
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 01:19:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 28 Nov 2023 23:12:11 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/ Frame FABC 2 MB
581 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b77f0e83e66fa6def6bb348821e836e0a59ee0160f2698794077466d20d4eccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Mq1f1eYPTNA?autohide=1&autoplay=0&controls=0&enablejsapi=1&iv_load_policy=3&loop=0&modestbranding=1&playsinline=1&rel=0&showinfo=0&wmode=opaque&origin=https%3A%2F%2Fwww.paytheransomnyc.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 12:37:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77417
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 594809
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 01:19:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 29 Nov 2023 12:37:33 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/e87a69df/fetch-polyfill.vflset/ Frame FABC 9 KB
3 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e87a69df/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Mq1f1eYPTNA?autohide=1&autoplay=0&controls=0&enablejsapi=1&iv_load_policy=3&loop=0&modestbranding=1&playsinline=1&rel=0&showinfo=0&wmode=opaque&origin=https%3A%2F%2Fwww.paytheransomnyc.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:12:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 125739
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 01:19:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 28 Nov 2023 23:12:11 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FABC 15 KB
16 KB 33ms
9ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 11:55:05 GMT
x-content-type-options: nosniff
age: 425565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 11:55:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FABC 15 KB
15 KB 36ms
12ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 128791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 22:21:19 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame FABC
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

30ms
14ms

XHR
application/json

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b11d434a87723f344f40bfa7f7c9715267f40b2370dbf429d09ad04b23bb466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 10:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 30 Nov 2022 10:07:50 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame FABC 29 B
588 B 29ms
7ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e87a69df/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 09:53:55 GMT
x-content-type-options: nosniff
age: 835
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Nov 2022 10:08:55 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 39ms
15ms Preflight
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 30 Nov 2022 10:07:50 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame FABC 66 KB
30 KB 42ms
25ms XHR
application/json+protobuf 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3b53e14a21c5eb0c47fb1d5a58d97d0060b9b5c0f70d6f88e960c008bd896f82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 30 Nov 2022 10:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31030
x-xss-protection: 0

GET
H2 200 YkfklCtf3s5-_1quWHAnTHHVaBZ-i7ToAeXFpu3i2Ro.js Show response
www.google.com/js/th/ Frame FABC 36 KB
15 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/YkfklCtf3s5-_1quWHAnTHHVaBZ-i7ToAeXFpu3i2Ro.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6247e4942b5fdece7eff5aae5870274c71d568167e8bb4e801e5c5a6ede2d91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 20:30:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 135422
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14349
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Nov 2023 20:30:48 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/ Frame FABC 26 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf0cc367fe5db9ae6274438d963aaf9b6197ba5d7b81955f0c982c0be7780dd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Mq1f1eYPTNA?autohide=1&autoplay=0&controls=0&enablejsapi=1&iv_load_policy=3&loop=0&modestbranding=1&playsinline=1&rel=0&showinfo=0&wmode=opaque&origin=https%3A%2F%2Fwww.paytheransomnyc.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:12:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 125694
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8284
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 01:19:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 28 Nov 2023 23:12:56 GMT

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame FABC 80 KB
25 KB 161ms
161ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

af58e09491de63dd45792658088bb8512a214b923f15d09fb162abb7910513a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Mq1f1eYPTNA?autohide=1&autoplay=0&controls=0&enablejsapi=1&iv_load_policy=3&loop=0&modestbranding=1&playsinline=1&rel=0&showinfo=0&wmode=opaque&origin=https%3A%2F%2Fwww.paytheransomnyc.com&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20221127.00.00
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
X-Goog-Visitor-Id: CgtQVDVjR0V1V3FQWSj21pycBg%3D%3D
Content-Type: application/json

Response headers

date: Wed, 30 Nov 2022 10:07:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25952
x-xss-protection: 0
expires: Wed, 30 Nov 2022 10:07:51 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 15ms
15ms Preflight
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 30 Nov 2022 10:07:50 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame FABC 90 B
134 B 21ms
20ms XHR
application/json+protobuf 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e1d144e0ebb7e805e814a6dad0ae744c2ec2d4756ec4caa54936d13181610b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 30 Nov 2022 10:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

GET
H3 204 generate_204
www.youtube.com/ Frame FABC 0
10 B 8ms
8ms Image
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?_v6AdA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Mq1f1eYPTNA?autohide=1&autoplay=0&controls=0&enablejsapi=1&iv_load_policy=3&loop=0&modestbranding=1&playsinline=1&rel=0&showinfo=0&wmode=opaque&origin=https%3A%2F%2Fwww.paytheransomnyc.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 10:07:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame FABC 0
19 B 16ms
15ms XHR
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=243&afmt=251&cpn=krK5aBa1COGjHQod&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24134435%2C24135310%2C24169501%2C24219381%2C24237296%2C24255163%2C24292955%2C24293803%2C24406605%2C24407200%2C24408610%2C24414162%2C24415864%2C24416785%2C24425860&cl=491207941&seq=1&docid=Mq1f1eYPTNA&ei=diuHY5PxNdiD6dsP4YuXEA&event=streamingstats&plid=AAXurUb4QUr3SdwB&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FMq1f1eYPTNA%3Fautohide%3D1%26autoplay%3D0%26controls%3D0%26enablejsapi%3D1%26iv_load_policy%3D3%26loop%3D0%26modestbranding%3D1%26playsinline%3D1%26rel%3D0%26showinfo%3D0%26wmode%3Dopaque%26origin%3Dhttps%253A%252F%252Fwww.paytheransomnyc.com%26widgetid%3D1&cbr=Chrome&cbrver=107.0.5304.121&c=WEB_EMBEDDED_PLAYER&cver=1.20221127.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.011:B,0.013:S,0.214:S,0.214:S&cmt=0.011:0.000,0.013:0.000,0.214:0.000&afs=0.214:251::i&vfs=0.214:243:243::r&bwe=0.214:130000&bat=0.214:1:1&vis=0.214:0&bh=0.214:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Mq1f1eYPTNA?autohide=1&autoplay=0&controls=0&enablejsapi=1&iv_load_policy=3&loop=0&modestbranding=1&playsinline=1&rel=0&showinfo=0&wmode=opaque&origin=https%3A%2F%2Fwww.paytheransomnyc.com&widgetid=1
X-YouTube-Client-Version: 1.20221127.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtQVDVjR0V1V3FQWSj21pycBg%3D%3D
X-YouTube-Ad-Signals: dt=1669802870747&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 10:07:51 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
rr3---sn-2gb7sn7r.googlevideo.com/ Frame FABC 1 KB
2 KB 45ms
14ms Fetch
text/plain 2a00:1450:4023:b::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-2gb7sn7r.googlevideo.com/videoplayback?expire=1669824471&ei=diuHY5PxNdiD6dsP4YuXEA&ip=2001%3Aac8%3A20%3A302%3A%3A202e&id=o-ALYvmyDi9-RI8bIJe3aAyokQSmC9cSakZQ6hE-iRuFsi&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=lS&mm=31%2C29&mn=sn-2gb7sn7r%2Csn-aigzrnz7&ms=au%2Crdu&mv=m&mvi=3&pl=54&gcr=de&initcwndbps=402500&spc=SFxXNmn0YwHiw56dKSxV9epRXEfJpjE&vprv=1&mime=video%2Fwebm&ns=cHerWZa0hgkw4yrgS7xNouoJ&gir=yes&clen=4538392&dur=196.362&lmt=1564441858915411&mt=1669802697&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6316222&n=T5lKaEbITEmejQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cgcr%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgTA7ddn-ANZAAum-Q_35ItD18DFFtf6prKPxjQk5B8m0CIQCi4jUdsgbJoQfz1-QeIAgXdEZfXikj9Rk5QCgoqCrN4A%3D%3D&alr=yes&sig=AOq0QJ8wRAIgakmKUtvq6MJuF6oPFX2Ft6L74xnEzZAaUs9Rck0UqAkCIETWaFXIO0ZjKpTnWaN6JDf8ElZixvXQqT-oo0eveXB-&cpn=krK5aBa1COGjHQod&cver=1.20221127.00.00&range=0-88720&rn=1&rbuf=0&pot=D4eAzlqTdzAkh7gHTIMEUvHDDeuJLZ_0s7NnatMLb2EBOftHCW-loBWnDPJ2gzxuCSUdyhPBwLapPWZFwYkayOPaoYU8i36nGjxKoeE3BXKCRDSG1bHEYuFWen2ngwCHQpcDYzk=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4023:b::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

2ceab12af82b8a0cf7b47ed6fd29fe5258343fc9a1ada31b1c75ae1bbc553bb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 10:07:51 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1272
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Wed, 30 Nov 2022 10:07:51 GMT

GET
H/1.1 200
OK videoplayback Show response
rr3---sn-2gb7sn7r.googlevideo.com/ Frame FABC 65 KB
66 KB 69ms
39ms Fetch
audio/webm 2a00:1450:4023:b::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-2gb7sn7r.googlevideo.com/videoplayback?expire=1669824471&ei=diuHY5PxNdiD6dsP4YuXEA&ip=2001%3Aac8%3A20%3A302%3A%3A202e&id=o-ALYvmyDi9-RI8bIJe3aAyokQSmC9cSakZQ6hE-iRuFsi&itag=251&source=youtube&requiressl=yes&mh=lS&mm=31%2C29&mn=sn-2gb7sn7r%2Csn-aigzrnz7&ms=au%2Crdu&mv=m&mvi=3&pl=54&gcr=de&initcwndbps=402500&spc=SFxXNmn0YwHiw56dKSxV9epRXEfJpjE&vprv=1&mime=audio%2Fwebm&ns=cHerWZa0hgkw4yrgS7xNouoJ&gir=yes&clen=3247881&dur=196.381&lmt=1564444119728694&mt=1669802697&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6301222&n=T5lKaEbITEmejQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cgcr%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgdlxZt-lckTH8zjd1oCXj5FR0hEgcuZYEFXgO-7w1TlQCIQDW4I0JWHQNjMVgjbdNebLlgvtM6X3emIVJ509hiH-wyg%3D%3D&alr=yes&sig=AOq0QJ8wRAIgEZ27q4Ddm_yqrdp1oYonZ0UB57XVyKTw5XD4sJ_XFo8CIA278EosvJOdmZDuJ3z3P5EwXeU36lfEqDpFd_HVy-bQ&cpn=krK5aBa1COGjHQod&cver=1.20221127.00.00&range=0-66138&rn=2&rbuf=0&pot=D4eAzlqTdzAkh7gHTIMEUvHDDeuJLZ_0s7NnatMLb2EBOftHCW-loBWnDPJ2gzxuCSUdyhPBwLapPWZFwYkayOPaoYU8i36nGjxKoeE3BXKCRDSG1bHEYuFWen2ngwCHQpcDYzk=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4023:b::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

16fb3cd196b4b61f4221bde889aaa4aca666c525013cc9907d398fb32365c902

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 10:07:51 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 66139
Last-Modified: Mon, 29 Jul 2019 23:48:39 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Wed, 30 Nov 2022 10:07:51 GMT

GET
H3 200 captions.js Show response
www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/ Frame FABC 66 KB
24 KB 13ms
10ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7adb5e1e7690cfebc89c505c04919ddcfebd5030740303b2c4c0ce3483f848a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Mq1f1eYPTNA?autohide=1&autoplay=0&controls=0&enablejsapi=1&iv_load_policy=3&loop=0&modestbranding=1&playsinline=1&rel=0&showinfo=0&wmode=opaque&origin=https%3A%2F%2Fwww.paytheransomnyc.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:13:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 125640
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24816
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 01:19:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 28 Nov 2023 23:13:51 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/ Frame FABC 32 KB
9 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e083ff0303e1277695f8219102415d2e88f6af7b1762bc57c801714df00b8da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Mq1f1eYPTNA?autohide=1&autoplay=0&controls=0&enablejsapi=1&iv_load_policy=3&loop=0&modestbranding=1&playsinline=1&rel=0&showinfo=0&wmode=opaque&origin=https%3A%2F%2Fwww.paytheransomnyc.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:13:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 125647
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8823
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 01:19:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 28 Nov 2023 23:13:44 GMT

GET
H3 200 annotations_module.js Show response
www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/ Frame FABC 68 KB
20 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/annotations_module.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b2c272d599d79655d4b0a984972cdc3735ae681314a4ff1497a53d11ef6a3f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Mq1f1eYPTNA?autohide=1&autoplay=0&controls=0&enablejsapi=1&iv_load_policy=3&loop=0&modestbranding=1&playsinline=1&rel=0&showinfo=0&wmode=opaque&origin=https%3A%2F%2Fwww.paytheransomnyc.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:13:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 125647
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20298
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 01:19:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 28 Nov 2023 23:13:44 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame FABC 31 KB
5 KB 323ms
323ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

bd8e59f75a5db2381f168c0fa0de1a6e368db75322d2248e1b19d1f013ace285

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Mq1f1eYPTNA?autohide=1&autoplay=0&controls=0&enablejsapi=1&iv_load_policy=3&loop=0&modestbranding=1&playsinline=1&rel=0&showinfo=0&wmode=opaque&origin=https%3A%2F%2Fwww.paytheransomnyc.com&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20221127.00.00
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
X-Goog-Visitor-Id: CgtQVDVjR0V1V3FQWSj21pycBg%3D%3D
Content-Type: application/json

Response headers

date: Wed, 30 Nov 2022 10:07:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4852
x-xss-protection: 0
expires: Wed, 30 Nov 2022 10:07:51 GMT

GET
H3 200 videoplayback Show response
rr3---sn-4g5edndk.googlevideo.com/ Frame FABC 87 KB
87 KB 86ms
46ms Fetch
video/webm 2a00:1450:4001:23::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-4g5edndk.googlevideo.com/videoplayback?expire=1669824471&ei=diuHY5PxNdiD6dsP4YuXEA&ip=2001%3Aac8%3A20%3A302%3A%3A202e&id=o-ALYvmyDi9-RI8bIJe3aAyokQSmC9cSakZQ6hE-iRuFsi&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&gcr=de&spc=SFxXNmn0YwHiw56dKSxV9epRXEfJpjE&vprv=1&mime=video%2Fwebm&ns=cHerWZa0hgkw4yrgS7xNouoJ&gir=yes&clen=4538392&dur=196.362&lmt=1564441858915411&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6316222&n=T5lKaEbITEmejQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cgcr%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgakmKUtvq6MJuF6oPFX2Ft6L74xnEzZAaUs9Rck0UqAkCIETWaFXIO0ZjKpTnWaN6JDf8ElZixvXQqT-oo0eveXB-&cpn=krK5aBa1COGjHQod&cver=1.20221127.00.00&redirect_counter=1&cm2rm=sn-2gbek7s&cms_redirect=yes&cmsv=e&mh=lS&mm=34&mn=sn-4g5edndk&ms=ltu&mt=1669802679&mv=m&mvi=3&pl=54&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhALKtf6RL72rK-xhP-6bX7LY7VwGvq72Qo0jVqExn3OMvAiB9dzkUpElO92w7O6FxRaFcKBQShYnc2iLdAH9pyLOnQw%3D%3D&range=0-88720&rn=3&rbuf=0&pot=D4eAzlqTdzAkh7gHTIMEUvHDDeuJLZ_0s7NnatMLb2EBOftHCW-loBWnDPJ2gzxuCSUdyhPBwLapPWZFwYkayOPaoYU8i36nGjxKoeE3BXKCRDSG1bHEYuFWen2ngwCHQpcDYzk=&altitags=242%2C278

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:23::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

f669c7a2848952d717add5cdd9ce06c988814894f28446be56c84b9e774ce2ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

client-protocol: quic
date: Wed, 30 Nov 2022 10:07:51 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88721
last-modified: Mon, 29 Jul 2019 23:10:58 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 30 Nov 2022 10:07:51 GMT

GET videoplayback
rr3---sn-2gb7sn7r.googlevideo.com/ Frame FABC 0
0

GET
H3 200 videoplayback Show response
rr3---sn-2gb7sn7r.googlevideo.com/ Frame FABC 1 KB
1 KB 18ms
16ms Fetch
text/plain 2a00:1450:4023:b::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-2gb7sn7r.googlevideo.com/videoplayback?expire=1669824471&ei=diuHY5PxNdiD6dsP4YuXEA&ip=2001%3Aac8%3A20%3A302%3A%3A202e&id=o-ALYvmyDi9-RI8bIJe3aAyokQSmC9cSakZQ6hE-iRuFsi&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=lS&mm=31%2C29&mn=sn-2gb7sn7r%2Csn-aigzrnz7&ms=au%2Crdu&mv=m&mvi=3&pl=54&gcr=de&initcwndbps=402500&spc=SFxXNmn0YwHiw56dKSxV9epRXEfJpjE&vprv=1&mime=video%2Fwebm&ns=cHerWZa0hgkw4yrgS7xNouoJ&gir=yes&clen=4538392&dur=196.362&lmt=1564441858915411&mt=1669802697&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6316222&n=T5lKaEbITEmejQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cgcr%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgTA7ddn-ANZAAum-Q_35ItD18DFFtf6prKPxjQk5B8m0CIQCi4jUdsgbJoQfz1-QeIAgXdEZfXikj9Rk5QCgoqCrN4A%3D%3D&alr=yes&sig=AOq0QJ8wRAIgakmKUtvq6MJuF6oPFX2Ft6L74xnEzZAaUs9Rck0UqAkCIETWaFXIO0ZjKpTnWaN6JDf8ElZixvXQqT-oo0eveXB-&cpn=krK5aBa1COGjHQod&cver=1.20221127.00.00&range=840-88720&rn=5&rbuf=0&pot=D4eAzlqTdzAkh7gHTIMEUvHDDeuJLZ_0s7NnatMLb2EBOftHCW-loBWnDPJ2gzxuCSUdyhPBwLapPWZFwYkayOPaoYU8i36nGjxKoeE3BXKCRDSG1bHEYuFWen2ngwCHQpcDYzk=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4023:b::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

a4b4bd62ef88ea4da97b526559ac9ec4708efeb428f34e1918b4975e45cdf447

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

client-protocol: quic
date: Wed, 30 Nov 2022 10:07:51 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1274
last-modified: Wed, 02 May 2007 10:26:10 GMT
server: gvs 1.0
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 30 Nov 2022 10:07:51 GMT

GET
H3 200 videoplayback Show response
rr3---sn-4g5edndk.googlevideo.com/ Frame FABC 86 KB
86 KB 8ms
7ms Fetch
video/webm 2a00:1450:4001:23::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-4g5edndk.googlevideo.com/videoplayback?expire=1669824471&ei=diuHY5PxNdiD6dsP4YuXEA&ip=2001%3Aac8%3A20%3A302%3A%3A202e&id=o-ALYvmyDi9-RI8bIJe3aAyokQSmC9cSakZQ6hE-iRuFsi&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&gcr=de&spc=SFxXNmn0YwHiw56dKSxV9epRXEfJpjE&vprv=1&mime=video%2Fwebm&ns=cHerWZa0hgkw4yrgS7xNouoJ&gir=yes&clen=4538392&dur=196.362&lmt=1564441858915411&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6316222&n=T5lKaEbITEmejQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cgcr%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgakmKUtvq6MJuF6oPFX2Ft6L74xnEzZAaUs9Rck0UqAkCIETWaFXIO0ZjKpTnWaN6JDf8ElZixvXQqT-oo0eveXB-&cpn=krK5aBa1COGjHQod&cver=1.20221127.00.00&redirect_counter=1&cm2rm=sn-2gbek7s&cms_redirect=yes&cmsv=e&mh=lS&mm=34&mn=sn-4g5edndk&ms=ltu&mt=1669802679&mv=m&mvi=3&pl=54&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgVFZff65LATkLozeph69M-_54SKWXwQECU6yNMiJUZIACIQCmzyFgl69c428eZSqkGGqvZYgUCHVDWXDO9BtfrJ3jtQ%3D%3D&range=840-88720&rn=6&rbuf=0&pot=D4eAzlqTdzAkh7gHTIMEUvHDDeuJLZ_0s7NnatMLb2EBOftHCW-loBWnDPJ2gzxuCSUdyhPBwLapPWZFwYkayOPaoYU8i36nGjxKoeE3BXKCRDSG1bHEYuFWen2ngwCHQpcDYzk=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:23::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

21eb41bfbcd2fa7100938d93f38dba4db694ad79400d3af7698556a676d1f956

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

client-protocol: quic
date: Wed, 30 Nov 2022 10:07:51 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87881
last-modified: Mon, 29 Jul 2019 23:10:58 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 30 Nov 2022 10:07:51 GMT

GET
H3 200 videoplayback Show response
rr3---sn-2gb7sn7r.googlevideo.com/ Frame FABC 64 KB
64 KB 15ms
15ms Fetch
audio/webm 2a00:1450:4023:b::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-2gb7sn7r.googlevideo.com/videoplayback?expire=1669824471&ei=diuHY5PxNdiD6dsP4YuXEA&ip=2001%3Aac8%3A20%3A302%3A%3A202e&id=o-ALYvmyDi9-RI8bIJe3aAyokQSmC9cSakZQ6hE-iRuFsi&itag=251&source=youtube&requiressl=yes&mh=lS&mm=31%2C29&mn=sn-2gb7sn7r%2Csn-aigzrnz7&ms=au%2Crdu&mv=m&mvi=3&pl=54&gcr=de&initcwndbps=402500&spc=SFxXNmn0YwHiw56dKSxV9epRXEfJpjE&vprv=1&mime=audio%2Fwebm&ns=cHerWZa0hgkw4yrgS7xNouoJ&gir=yes&clen=3247881&dur=196.381&lmt=1564444119728694&mt=1669802697&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6301222&n=T5lKaEbITEmejQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cgcr%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgdlxZt-lckTH8zjd1oCXj5FR0hEgcuZYEFXgO-7w1TlQCIQDW4I0JWHQNjMVgjbdNebLlgvtM6X3emIVJ509hiH-wyg%3D%3D&alr=yes&sig=AOq0QJ8wRAIgEZ27q4Ddm_yqrdp1oYonZ0UB57XVyKTw5XD4sJ_XFo8CIA278EosvJOdmZDuJ3z3P5EwXeU36lfEqDpFd_HVy-bQ&cpn=krK5aBa1COGjHQod&cver=1.20221127.00.00&range=603-66138&rn=7&rbuf=0&pot=D4eAzlqTdzAkh7gHTIMEUvHDDeuJLZ_0s7NnatMLb2EBOftHCW-loBWnDPJ2gzxuCSUdyhPBwLapPWZFwYkayOPaoYU8i36nGjxKoeE3BXKCRDSG1bHEYuFWen2ngwCHQpcDYzk=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4023:b::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

7ec4239cd92d23e2aef221eb40d027e2a027eb131f2a79e8f0212456541d2a7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

client-protocol: quic
date: Wed, 30 Nov 2022 10:07:51 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65536
last-modified: Mon, 29 Jul 2019 23:48:39 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 30 Nov 2022 10:07:51 GMT

GET
H3 200 videoplayback Show response
rr3---sn-4g5edndk.googlevideo.com/ Frame FABC 155 KB
155 KB 17ms
16ms Fetch
video/webm 2a00:1450:4001:23::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-4g5edndk.googlevideo.com/videoplayback?expire=1669824471&ei=diuHY5PxNdiD6dsP4YuXEA&ip=2001%3Aac8%3A20%3A302%3A%3A202e&id=o-ALYvmyDi9-RI8bIJe3aAyokQSmC9cSakZQ6hE-iRuFsi&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&gcr=de&spc=SFxXNmn0YwHiw56dKSxV9epRXEfJpjE&vprv=1&mime=video%2Fwebm&ns=cHerWZa0hgkw4yrgS7xNouoJ&gir=yes&clen=4538392&dur=196.362&lmt=1564441858915411&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6316222&n=T5lKaEbITEmejQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cgcr%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgakmKUtvq6MJuF6oPFX2Ft6L74xnEzZAaUs9Rck0UqAkCIETWaFXIO0ZjKpTnWaN6JDf8ElZixvXQqT-oo0eveXB-&cpn=krK5aBa1COGjHQod&cver=1.20221127.00.00&redirect_counter=1&cm2rm=sn-2gbek7s&cms_redirect=yes&cmsv=e&mh=lS&mm=34&mn=sn-4g5edndk&ms=ltu&mt=1669802679&mv=m&mvi=3&pl=54&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgVFZff65LATkLozeph69M-_54SKWXwQECU6yNMiJUZIACIQCmzyFgl69c428eZSqkGGqvZYgUCHVDWXDO9BtfrJ3jtQ%3D%3D&range=88721-247486&rn=8&rbuf=3613&pot=D4eAzlqTdzAkh7gHTIMEUvHDDeuJLZ_0s7NnatMLb2EBOftHCW-loBWnDPJ2gzxuCSUdyhPBwLapPWZFwYkayOPaoYU8i36nGjxKoeE3BXKCRDSG1bHEYuFWen2ngwCHQpcDYzk=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:23::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

caba0ad0fc451b222048791068ff1eab84cad60aabf0d5e9855edac5ef2a4c03

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

client-protocol: quic
date: Wed, 30 Nov 2022 10:07:51 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158766
last-modified: Mon, 29 Jul 2019 23:10:58 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 30 Nov 2022 10:07:51 GMT

GET
H3 200 videoplayback Show response
rr3---sn-2gb7sn7r.googlevideo.com/ Frame FABC 74 KB
74 KB 17ms
15ms Fetch
audio/webm 2a00:1450:4023:b::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-2gb7sn7r.googlevideo.com/videoplayback?expire=1669824471&ei=diuHY5PxNdiD6dsP4YuXEA&ip=2001%3Aac8%3A20%3A302%3A%3A202e&id=o-ALYvmyDi9-RI8bIJe3aAyokQSmC9cSakZQ6hE-iRuFsi&itag=251&source=youtube&requiressl=yes&mh=lS&mm=31%2C29&mn=sn-2gb7sn7r%2Csn-aigzrnz7&ms=au%2Crdu&mv=m&mvi=3&pl=54&gcr=de&initcwndbps=402500&spc=SFxXNmn0YwHiw56dKSxV9epRXEfJpjE&vprv=1&mime=audio%2Fwebm&ns=cHerWZa0hgkw4yrgS7xNouoJ&gir=yes&clen=3247881&dur=196.381&lmt=1564444119728694&mt=1669802697&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6301222&n=T5lKaEbITEmejQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cgcr%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgdlxZt-lckTH8zjd1oCXj5FR0hEgcuZYEFXgO-7w1TlQCIQDW4I0JWHQNjMVgjbdNebLlgvtM6X3emIVJ509hiH-wyg%3D%3D&alr=yes&sig=AOq0QJ8wRAIgEZ27q4Ddm_yqrdp1oYonZ0UB57XVyKTw5XD4sJ_XFo8CIA278EosvJOdmZDuJ3z3P5EwXeU36lfEqDpFd_HVy-bQ&cpn=krK5aBa1COGjHQod&cver=1.20221127.00.00&range=66139-142149&rn=9&rbuf=4383&pot=D4eAzlqTdzAkh7gHTIMEUvHDDeuJLZ_0s7NnatMLb2EBOftHCW-loBWnDPJ2gzxuCSUdyhPBwLapPWZFwYkayOPaoYU8i36nGjxKoeE3BXKCRDSG1bHEYuFWen2ngwCHQpcDYzk=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4023:b::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

e0534a1a3b67529e7a5591861497fec76ea58386626e08ac59b2e32501f85cd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

client-protocol: quic
date: Wed, 30 Nov 2022 10:07:51 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76011
last-modified: Mon, 29 Jul 2019 23:48:39 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 30 Nov 2022 10:07:51 GMT

GET
H3 204 playback Show response
www.youtube.com/api/stats/ Frame FABC 0
17 B 31ms
25ms XHR
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=krK5aBa1COGjHQod&ver=2&cmt=0.002&fmt=243&fs=0&rt=0.51&euri=https%3A%2F%2Fwww.paytheransomnyc.com%2F&lact=591&cl=491207941&mos=1&volume=100&cbr=Chrome&cbrver=107.0.5304.121&c=WEB_EMBEDDED_PLAYER&cver=1.20221127.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&splay=1&hl=de_DE&cr=DE&len=196.381&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24134435%2C24135310%2C24169501%2C24219381%2C24237296%2C24255163%2C24292955%2C24293803%2C24406605%2C24407200%2C24408610%2C24414162%2C24415864%2C24416785%2C24425860&rtn=10&afmt=251&inview=0&muted=1&docid=Mq1f1eYPTNA&ei=diuHY5PxNdiD6dsP4YuXEA&plid=AAXurUb4QUr3SdwB&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FMq1f1eYPTNA%3Fautohide%3D1%26autoplay%3D0%26controls%3D0%26enablejsapi%3D1%26iv_load_policy%3D3%26loop%3D0%26modestbranding%3D1%26playsinline%3D1%26rel%3D0%26showinfo%3D0%26wmode%3Dopaque%26origin%3Dhttps%253A%252F%252Fwww.paytheransomnyc.com%26widgetid%3D1&of=mxcuIulXb55czM7fLz5KFQ&vm=CAMQARgBOjJBUEV3RWxSSTVjUEx5UmR4eEtuZUhPcktBZFFJRF9DcnhLNlNLM2xISjJIRWdsOXNId2JSQVBta0tETHdLaUc3NVlJcVVvV2xCRHhCQTc1VTFhZXlaSWwxWkZtazBLWUFrWFFwRVJFajYyV0NfeFU0NVc5SmV0YzdmY0xnVW12UTNHQ0NLd2gB

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Mq1f1eYPTNA?autohide=1&autoplay=0&controls=0&enablejsapi=1&iv_load_policy=3&loop=0&modestbranding=1&playsinline=1&rel=0&showinfo=0&wmode=opaque&origin=https%3A%2F%2Fwww.paytheransomnyc.com&widgetid=1
X-YouTube-Client-Version: 1.20221127.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtQVDVjR0V1V3FQWSj21pycBg%3D%3D
X-YouTube-Ad-Signals: dt=1669802870747&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 10:07:51 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking Show response
www.youtube.com/ Frame FABC 0
20 B 29ms
23ms XHR
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=Mq1f1eYPTNA&cpn=krK5aBa1COGjHQod&ei=diuHY5PxNdiD6dsP4YuXEA&ptk=youtube_single&oid=yZJtHRi2SvzOOKZfbA-GRA&ptchn=v9i4SgSGbkNMZgJeYEvpXQ&pltype=content

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Mq1f1eYPTNA?autohide=1&autoplay=0&controls=0&enablejsapi=1&iv_load_policy=3&loop=0&modestbranding=1&playsinline=1&rel=0&showinfo=0&wmode=opaque&origin=https%3A%2F%2Fwww.paytheransomnyc.com&widgetid=1
X-YouTube-Client-Version: 1.20221127.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtQVDVjR0V1V3FQWSj21pycBg%3D%3D
X-YouTube-Ad-Signals: dt=1669802870747&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 10:07:51 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame FABC 28 B
54 B 23ms
22ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e87a69df/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
X-Goog-Request-Time: 1669802871387
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Mq1f1eYPTNA?autohide=1&autoplay=0&controls=0&enablejsapi=1&iv_load_policy=3&loop=0&modestbranding=1&playsinline=1&rel=0&showinfo=0&wmode=opaque&origin=https%3A%2F%2Fwww.paytheransomnyc.com&widgetid=1
X-YouTube-Client-Version: 1.20221127.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtQVDVjR0V1V3FQWSj21pycBg%3D%3D
X-YouTube-Ad-Signals: dt=1669802870655&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 30 Nov 2022 10:07:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 30 Nov 2022 10:07:51 GMT

GET
DATA 200
OK truncated
/ Frame FABC 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu9jQngoxDlzs7Lo9PH4m3F3xVhSe6K6x0b5IDKr=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame FABC 3 KB
3 KB 182ms
137ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu9jQngoxDlzs7Lo9PH4m3F3xVhSe6K6x0b5IDKr=s68-c-k-c0x00ffffff-no-rj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

94dd1cd084b62967d2fb0b49d7fad18950c43b03dd67100a443ab06b0fe628a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 10:07:51 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2683
x-xss-protection: 0
server: fife
etag: "v2e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 30 Nov 2022 14:07:04 GMT

GET
DATA 200
OK truncated
/ Frame FABC 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b79ec3853e32493190ce5cc7545de7c741f0960f5f6b7bc4dd6e155a8b67144a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu-SJ1SnLBajvwlJy1OarxlX6gBB4cG6ioTeIvy8Iw=s400-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame FABC 58 KB
58 KB 68ms
24ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu-SJ1SnLBajvwlJy1OarxlX6gBB4cG6ioTeIvy8Iw=s400-c-k-c0x00ffffff-no-rj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

da6c0b60d23eab87fcd729863d891ff0407d3ed28f7886d0414a6edcfed9a980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 10:07:51 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59036
x-xss-protection: 0
server: fife
etag: "v2b0"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 26 Nov 2022 15:18:45 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/jhHCcblHbNw/ Frame FABC 130 KB
131 KB 65ms
18ms Image
image/jpeg 2a00:1450:4001:828::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/jhHCcblHbNw/maxresdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9d8bf8a0dc32df08d46f7e18b7dd30fe27c74292db4159bb78675f3c1ed0c58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 10:07:51 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133112
x-xss-protection: 0
server: sffe
etag: "1576691275"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 30 Nov 2022 12:07:51 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/qCoesjTROYo/ Frame FABC 107 KB
107 KB 81ms
35ms Image
image/jpeg 2a00:1450:4001:828::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/qCoesjTROYo/maxresdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fa0ebe140902295f65962f7881a8c556e5c1335f17fbc88d360be2718e9fbfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 10:07:51 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109849
x-xss-protection: 0
server: sffe
etag: "1576689021"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 30 Nov 2022 12:07:51 GMT

GET
H3 200 videoplayback Show response
rr3---sn-4g5edndk.googlevideo.com/ Frame FABC 240 KB
240 KB 13ms
12ms Fetch
video/webm 2a00:1450:4001:23::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-4g5edndk.googlevideo.com/videoplayback?expire=1669824471&ei=diuHY5PxNdiD6dsP4YuXEA&ip=2001%3Aac8%3A20%3A302%3A%3A202e&id=o-ALYvmyDi9-RI8bIJe3aAyokQSmC9cSakZQ6hE-iRuFsi&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&gcr=de&spc=SFxXNmn0YwHiw56dKSxV9epRXEfJpjE&vprv=1&mime=video%2Fwebm&ns=cHerWZa0hgkw4yrgS7xNouoJ&gir=yes&clen=4538392&dur=196.362&lmt=1564441858915411&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6316222&n=T5lKaEbITEmejQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cgcr%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgakmKUtvq6MJuF6oPFX2Ft6L74xnEzZAaUs9Rck0UqAkCIETWaFXIO0ZjKpTnWaN6JDf8ElZixvXQqT-oo0eveXB-&cpn=krK5aBa1COGjHQod&cver=1.20221127.00.00&redirect_counter=1&cm2rm=sn-2gbek7s&cms_redirect=yes&cmsv=e&mh=lS&mm=34&mn=sn-4g5edndk&ms=ltu&mt=1669802679&mv=m&mvi=3&pl=54&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgVFZff65LATkLozeph69M-_54SKWXwQECU6yNMiJUZIACIQCmzyFgl69c428eZSqkGGqvZYgUCHVDWXDO9BtfrJ3jtQ%3D%3D&range=247487-493559&rn=10&rbuf=8420&pot=D4eAzlqTdzAkh7gHTIMEUvHDDeuJLZ_0s7NnatMLb2EBOftHCW-loBWnDPJ2gzxuCSUdyhPBwLapPWZFwYkayOPaoYU8i36nGjxKoeE3BXKCRDSG1bHEYuFWen2ngwCHQpcDYzk=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:23::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c9ba8525ae12ec53415a565c71ff633f756a3e596085d2c3893d275b932a9986

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

client-protocol: quic
date: Wed, 30 Nov 2022 10:07:51 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246073
last-modified: Mon, 29 Jul 2019 23:10:58 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 30 Nov 2022 10:07:51 GMT

GET
H3 200 videoplayback Show response
rr3---sn-2gb7sn7r.googlevideo.com/ Frame FABC 852 B
878 B 57ms
53ms Fetch
video/webm 2a00:1450:4023:b::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-2gb7sn7r.googlevideo.com/videoplayback?expire=1669824471&ei=diuHY5PxNdiD6dsP4YuXEA&ip=2001%3Aac8%3A20%3A302%3A%3A202e&id=o-ALYvmyDi9-RI8bIJe3aAyokQSmC9cSakZQ6hE-iRuFsi&itag=248&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=lS&mm=31%2C29&mn=sn-2gb7sn7r%2Csn-aigzrnz7&ms=au%2Crdu&mv=m&mvi=3&pl=54&gcr=de&initcwndbps=402500&spc=SFxXNmn0YwHiw56dKSxV9epRXEfJpjE&vprv=1&mime=video%2Fwebm&ns=cHerWZa0hgkw4yrgS7xNouoJ&gir=yes&clen=23858029&dur=196.362&lmt=1564441858928732&mt=1669802697&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6316222&n=T5lKaEbITEmejQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cgcr%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgGwhl6Dl-CbmdllEK0eFUmLI-hmwrtUdd5s6MjkrA-WMCIFdi5OpAtkbPLd5RX70Egn9IXsXV4TYBEezWc_yhUWPJ&alr=yes&sig=AOq0QJ8wRgIhAOg3OOdQLs1dm-u81WdJRnYscAiBpVen-D9HLRobK2TxAiEA2ZbuuenjOF4Zx8YA2bHCCkyYTFAG8zeMS4wSj1C-Ynw%3D&cpn=krK5aBa1COGjHQod&cver=1.20221127.00.00&range=0-851&rn=11&rbuf=0&pot=D4eAzlqTdzAkh7gHTIMEUvHDDeuJLZ_0s7NnatMLb2EBOftHCW-loBWnDPJ2gzxuCSUdyhPBwLapPWZFwYkayOPaoYU8i36nGjxKoeE3BXKCRDSG1bHEYuFWen2ngwCHQpcDYzk=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4023:b::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

403f43ce74fb9989b5023ddae676b1da3dc1745a3c340574edd72ceefed300d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

client-protocol: quic
date: Wed, 30 Nov 2022 10:07:51 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 852
last-modified: Mon, 29 Jul 2019 23:10:58 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 30 Nov 2022 10:07:51 GMT

GET
H3 200 videoplayback Show response
rr3---sn-2gb7sn7r.googlevideo.com/ Frame FABC 160 KB
160 KB 25ms
17ms Fetch
audio/webm 2a00:1450:4023:b::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-2gb7sn7r.googlevideo.com/videoplayback?expire=1669824471&ei=diuHY5PxNdiD6dsP4YuXEA&ip=2001%3Aac8%3A20%3A302%3A%3A202e&id=o-ALYvmyDi9-RI8bIJe3aAyokQSmC9cSakZQ6hE-iRuFsi&itag=251&source=youtube&requiressl=yes&mh=lS&mm=31%2C29&mn=sn-2gb7sn7r%2Csn-aigzrnz7&ms=au%2Crdu&mv=m&mvi=3&pl=54&gcr=de&initcwndbps=402500&spc=SFxXNmn0YwHiw56dKSxV9epRXEfJpjE&vprv=1&mime=audio%2Fwebm&ns=cHerWZa0hgkw4yrgS7xNouoJ&gir=yes&clen=3247881&dur=196.381&lmt=1564444119728694&mt=1669802697&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6301222&n=T5lKaEbITEmejQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cgcr%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgdlxZt-lckTH8zjd1oCXj5FR0hEgcuZYEFXgO-7w1TlQCIQDW4I0JWHQNjMVgjbdNebLlgvtM6X3emIVJ509hiH-wyg%3D%3D&alr=yes&sig=AOq0QJ8wRAIgEZ27q4Ddm_yqrdp1oYonZ0UB57XVyKTw5XD4sJ_XFo8CIA278EosvJOdmZDuJ3z3P5EwXeU36lfEqDpFd_HVy-bQ&cpn=krK5aBa1COGjHQod&cver=1.20221127.00.00&range=142150-306363&rn=12&rbuf=9469&pot=D4eAzlqTdzAkh7gHTIMEUvHDDeuJLZ_0s7NnatMLb2EBOftHCW-loBWnDPJ2gzxuCSUdyhPBwLapPWZFwYkayOPaoYU8i36nGjxKoeE3BXKCRDSG1bHEYuFWen2ngwCHQpcDYzk=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4023:b::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

8288beb0e324369570024e41eca5f2d500921f08b7a203de857b79b6e0af64f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

client-protocol: quic
date: Wed, 30 Nov 2022 10:07:51 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164214
last-modified: Mon, 29 Jul 2019 23:48:39 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 30 Nov 2022 10:07:51 GMT

GET
H2 200 AMLnZu-SJ1SnLBajvwlJy1OarxlX6gBB4cG6ioTeIvy8Iw=s88-c-k-c0x00ffffff-no-rj-mo
yt3.ggpht.com/ytc/ Frame FABC 4 KB
4 KB 17ms
9ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu-SJ1SnLBajvwlJy1OarxlX6gBB4cG6ioTeIvy8Iw=s88-c-k-c0x00ffffff-no-rj-mo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

29c416886b91fbbd77304330620bc95bcad358e6f4072e4de34ef9f566f83a54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 09:26:35 GMT
x-content-type-options: nosniff
age: 2476
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3953
x-xss-protection: 0
server: fife
etag: "v2b0"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 09 Nov 2022 20:49:34 GMT

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame FABC 0
20 B 20ms
19ms XHR
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=248&afmt=251&cpn=krK5aBa1COGjHQod&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24134435%2C24135310%2C24169501%2C24219381%2C24237296%2C24255163%2C24292955%2C24293803%2C24406605%2C24407200%2C24408610%2C24414162%2C24415864%2C24416785%2C24425860&cl=491207941&seq=2&docid=Mq1f1eYPTNA&ei=diuHY5PxNdiD6dsP4YuXEA&event=streamingstats&plid=AAXurUb4QUr3SdwB&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FMq1f1eYPTNA%3Fautohide%3D1%26autoplay%3D0%26controls%3D0%26enablejsapi%3D1%26iv_load_policy%3D3%26loop%3D0%26modestbranding%3D1%26playsinline%3D1%26rel%3D0%26showinfo%3D0%26wmode%3Dopaque%26origin%3Dhttps%253A%252F%252Fwww.paytheransomnyc.com%26widgetid%3D1&cbr=Chrome&cbrver=107.0.5304.121&c=WEB_EMBEDDED_PLAYER&cver=1.20221127.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&ctmp=hidden:,mdstm:t.431;rst4disc.d;cd.0.000;sq.-1,mdstm:t.477;rst4disc.d;cd.0.000;sq.-1&cmt=0.390:0.002,0.391:0.002,0.517:0.002,1.271:0.709,1.516:0.954&vps=0.390:SU,0.391:S,0.517:PL,1.516:PL,1.516:PL&user_intent=0.393&bh=0.517:3.543,1.516:15.279&vfs=1.516:248:248:243:r&view=1.516:2133:1200&bwm=1.516:956739:0.597&bwe=1.516:1281803&bat=1.516:1:1&df=1.516:2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Mq1f1eYPTNA?autohide=1&autoplay=0&controls=0&enablejsapi=1&iv_load_policy=3&loop=0&modestbranding=1&playsinline=1&rel=0&showinfo=0&wmode=opaque&origin=https%3A%2F%2Fwww.paytheransomnyc.com&widgetid=1
X-YouTube-Client-Version: 1.20221127.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtQVDVjR0V1V3FQWSj21pycBg%3D%3D
X-YouTube-Ad-Signals: dt=1669802870747&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2133%2C1200&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 10:07:52 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 videoplayback Show response
rr3---sn-2gb7sn7r.googlevideo.com/ Frame FABC 2 MB
2 MB 14ms
14ms Fetch
video/webm 2a00:1450:4023:b::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-2gb7sn7r.googlevideo.com/videoplayback?expire=1669824471&ei=diuHY5PxNdiD6dsP4YuXEA&ip=2001%3Aac8%3A20%3A302%3A%3A202e&id=o-ALYvmyDi9-RI8bIJe3aAyokQSmC9cSakZQ6hE-iRuFsi&itag=248&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=lS&mm=31%2C29&mn=sn-2gb7sn7r%2Csn-aigzrnz7&ms=au%2Crdu&mv=m&mvi=3&pl=54&gcr=de&initcwndbps=402500&spc=SFxXNmn0YwHiw56dKSxV9epRXEfJpjE&vprv=1&mime=video%2Fwebm&ns=cHerWZa0hgkw4yrgS7xNouoJ&gir=yes&clen=23858029&dur=196.362&lmt=1564441858928732&mt=1669802697&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6316222&n=T5lKaEbITEmejQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cgcr%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgGwhl6Dl-CbmdllEK0eFUmLI-hmwrtUdd5s6MjkrA-WMCIFdi5OpAtkbPLd5RX70Egn9IXsXV4TYBEezWc_yhUWPJ&alr=yes&sig=AOq0QJ8wRgIhAOg3OOdQLs1dm-u81WdJRnYscAiBpVen-D9HLRobK2TxAiEA2ZbuuenjOF4Zx8YA2bHCCkyYTFAG8zeMS4wSj1C-Ynw%3D&cpn=krK5aBa1COGjHQod&cver=1.20221127.00.00&range=1678981-3458376&rn=13&rbuf=9941&pot=D4eAzlqTdzAkh7gHTIMEUvHDDeuJLZ_0s7NnatMLb2EBOftHCW-loBWnDPJ2gzxuCSUdyhPBwLapPWZFwYkayOPaoYU8i36nGjxKoeE3BXKCRDSG1bHEYuFWen2ngwCHQpcDYzk=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4023:b::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

e8249758d5d88892b91402d9a41246ba03b55c699626fe087ebd298d55014118

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

client-protocol: quic
date: Wed, 30 Nov 2022 10:07:52 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1779396
last-modified: Mon, 29 Jul 2019 23:10:58 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 30 Nov 2022 10:07:52 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame FABC 28 B
54 B 20ms
19ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e87a69df/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
X-Goog-Request-Time: 1669802872988
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Mq1f1eYPTNA?autohide=1&autoplay=0&controls=0&enablejsapi=1&iv_load_policy=3&loop=0&modestbranding=1&playsinline=1&rel=0&showinfo=0&wmode=opaque&origin=https%3A%2F%2Fwww.paytheransomnyc.com&widgetid=1
X-YouTube-Client-Version: 1.20221127.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtQVDVjR0V1V3FQWSj21pycBg%3D%3D
X-YouTube-Ad-Signals: dt=1669802870655&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2133%2C1200&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 30 Nov 2022 10:07:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 30 Nov 2022 10:07:53 GMT

POST
H3 204 atr Show response
www.youtube.com/api/stats/ Frame FABC 0
20 B 21ms
21ms XHR
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=krK5aBa1COGjHQod&ver=2&cmt=4.501&fmt=248&fs=0&rt=5.063&euri=https%3A%2F%2Fwww.paytheransomnyc.com%2F&lact=4296&cl=491207941&mos=1&volume=100&cbr=Chrome&cbrver=107.0.5304.121&c=WEB_EMBEDDED_PLAYER&cver=1.20221127.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&splay=1&hl=de_DE&cr=DE&len=197&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24134435%2C24135310%2C24169501%2C24219381%2C24237296%2C24255163%2C24292955%2C24293803%2C24406605%2C24407200%2C24408610%2C24414162%2C24415864%2C24416785%2C24425860&afmt=251&muted=1&docid=Mq1f1eYPTNA&ei=diuHY5PxNdiD6dsP4YuXEA&plid=AAXurUb4QUr3SdwB&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FMq1f1eYPTNA%3Fautohide%3D1%26autoplay%3D0%26controls%3D0%26enablejsapi%3D1%26iv_load_policy%3D3%26loop%3D0%26modestbranding%3D1%26playsinline%3D1%26rel%3D0%26showinfo%3D0%26wmode%3Dopaque%26origin%3Dhttps%253A%252F%252Fwww.paytheransomnyc.com%26widgetid%3D1&of=mxcuIulXb55czM7fLz5KFQ&vm=CAMQARgBOjJBUEV3RWxSSTVjUEx5UmR4eEtuZUhPcktBZFFJRF9DcnhLNlNLM2xISjJIRWdsOXNId2JSQVBta0tETHdLaUc3NVlJcVVvV2xCRHhCQTc1VTFhZXlaSWwxWkZtazBLWUFrWFFwRVJFajYyV0NfeFU0NVc5SmV0YzdmY0xnVW12UTNHQ0NLd2gB

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e87a69df/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Mq1f1eYPTNA?autohide=1&autoplay=0&controls=0&enablejsapi=1&iv_load_policy=3&loop=0&modestbranding=1&playsinline=1&rel=0&showinfo=0&wmode=opaque&origin=https%3A%2F%2Fwww.paytheransomnyc.com&widgetid=1
X-YouTube-Client-Version: 1.20221127.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtQVDVjR0V1V3FQWSj21pycBg%3D%3D
X-YouTube-Ad-Signals: dt=1669802870747&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2133%2C1200&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 10:07:55 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: rr3---sn-2gb7sn7r.googlevideo.com
URL: https://rr3---sn-2gb7sn7r.googlevideo.com/videoplayback?expire=1669824471&ei=diuHY5PxNdiD6dsP4YuXEA&ip=2001%3Aac8%3A20%3A302%3A%3A202e&id=o-ALYvmyDi9-RI8bIJe3aAyokQSmC9cSakZQ6hE-iRuFsi&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=lS&mm=31%2C29&mn=sn-2gb7sn7r%2Csn-aigzrnz7&ms=au%2Crdu&mv=m&mvi=3&pl=54&gcr=de&initcwndbps=402500&spc=SFxXNmn0YwHiw56dKSxV9epRXEfJpjE&vprv=1&mime=video%2Fwebm&ns=cHerWZa0hgkw4yrgS7xNouoJ&gir=yes&clen=4538392&dur=196.362&lmt=1564441858915411&mt=1669802697&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6316222&n=T5lKaEbITEmejQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cgcr%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgTA7ddn-ANZAAum-Q_35ItD18DFFtf6prKPxjQk5B8m0CIQCi4jUdsgbJoQfz1-QeIAgXdEZfXikj9Rk5QCgoqCrN4A%3D%3D&alr=yes&sig=AOq0QJ8wRAIgakmKUtvq6MJuF6oPFX2Ft6L74xnEzZAaUs9Rck0UqAkCIETWaFXIO0ZjKpTnWaN6JDf8ElZixvXQqT-oo0eveXB-&cpn=krK5aBa1COGjHQod&cver=1.20221127.00.00&range=88721-247580&rn=4&rbuf=3615&pot=D4eAzlqTdzAkh7gHTIMEUvHDDeuJLZ_0s7NnatMLb2EBOftHCW-loBWnDPJ2gzxuCSUdyhPBwLapPWZFwYkayOPaoYU8i36nGjxKoeE3BXKCRDSG1bHEYuFWen2ngwCHQpcDYzk=

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
paytheransomnyc.com/	1969-12-31 23:59:59	Name: crumb Value: Bb6hdzyyYQtuYmIxOTVlMzQ0YmExN2VmM2VkZjc2ZGRhNWRlZDQ2
www.paytheransomnyc.com/	1969-12-31 23:59:59	Name: crumb Value: Bcyq6UXWN4+BOWY2ZDE2MjQzNWYwMTM1ZGJlNGUyM2UzM2I0ZDlj
www.paytheransomnyc.com/	1970-01-20 17:26:02	Name: ss_cvr Value: d26608f0-61ef-42b8-b966-5969e7432297\|1669802870251\|1669802870251\|1669802870251\|1
www.paytheransomnyc.com/	1970-01-20 07:50:04	Name: ss_cvt Value: 1669802870251
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: nPylR5NVN9o
.youtube.com/	1970-01-20 12:09:14	Name: VISITOR_INFO1_LIVE Value: PT5cGEuWqPY

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.squarespace.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
p.typekit.net
paytheransomnyc.com
rr3---sn-2gb7sn7r.googlevideo.com
rr3---sn-4g5edndk.googlevideo.com
static.doubleclick.net
use.typekit.net
www.google.com
www.paytheransomnyc.com
www.youtube.com
yt3.ggpht.com
rr3---sn-2gb7sn7r.googlevideo.com
151.101.192.237
198.185.159.144
2a00:1450:4001:23::8
2a00:1450:4001:800::2001
2a00:1450:4001:802::200a
2a00:1450:4001:806::2002
2a00:1450:4001:806::2006
2a00:1450:4001:808::200a
2a00:1450:4001:809::200e
2a00:1450:4001:810::2004
2a00:1450:4001:828::2016
2a00:1450:4001:830::2003
2a00:1450:4023:b::8
2a02:26f0:480:f::213:7edb
2a02:26f0:480:f::213:7ee1
1502092d4c2b36ec4bb6c9b0439aeabd4d8544d67808a8f24f9a397c72d18ef7
16fb3cd196b4b61f4221bde889aaa4aca666c525013cc9907d398fb32365c902
21eb41bfbcd2fa7100938d93f38dba4db694ad79400d3af7698556a676d1f956
29c416886b91fbbd77304330620bc95bcad358e6f4072e4de34ef9f566f83a54
2ceab12af82b8a0cf7b47ed6fd29fe5258343fc9a1ada31b1c75ae1bbc553bb5
2d36e12bfbde85feb98c8b66f8a4a40f9a5db6918f49234a2ddece526d933237
3022e148f712ddb2e24a4aa1cb9c93c379eed037db1ccc17a0e432f3b16be78d
3b53e14a21c5eb0c47fb1d5a58d97d0060b9b5c0f70d6f88e960c008bd896f82
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
403f43ce74fb9989b5023ddae676b1da3dc1745a3c340574edd72ceefed300d2
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4b11d434a87723f344f40bfa7f7c9715267f40b2370dbf429d09ad04b23bb466
4e083ff0303e1277695f8219102415d2e88f6af7b1762bc57c801714df00b8da
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b1605058258254ea94937ec2d5809402bf498d30bc2096ad5c37cc265b1057c
6247e4942b5fdece7eff5aae5870274c71d568167e8bb4e801e5c5a6ede2d91a
628a4b936040bd387e58c9dff075de75d3dcf5d29635b06f0362c8b36651f876
634a4f9f8a22e44867bf4f68b9671e1471fe6e7339bbf2777ad5264be64d4049
63d61c69ffdb2aac7730f81832e045db8eed6047dd770302e78450adcc809081
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a801f781b109838b64c593ffbabaeb97e553d349540a9636cb63e23a8479423
6b2c272d599d79655d4b0a984972cdc3735ae681314a4ff1497a53d11ef6a3f7
6c1873397af5694fd5d6be1a2ca30f869b1dd6ed51f7d9398a896e5a45b8b038
7e1d144e0ebb7e805e814a6dad0ae744c2ec2d4756ec4caa54936d13181610b1
7ec4239cd92d23e2aef221eb40d027e2a027eb131f2a79e8f0212456541d2a7f
7fa0ebe140902295f65962f7881a8c556e5c1335f17fbc88d360be2718e9fbfd
7fcb4ef179e88dd6fd4181433f9b97f869c03930f5c698113ef4a18785a2f6df
8288beb0e324369570024e41eca5f2d500921f08b7a203de857b79b6e0af64f9
93a8e52ff490e33763ca1cf70d9609e691dff02c63fcd4223f3eda3d7f2bf292
94dd1cd084b62967d2fb0b49d7fad18950c43b03dd67100a443ab06b0fe628a1
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a02052cb1eaf0f90100a8d53276c90b181e9a26ba962412fe649bcd41c6c7bcc
a388d06a9e184c0a018d0cb4a2739cff38da8e4c3429cc8d87b8ef88ec994e56
a4b4bd62ef88ea4da97b526559ac9ec4708efeb428f34e1918b4975e45cdf447
a59acd7a8cbaf68d5d628ac09c501f01a2f3f42c9affa8f3d101f2860d1cc3f7
a7adb5e1e7690cfebc89c505c04919ddcfebd5030740303b2c4c0ce3483f848a
af58e09491de63dd45792658088bb8512a214b923f15d09fb162abb7910513a5
af8b561d1f67163a1aa01ee3dc40b406eec6a2cd403768fa6331a3ddb2554e70
b47e5ab37362998b55b8d8eddca591867a23f45f2d8169f07e0d908463cd375c
b77f0e83e66fa6def6bb348821e836e0a59ee0160f2698794077466d20d4eccd
b79ec3853e32493190ce5cc7545de7c741f0960f5f6b7bc4dd6e155a8b67144a
bd8e59f75a5db2381f168c0fa0de1a6e368db75322d2248e1b19d1f013ace285
bec887bd092b6407367b97448b67a7ec35656167c40485af6537f3dbbf81eed8
bf0cc367fe5db9ae6274438d963aaf9b6197ba5d7b81955f0c982c0be7780dd3
bf2d68276696fd7c8903c75e24b32536f8a4d9f39a952b389c13ee8c793a530c
bf82349bd5d6e15837d93998807362142df44fdc2feab14b4f0c336066628a28
c179f4705953614c7889729591e98ed11f9f773243ea9782d9f889221398a021
c817db476b37a065f362546ca25d7785a9a610687f435a03e34910c271d0abb7
c9ba8525ae12ec53415a565c71ff633f756a3e596085d2c3893d275b932a9986
c9d8bf8a0dc32df08d46f7e18b7dd30fe27c74292db4159bb78675f3c1ed0c58
caba0ad0fc451b222048791068ff1eab84cad60aabf0d5e9855edac5ef2a4c03
cc41640dd72382f686ce37ae82b916bcb605c9deb6762bb179a3d57f318d02b2
d5918b4bd519b19cb5f428a70ac45a53c02bad62296b5c5bf90a97e46b961e23
d76f8e42213513ab33c721c98a652b012ee11ff86efc7661ca19a344c4c117a8
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d9737fa5e8051e8b762a0f697195e736252fdb3fc4385ec26eb457a908017be6
da62f3c813c6effb42c3cd57c78e9428a70e0fb0203669db30b123de2bd4e3be
da6c0b60d23eab87fcd729863d891ff0407d3ed28f7886d0414a6edcfed9a980
e0534a1a3b67529e7a5591861497fec76ea58386626e08ac59b2e32501f85cd3
e2253ddd092a522ae61737d767ad132e0df09c487885507f0fbed02a1d4bccda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8249758d5d88892b91402d9a41246ba03b55c699626fe087ebd298d55014118
eaf57fca6ef0d907fc24c69ea4bd4dbf7117d8344e894e2dbf691e515d38298a
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f669c7a2848952d717add5cdd9ce06c988814894f28446be56c84b9e774ce2ed
fb2e23022d2760ac5a28bcbb2212741f9171bf847aa93d86ed8efa8aa500321c

www.paytheransomnyc.com Open in urlscan Pro 198.185.159.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

76 Requests

97 %HTTPS

87 %IPv6

11 Domains

16 Subdomains

16 IPs

3 Countries

5215 kBTransfer

10778 kBSize

6 Cookies

1 Outgoing links

Page URL History

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.paytheransomnyc.com Open in urlscan Pro
198.185.159.144 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

97 %
HTTPS

87 %
IPv6

11
Domains

16
Subdomains

16
IPs

3
Countries

5215 kB
Transfer

10778 kB
Size

6
Cookies

76 HTTP transactions
2 data transactions