www.securesphere.net Open in urlscan Pro
151.139.128.11 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.securesphere.net/
Submission: On September 23 via automatic, source certstream-suspicious (September 23rd 2021, 12:54:55 am UTC) — Scanned from DE

Summary HTTP 52 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 12 domains to perform 52 HTTP transactions. The main IP is 151.139.128.11, located in United States and belongs to HIGHWINDS3, US. The main domain is www.securesphere.net.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 2nd 2020. Valid for: 2 years.

This is the only time www.securesphere.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
4	104.106.1.225 104.106.1.225	6453 (AS6453) (AS6453)
1	216.172.184.14 216.172.184.14	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	104.18.20.183 104.18.20.183	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.97.21.152 104.97.21.152	16625 (AKAMAI-AS) (AKAMAI-AS)
9	142.250.185.174 142.250.185.174	15169 (GOOGLE) (GOOGLE)
1	13.224.193.27 13.224.193.27	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
1	216.58.212.132 216.58.212.132	15169 (GOOGLE) (GOOGLE)
1	142.250.181.225 142.250.181.225	15169 (GOOGLE) (GOOGLE)
1	142.250.185.214 142.250.185.214	15169 (GOOGLE) (GOOGLE)
2	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
52	15

26 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

www.securesphere.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.106.1.225 (Atlanta, United States)

ASN6453 (AS6453, US)
PTR: a104-106-1-225.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.172.184.14 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 216-172-184-14.unifiedlayer.com

dailyblogging.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.20.183 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.pixabay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.97.21.152 (Chennai, India)

ASN16625 (AKAMAI-AS, US)
PTR: a104-97-21-152.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-27.fra2.r.cloudfront.net

media.istockphoto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.132 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f132.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.214 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f22.1e100.net

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	securesphere.net www.securesphere.net	1 MB
9	youtube.com www.youtube.com	681 KB
4	addthis.com s7.addthis.com m.addthis.com	217 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net static.doubleclick.net	1 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	33 KB
1	ytimg.com i.ytimg.com	62 KB
1	ggpht.com yt3.ggpht.com	4 KB
1	google.com www.google.com	14 KB
1	istockphoto.com media.istockphoto.com	45 KB
1	moatads.com z.moatads.com	1 KB
1	pixabay.com cdn.pixabay.com	19 KB
1	dailyblogging.com.au dailyblogging.com.au	108 KB
52	12

	Domain	Requested by
26	www.securesphere.net	www.securesphere.net
9	www.youtube.com	www.securesphere.net www.youtube.com
3	s7.addthis.com	www.securesphere.net s7.addthis.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
1	m.addthis.com	s7.addthis.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	fonts.gstatic.com	www.youtube.com
1	media.istockphoto.com	www.securesphere.net
1	z.moatads.com	s7.addthis.com
1	cdn.pixabay.com	www.securesphere.net
1	dailyblogging.com.au	www.securesphere.net
52	15

This site contains links to these domains. Also see Links.

Domain
www.lvking888.com
dictionary.cambridge.org
www.mmc33.net
www.webpsilon.com
www.addthis.com

Subject Issuer	Validity	Valid
*.ssl.hwcdn.net Sectigo RSA Domain Validation Secure Server CA	`2020-01-02` - `2022-01-19`	2 years	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
dailyblogging.com.au R3	`2021-09-15` - `2021-12-14`	3 months	crt.sh
pixabay.com Cloudflare Inc ECC CA-3	`2021-05-12` - `2022-05-11`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
media.gettyimages.com Amazon	`2021-04-11` - `2022-05-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.securesphere.net/
Frame ID: 25DE7C1B594B6326FA4F507E7106ABF4
Requests: 31 HTTP requests in this frame

Frame: https://www.securesphere.net/sbbi/?sbbpg=sbbShell&gprid=VM
Frame ID: 1B140D003D5485F3F2918DB770622255
Requests: 3 HTTP requests in this frame

Frame: https://www.securesphere.net/sbbi/?sbbpg=sbbShell&gprid=GE
Frame ID: D1924AFCFBC212C4B651779026685200
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/dmtId3QF6u0
Frame ID: 9A374F98920E6A23F9C56F36D11FA341
Requests: 18 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 093A6B36C322957482313699BC5DFC18
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 5CA7D301A7D1C5F11F8A869938C6EC82
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Secure-Sphere - 4 Employees On The Verge Of Losing Their Jobs At The Biarritz CasinoFacebookTwitterPrintEmailAddThisFacebookTwitterPrintEmailAddThis

Page URL History Show full URLs

https://www.securesphere.net/ Page URL
https://www.securesphere.net/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AddThis (Widgets) Expand

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

52
Requests

48 %
HTTPS

0 %
IPv6

12
Domains

15
Subdomains

15
IPs

3
Countries

2482 kB
Transfer

5076 kB
Size

16
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.lvking888.com/sg/en-us/
Title: Online live casino Singapore

Search URL Search Domain Scan URL

URL: https://dictionary.cambridge.org/dictionary/english/address
Title: address

Search URL Search Domain Scan URL

URL: https://dictionary.cambridge.org/dictionary/english/genuine
Title: genuine

Search URL Search Domain Scan URL

URL: https://www.mmc33.net/sg/en-us/
Title: MMC33

Search URL Search Domain Scan URL

URL: https://www.webpsilon.com/en/wpthemes
Title: Webpsilon

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.securesphere.net/ Page URL
https://www.securesphere.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

52 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
www.securesphere.net/ 12 KB
6 KB 82ms
23ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securesphere.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: baf8828391506949eb0166ac5c749a408ec19301ea0ca8a4a5934952666179ef

Request headers

:method: GET
:authority: www.securesphere.net
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 23 Sep 2021 00:54:49 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
set-cookie: SPSI=420b0d6438ea55286ac193da9b936897; path=/; HttpOnly; SameSite=Lax; SPSE=iMz+jr603TCSZdnS/llJ7nmgKvwWl4/gWtWhxGJ2fvPmUjhkN0+4W4v0K8VJ9p4qbbg/1mlKNkxYX6GktTmYGw==; path=/; HttpOnly; SameSite=Lax; spcsrf=8bff07bab8a1bb6694ce9851c064ccb5; path=/; SameSite=Strict; HttpOnly; expires=Thu, 23-Sep-21 02:54:49 GMT adOtr=obsvl; path=/; SameSite=Lax; expires=Thu, 2 Aug 2001 20:47:11 UTC UTGv2=D-h47658deb4021e8e3cfdf1b4e229d7f73119; path=/; SameSite=Lax; expires=Tue, 22-Mar-22 00:54:49 GMT
server: fbs
x-accel-expires: 0
access-control-allow-origin: *
x-hw: 1632358489.cds122.fr8.hn,1632358489.cds124.fr8.sc,1632358489.cdn2-redis01-fra1.stackpath.systems.-.w,1632358489.cds124.fr8.p

GET
H2 200 / Show response
www.securesphere.net/sbbi/ Frame 1B14 25 KB
11 KB 32ms
32ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securesphere.net/sbbi/?sbbpg=sbbShell&gprid=VM&sbbgs=h47658deb4021e8e3cfdf1b4e229d7f73119&ddl=1
Requested by: Host: www.securesphere.net
URL: https://www.securesphere.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: d4ea1e6128116fd885867ad8c3ac03277b0e939ce42ea638319169a72bbb0707

Request headers

:method: GET
:authority: www.securesphere.net
:scheme: https
:path: /sbbi/?sbbpg=sbbShell&gprid=VM&sbbgs=h47658deb4021e8e3cfdf1b4e229d7f73119&ddl=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.securesphere.net/
accept-encoding: gzip, deflate, br
cookie: SPSI=420b0d6438ea55286ac193da9b936897; SPSE=iMz+jr603TCSZdnS/llJ7nmgKvwWl4/gWtWhxGJ2fvPmUjhkN0+4W4v0K8VJ9p4qbbg/1mlKNkxYX6GktTmYGw==; spcsrf=8bff07bab8a1bb6694ce9851c064ccb5; sbtsck=javefI5jleCDvslac5LsuxGc+IMaXgt6EmimIzfdWUlKB4=; PRLST=VM; UTGv2=h47658deb4021e8e3cfdf1b4e229d7f73119
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/

Response headers

date: Thu, 23 Sep 2021 00:54:49 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: fbs
x-accel-expires: 0
access-control-allow-origin: *
x-hw: 1632358489.cds122.fr8.hn,1632358489.cds246.fr8.sc,1632358489.cdn2-wafbe03-fra1.stackpath.systems.-.i,1632358489.cds246.fr8.p

GET
H2 200 /
www.securesphere.net/sbbi/ 43 B
177 B 18ms
18ms Image
image/gif 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securesphere.net/sbbi/?sbbpg=utMedia&vii=4h2407b605d86d4e3b84e0a2515e288e63accf1d9f31dba49eb292396d879f77r3p1w1i9
Requested by: Host: www.securesphere.net
URL: https://www.securesphere.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

:path: /sbbi/?sbbpg=utMedia&vii=4h2407b605d86d4e3b84e0a2515e288e63accf1d9f31dba49eb292396d879f77r3p1w1i9
pragma: no-cache
cookie: SPSI=420b0d6438ea55286ac193da9b936897; SPSE=iMz+jr603TCSZdnS/llJ7nmgKvwWl4/gWtWhxGJ2fvPmUjhkN0+4W4v0K8VJ9p4qbbg/1mlKNkxYX6GktTmYGw==; spcsrf=8bff07bab8a1bb6694ce9851c064ccb5; sbtsck=javefI5jleCDvslac5LsuxGc+IMaXgt6EmimIzfdWUlKB4=; PRLST=VM; UTGv2=h47658deb4021e8e3cfdf1b4e229d7f73119
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.securesphere.net
referer: https://www.securesphere.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
x-accel-expires: 0
date: Thu, 23 Sep 2021 00:54:49 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
server: fbs
x-hw: 1632358489.cds122.fr8.hn,1632358489.cds168.fr8.sc,1632358489.cdn2-redis01-fra1.stackpath.systems.-.i,1632358489.cds168.fr8.p
content-type: image/gif

POST
H2 200 / Show response
www.securesphere.net/sbbi/ Frame 1B14 516 B
475 B 32ms
31ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securesphere.net/sbbi/?sbbpg=sbbShell&gprid=VM&sbbgs=h47658deb4021e8e3cfdf1b4e229d7f73119&ddl=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: d155160aea288964eebe06a362795ab879ed657ca75f7ca60d5a1c8e9fe05d7b

Request headers

:method: POST
:authority: www.securesphere.net
:scheme: https
:path: /sbbi/?sbbpg=sbbShell&gprid=VM&sbbgs=h47658deb4021e8e3cfdf1b4e229d7f73119&ddl=1
content-length: 534
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.securesphere.net
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.securesphere.net/sbbi/?sbbpg=sbbShell&gprid=VM&sbbgs=h47658deb4021e8e3cfdf1b4e229d7f73119&ddl=1
accept-encoding: gzip, deflate, br
cookie: SPSI=420b0d6438ea55286ac193da9b936897; SPSE=iMz+jr603TCSZdnS/llJ7nmgKvwWl4/gWtWhxGJ2fvPmUjhkN0+4W4v0K8VJ9p4qbbg/1mlKNkxYX6GktTmYGw==; spcsrf=8bff07bab8a1bb6694ce9851c064ccb5; sbtsck=javefI5jleCDvslac5LsuxGc+IMaXgt6EmimIzfdWUlKB4=; PRLST=VM; UTGv2=h47658deb4021e8e3cfdf1b4e229d7f73119; adOtr=0b2d44036e8
Upgrade-Insecure-Requests: 1
Origin: https://www.securesphere.net
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/sbbi/?sbbpg=sbbShell&gprid=VM&sbbgs=h47658deb4021e8e3cfdf1b4e229d7f73119&ddl=1

Response headers

date: Thu, 23 Sep 2021 00:54:50 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: fbs
x-accel-expires: 0
access-control-allow-origin: *
x-hw: 1632358490.cds122.fr8.hn,1632358490.cds264.fr8.sc,1632358490.cdn2-redis01-fra1.stackpath.systems.-.i,1632358490.cds264.fr8.p

GET
H2 200 /
www.securesphere.net/sbbi/ Frame 1B14 7 KB
3 KB 23ms
22ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securesphere.net/sbbi/?sbbpg=sbbShell&gprid=VM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash

Request headers

:method: GET
:authority: www.securesphere.net
:scheme: https
:path: /sbbi/?sbbpg=sbbShell&gprid=VM
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.securesphere.net/sbbi/?sbbpg=sbbShell&gprid=VM&sbbgs=h47658deb4021e8e3cfdf1b4e229d7f73119&ddl=1
accept-encoding: gzip, deflate, br
cookie: SPSI=420b0d6438ea55286ac193da9b936897; SPSE=iMz+jr603TCSZdnS/llJ7nmgKvwWl4/gWtWhxGJ2fvPmUjhkN0+4W4v0K8VJ9p4qbbg/1mlKNkxYX6GktTmYGw==; spcsrf=8bff07bab8a1bb6694ce9851c064ccb5; sbtsck=javefI5jleCDvslac5LsuxGc+IMaXgt6EmimIzfdWUlKB4=; PRLST=VM; UTGv2=h47658deb4021e8e3cfdf1b4e229d7f73119; adOtr=0b2d44036e8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/sbbi/?sbbpg=sbbShell&gprid=VM&sbbgs=h47658deb4021e8e3cfdf1b4e229d7f73119&ddl=1

Response headers

date: Thu, 23 Sep 2021 00:54:50 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: fbs
x-accel-expires: 0
access-control-allow-origin: *
x-hw: 1632358490.cds122.fr8.hn,1632358490.cds041.fr8.sc,1632358490.cdn2-wafbe04-fra1.stackpath.systems.-.i,1632358490.cds041.fr8.p

GET
H2 200 Primary Request / Show response
www.securesphere.net/ 43 KB
15 KB 839ms
838ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securesphere.net/
Requested by: Host: www.securesphere.net
URL: https://www.securesphere.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: 739276e5a7ea7d73da64ba87ceb4391d741f11f5db349becacea6b64b7c73088

Request headers

:method: GET
:authority: www.securesphere.net
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.securesphere.net/
accept-encoding: gzip, deflate, br
cookie: SPSI=420b0d6438ea55286ac193da9b936897; SPSE=iMz+jr603TCSZdnS/llJ7nmgKvwWl4/gWtWhxGJ2fvPmUjhkN0+4W4v0K8VJ9p4qbbg/1mlKNkxYX6GktTmYGw==; spcsrf=8bff07bab8a1bb6694ce9851c064ccb5; sbtsck=javefI5jleCDvslac5LsuxGc+IMaXgt6EmimIzfdWUlKB4=; PRLST=VM; UTGv2=h47658deb4021e8e3cfdf1b4e229d7f73119; adOtr=0b2d44036e8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/

Response headers

date: Thu, 23 Sep 2021 00:54:50 GMT
cache-control: private
content-encoding: gzip
content-type: text/html; charset=UTF-8
set-cookie: spcsrf=741fd0155d7aac97c66f8ccab85b30f0; path=/; SameSite=Strict; HttpOnly; expires=Thu, 23-Sep-21 02:54:50 GMT adOtr=obsvl; path=/; SameSite=Lax; expires=Thu, 2 Aug 2001 20:47:11 UTC PRLST=; Mon, 20-Sep-21 00:54:50 GMT; path=/; SameSite=Lax; sp_lit=VSP3O9ObEJca9K3epT5mEA==; path=/; SameSite=Strict; HttpOnly; expires=Thu, 23-Sep-21 00:59:50 GMT
link: <https://www.securesphere.net/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding,User-Agent
server: fbs
access-control-allow-origin: *
x-hw: 1632358490.cds122.fr8.hn,1632358490.cds257.fr8.sc,1632358490.cdn2-wafbe01-fra1.stackpath.systems.-.wx,1632358490.cds257.fr8.p

GET
H2 200 style.min.css
www.securesphere.net/wp-includes/css/dist/block-library/ 79 KB
10 KB 466ms
465ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securesphere.net/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
Requested by: Host: www.securesphere.net
URL: https://www.securesphere.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
pragma: no-cache
cookie: SPSI=420b0d6438ea55286ac193da9b936897; SPSE=iMz+jr603TCSZdnS/llJ7nmgKvwWl4/gWtWhxGJ2fvPmUjhkN0+4W4v0K8VJ9p4qbbg/1mlKNkxYX6GktTmYGw==; sbtsck=javefI5jleCDvslac5LsuxGc+IMaXgt6EmimIzfdWUlKB4=; UTGv2=h47658deb4021e8e3cfdf1b4e229d7f73119; spcsrf=741fd0155d7aac97c66f8ccab85b30f0; PRLST=; sp_lit=VSP3O9ObEJca9K3epT5mEA==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.securesphere.net
referer: https://www.securesphere.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 00:54:51 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 03:46:42 GMT
server: fbs
etag: "13abe-5c79a04c850a8-gzip"
vary: Accept-Encoding,User-Agent
x-hw: 1632358490.cds122.fr8.hn,1632358490.cds129.fr8.sc,1632358491.cdn2-redis02-fra1.stackpath.systems.-.wx,1632358491.cds129.fr8.p
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 10523

GET
H2 200 wpautoterms.css
www.securesphere.net/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/ 547 B
400 B 452ms
449ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securesphere.net/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/wpautoterms.css?ver=5.8.1
Requested by: Host: www.securesphere.net
URL: https://www.securesphere.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: 2721cb3be7704be75a403489d609671fab74269a881ca8b62f1b47f118c02a76

Request headers

:path: /wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/wpautoterms.css?ver=5.8.1
pragma: no-cache
cookie: SPSI=420b0d6438ea55286ac193da9b936897; SPSE=iMz+jr603TCSZdnS/llJ7nmgKvwWl4/gWtWhxGJ2fvPmUjhkN0+4W4v0K8VJ9p4qbbg/1mlKNkxYX6GktTmYGw==; sbtsck=javefI5jleCDvslac5LsuxGc+IMaXgt6EmimIzfdWUlKB4=; UTGv2=h47658deb4021e8e3cfdf1b4e229d7f73119; spcsrf=741fd0155d7aac97c66f8ccab85b30f0; PRLST=; sp_lit=VSP3O9ObEJca9K3epT5mEA==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.securesphere.net
referer: https://www.securesphere.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 00:54:51 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 14:42:54 GMT
server: fbs
etag: "223-5c6ee22efe340-gzip"
vary: Accept-Encoding,User-Agent
x-hw: 1632358490.cds122.fr8.hn,1632358490.cds142.fr8.sc,1632358491.cdn2-redis01-fra1.stackpath.systems.-.wx,1632358491.cds142.fr8.p
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 195

GET
H2 200 styles.css
www.securesphere.net/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 489ms
487ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securesphere.net/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.1
Requested by: Host: www.securesphere.net
URL: https://www.securesphere.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: 070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf

Request headers

:path: /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.1
pragma: no-cache
cookie: SPSI=420b0d6438ea55286ac193da9b936897; SPSE=iMz+jr603TCSZdnS/llJ7nmgKvwWl4/gWtWhxGJ2fvPmUjhkN0+4W4v0K8VJ9p4qbbg/1mlKNkxYX6GktTmYGw==; sbtsck=javefI5jleCDvslac5LsuxGc+IMaXgt6EmimIzfdWUlKB4=; UTGv2=h47658deb4021e8e3cfdf1b4e229d7f73119; spcsrf=741fd0155d7aac97c66f8ccab85b30f0; PRLST=; sp_lit=VSP3O9ObEJca9K3epT5mEA==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.securesphere.net
referer: https://www.securesphere.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 00:54:51 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 14:40:50 GMT
server: fbs
etag: "a50-5c6ee1b8e6c20-gzip"
vary: Accept-Encoding,User-Agent
x-hw: 1632358490.cds122.fr8.hn,1632358490.cds248.fr8.sc,1632358491.cdn2-wafbe04-fra1.stackpath.systems.-.wx,1632358491.cds248.fr8.p
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 932

GET
H2 200 dashicons.min.css
www.securesphere.net/wp-includes/css/ 58 KB
35 KB 614ms
612ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securesphere.net/wp-includes/css/dashicons.min.css?ver=5.8.1
Requested by: Host: www.securesphere.net
URL: https://www.securesphere.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

:path: /wp-includes/css/dashicons.min.css?ver=5.8.1
pragma: no-cache
cookie: SPSI=420b0d6438ea55286ac193da9b936897; SPSE=iMz+jr603TCSZdnS/llJ7nmgKvwWl4/gWtWhxGJ2fvPmUjhkN0+4W4v0K8VJ9p4qbbg/1mlKNkxYX6GktTmYGw==; sbtsck=javefI5jleCDvslac5LsuxGc+IMaXgt6EmimIzfdWUlKB4=; UTGv2=h47658deb4021e8e3cfdf1b4e229d7f73119; spcsrf=741fd0155d7aac97c66f8ccab85b30f0; PRLST=; sp_lit=VSP3O9ObEJca9K3epT5mEA==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.securesphere.net
referer: https://www.securesphere.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 00:54:51 GMT
content-encoding: gzip
last-modified: Fri, 26 Mar 2021 05:32:20 GMT
server: fbs
etag: "e688-5be69db154100-gzip"
vary: Accept-Encoding,User-Agent
x-hw: 1632358490.cds122.fr8.hn,1632358490.cds015.fr8.sc,1632358491.cdn2-wafbe04-fra1.stackpath.systems.-.wx,1632358491.cds015.fr8.p
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 35730

GET
H2 200 style.css
www.securesphere.net/wp-content/themes/draco/ 23 KB
6 KB 468ms
466ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securesphere.net/wp-content/themes/draco/style.css?ver=5.8.1
Requested by: Host: www.securesphere.net
URL: https://www.securesphere.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: 6f7decc07dcdb6ac2f6be96754df226986aeec9447ef36e2a9d1657fa9929135

Request headers

:path: /wp-content/themes/draco/style.css?ver=5.8.1
pragma: no-cache
cookie: SPSI=420b0d6438ea55286ac193da9b936897; SPSE=iMz+jr603TCSZdnS/llJ7nmgKvwWl4/gWtWhxGJ2fvPmUjhkN0+4W4v0K8VJ9p4qbbg/1mlKNkxYX6GktTmYGw==; sbtsck=javefI5jleCDvslac5LsuxGc+IMaXgt6EmimIzfdWUlKB4=; UTGv2=h47658deb4021e8e3cfdf1b4e229d7f73119; spcsrf=741fd0155d7aac97c66f8ccab85b30f0; PRLST=; sp_lit=VSP3O9ObEJca9K3epT5mEA==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.securesphere.net
referer: https://www.securesphere.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 00:54:51 GMT
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 12:25:55 GMT
server: fbs
etag: "5a3a-5c70056e25838-gzip"
vary: Accept-Encoding,User-Agent
x-hw: 1632358490.cds122.fr8.hn,1632358490.cds147.fr8.sc,1632358491.cdn2-wafbe01-fra1.stackpath.systems.-.wx,1632358491.cds147.fr8.p
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 6145

GET
H2 200 addthis_wordpress_public.min.css
www.securesphere.net/wp-content/plugins/addthis/frontend/build/ 587 B
454 B 465ms
463ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securesphere.net/wp-content/plugins/addthis/frontend/build/addthis_wordpress_public.min.css?ver=5.8.1
Requested by: Host: www.securesphere.net
URL: https://www.securesphere.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb

Request headers

:path: /wp-content/plugins/addthis/frontend/build/addthis_wordpress_public.min.css?ver=5.8.1
pragma: no-cache
cookie: SPSI=420b0d6438ea55286ac193da9b936897; SPSE=iMz+jr603TCSZdnS/llJ7nmgKvwWl4/gWtWhxGJ2fvPmUjhkN0+4W4v0K8VJ9p4qbbg/1mlKNkxYX6GktTmYGw==; sbtsck=javefI5jleCDvslac5LsuxGc+IMaXgt6EmimIzfdWUlKB4=; UTGv2=h47658deb4021e8e3cfdf1b4e229d7f73119; spcsrf=741fd0155d7aac97c66f8ccab85b30f0; PRLST=; sp_lit=VSP3O9ObEJca9K3epT5mEA==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.securesphere.net
referer: https://www.securesphere.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 00:54:51 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 14:42:07 GMT
server: fbs
etag: "24b-5c6ee20241910-gzip"
vary: Accept-Encoding,User-Agent
x-hw: 1632358490.cds122.fr8.hn,1632358490.cds052.fr8.sc,1632358491.cdn2-redis01-fra1.stackpath.systems.-.wx,1632358491.cds052.fr8.p
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 284

GET
H2 200 jquery.min.js Show response
www.securesphere.net/wp-includes/js/jquery/ 87 KB
30 KB 612ms
610ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securesphere.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.securesphere.net
URL: https://www.securesphere.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.6.0
pragma: no-cache
cookie: SPSI=420b0d6438ea55286ac193da9b936897; SPSE=iMz+jr603TCSZdnS/llJ7nmgKvwWl4/gWtWhxGJ2fvPmUjhkN0+4W4v0K8VJ9p4qbbg/1mlKNkxYX6GktTmYGw==; sbtsck=javefI5jleCDvslac5LsuxGc+IMaXgt6EmimIzfdWUlKB4=; UTGv2=h47658deb4021e8e3cfdf1b4e229d7f73119; spcsrf=741fd0155d7aac97c66f8ccab85b30f0; PRLST=; sp_lit=VSP3O9ObEJca9K3epT5mEA==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.securesphere.net
referer: https://www.securesphere.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 00:54:51 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 03:46:44 GMT
server: fbs
etag: "15db1-5c79a04dcb750-gzip"
vary: Accept-Encoding,User-Agent
x-hw: 1632358490.cds122.fr8.hn,1632358490.cds233.fr8.sc,1632358491.cdn2-redis02-fra1.stackpath.systems.-.wx,1632358491.cds233.fr8.p
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 30908

GET
H2 200 jquery-migrate.min.js Show response
www.securesphere.net/wp-includes/js/jquery/ 11 KB
4 KB 480ms
478ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securesphere.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.securesphere.net
URL: https://www.securesphere.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
cookie: SPSI=420b0d6438ea55286ac193da9b936897; SPSE=iMz+jr603TCSZdnS/llJ7nmgKvwWl4/gWtWhxGJ2fvPmUjhkN0+4W4v0K8VJ9p4qbbg/1mlKNkxYX6GktTmYGw==; sbtsck=javefI5jleCDvslac5LsuxGc+IMaXgt6EmimIzfdWUlKB4=; UTGv2=h47658deb4021e8e3cfdf1b4e229d7f73119; spcsrf=741fd0155d7aac97c66f8ccab85b30f0; PRLST=; sp_lit=VSP3O9ObEJca9K3epT5mEA==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.securesphere.net
referer: https://www.securesphere.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 00:54:51 GMT
content-encoding: gzip
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
server: fbs
etag: "2bd8-5b466b8f0b580-gzip"
vary: Accept-Encoding,User-Agent
x-hw: 1632358490.cds122.fr8.hn,1632358490.cds206.fr8.sc,1632358491.cdn2-wafbe03-fra1.stackpath.systems.-.wx,1632358491.cds206.fr8.p
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4169

GET
H2 200 regenerator-runtime.min.js Show response
www.securesphere.net/wp-includes/js/dist/vendor/ 6 KB
3 KB 479ms
477ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securesphere.net/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
Requested by: Host: www.securesphere.net
URL: https://www.securesphere.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Request headers

:path: /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
pragma: no-cache
cookie: SPSI=420b0d6438ea55286ac193da9b936897; SPSE=iMz+jr603TCSZdnS/llJ7nmgKvwWl4/gWtWhxGJ2fvPmUjhkN0+4W4v0K8VJ9p4qbbg/1mlKNkxYX6GktTmYGw==; sbtsck=javefI5jleCDvslac5LsuxGc+IMaXgt6EmimIzfdWUlKB4=; UTGv2=h47658deb4021e8e3cfdf1b4e229d7f73119; spcsrf=741fd0155d7aac97c66f8ccab85b30f0; PRLST=; sp_lit=VSP3O9ObEJca9K3epT5mEA==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.securesphere.net
referer: https://www.securesphere.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 00:54:51 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 03:46:42 GMT
server: fbs
etag: "1906-5c79a04cc4c30-gzip"
vary: Accept-Encoding,User-Agent
x-hw: 1632358490.cds122.fr8.hn,1632358490.cds280.fr8.sc,1632358491.cdn2-wafbe04-fra1.stackpath.systems.-.wx,1632358491.cds280.fr8.p
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2398

GET
H2 200 wp-polyfill.min.js Show response
www.securesphere.net/wp-includes/js/dist/vendor/ 16 KB
6 KB 499ms
498ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securesphere.net/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: www.securesphere.net
URL: https://www.securesphere.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: 293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Request headers

:path: /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
pragma: no-cache
cookie: SPSI=420b0d6438ea55286ac193da9b936897; SPSE=iMz+jr603TCSZdnS/llJ7nmgKvwWl4/gWtWhxGJ2fvPmUjhkN0+4W4v0K8VJ9p4qbbg/1mlKNkxYX6GktTmYGw==; sbtsck=javefI5jleCDvslac5LsuxGc+IMaXgt6EmimIzfdWUlKB4=; UTGv2=h47658deb4021e8e3cfdf1b4e229d7f73119; spcsrf=741fd0155d7aac97c66f8ccab85b30f0; PRLST=; sp_lit=VSP3O9ObEJca9K3epT5mEA==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.securesphere.net
referer: https://www.securesphere.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 00:54:51 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 03:46:42 GMT
server: fbs
etag: "4056-5c79a04cc5400-gzip"
vary: Accept-Encoding,User-Agent
x-hw: 1632358490.cds122.fr8.hn,1632358490.cds267.fr8.sc,1632358491.cdn2-redis01-fra1.stackpath.systems.-.wx,1632358491.cds267.fr8.p
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 6031

GET
H2 200 dom-ready.min.js Show response
www.securesphere.net/wp-includes/js/dist/ 1 KB
775 B 504ms
503ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securesphere.net/wp-includes/js/dist/dom-ready.min.js?ver=71883072590656bf22c74c7b887df3dd
Requested by: Host: www.securesphere.net
URL: https://www.securesphere.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db

Request headers

:path: /wp-includes/js/dist/dom-ready.min.js?ver=71883072590656bf22c74c7b887df3dd
pragma: no-cache
cookie: SPSI=420b0d6438ea55286ac193da9b936897; SPSE=iMz+jr603TCSZdnS/llJ7nmgKvwWl4/gWtWhxGJ2fvPmUjhkN0+4W4v0K8VJ9p4qbbg/1mlKNkxYX6GktTmYGw==; sbtsck=javefI5jleCDvslac5LsuxGc+IMaXgt6EmimIzfdWUlKB4=; UTGv2=h47658deb4021e8e3cfdf1b4e229d7f73119; spcsrf=741fd0155d7aac97c66f8ccab85b30f0; PRLST=; sp_lit=VSP3O9ObEJca9K3epT5mEA==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.securesphere.net
referer: https://www.securesphere.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 00:54:51 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 03:46:43 GMT
server: fbs
etag: "4e9-5c79a04da7d00-gzip"
vary: Accept-Encoding,User-Agent
x-hw: 1632358490.cds122.fr8.hn,1632358490.cds202.fr8.sc,1632358491.cdn2-wafbe03-fra1.stackpath.systems.-.wx,1632358491.cds202.fr8.p
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 604

GET
H2 200 base.js Show response
www.securesphere.net/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/ 481 B
394 B 506ms
505ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securesphere.net/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/base.js?ver=2.4.5
Requested by: Host: www.securesphere.net
URL: https://www.securesphere.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: 76aba5d4e5db7eb218d6a1378af48dcc252d19e159d7340681b8b723b32d403a

Request headers

:path: /wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/base.js?ver=2.4.5
pragma: no-cache
cookie: SPSI=420b0d6438ea55286ac193da9b936897; SPSE=iMz+jr603TCSZdnS/llJ7nmgKvwWl4/gWtWhxGJ2fvPmUjhkN0+4W4v0K8VJ9p4qbbg/1mlKNkxYX6GktTmYGw==; sbtsck=javefI5jleCDvslac5LsuxGc+IMaXgt6EmimIzfdWUlKB4=; UTGv2=h47658deb4021e8e3cfdf1b4e229d7f73119; spcsrf=741fd0155d7aac97c66f8ccab85b30f0; PRLST=; sp_lit=VSP3O9ObEJca9K3epT5mEA==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.securesphere.net
referer: https://www.securesphere.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 00:54:51 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 14:42:55 GMT
server: fbs
etag: "1e1-5c6ee22fdae80-gzip"
vary: Accept-Encoding,User-Agent
x-hw: 1632358490.cds122.fr8.hn,1632358490.cds286.fr8.sc,1632358491.cdn2-wafbe03-fra1.stackpath.systems.-.wx,1632358491.cds286.fr8.p
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 225

GET
H2 200 draco.js Show response
www.securesphere.net/wp-content/themes/draco/assets/js/ 3 KB
1 KB 474ms
473ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securesphere.net/wp-content/themes/draco/assets/js/draco.js?ver=5.8.1
Requested by: Host: www.securesphere.net
URL: https://www.securesphere.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: aa502aa1d315243f049bc1865dd756e1b4a1d72b3bbd9cfd92648213df61a8ad

Request headers

:path: /wp-content/themes/draco/assets/js/draco.js?ver=5.8.1
pragma: no-cache
cookie: SPSI=420b0d6438ea55286ac193da9b936897; SPSE=iMz+jr603TCSZdnS/llJ7nmgKvwWl4/gWtWhxGJ2fvPmUjhkN0+4W4v0K8VJ9p4qbbg/1mlKNkxYX6GktTmYGw==; sbtsck=javefI5jleCDvslac5LsuxGc+IMaXgt6EmimIzfdWUlKB4=; UTGv2=h47658deb4021e8e3cfdf1b4e229d7f73119; spcsrf=741fd0155d7aac97c66f8ccab85b30f0; PRLST=; sp_lit=VSP3O9ObEJca9K3epT5mEA==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.securesphere.net
referer: https://www.securesphere.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 00:54:51 GMT
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 12:25:55 GMT
server: fbs
etag: "ce7-5c70056e238f8-gzip"
vary: Accept-Encoding,User-Agent
x-hw: 1632358490.cds122.fr8.hn,1632358490.cds140.fr8.sc,1632358491.cdn2-wafbe04-fra1.stackpath.systems.-.wx,1632358491.cds140.fr8.p
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 922

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 528ms
118ms Script
application/javascript 104.106.1.225
AS6453

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js?ver=5.8.1

Requested by

Host: www.securesphere.net
URL: https://www.securesphere.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.106.1.225 Atlanta, United States, ASN6453 (AS6453, US),

Reverse DNS

a104-106-1-225.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Thu, 23 Sep 2021 00:54:51 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 cropped-sslogo.png
www.securesphere.net/wp-content/uploads/2021/07/ 8 KB
8 KB 461ms
461ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securesphere.net/wp-content/uploads/2021/07/cropped-sslogo.png
Requested by: Host: www.securesphere.net
URL: https://www.securesphere.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: a217a61ae73ceb5d9227b2f76ddaf561dfcf321b5220060df6f603b4497cd16f

Request headers

:path: /wp-content/uploads/2021/07/cropped-sslogo.png
pragma: no-cache
cookie: SPSI=420b0d6438ea55286ac193da9b936897; SPSE=iMz+jr603TCSZdnS/llJ7nmgKvwWl4/gWtWhxGJ2fvPmUjhkN0+4W4v0K8VJ9p4qbbg/1mlKNkxYX6GktTmYGw==; sbtsck=javefI5jleCDvslac5LsuxGc+IMaXgt6EmimIzfdWUlKB4=; UTGv2=h47658deb4021e8e3cfdf1b4e229d7f73119; spcsrf=741fd0155d7aac97c66f8ccab85b30f0; PRLST=; sp_lit=VSP3O9ObEJca9K3epT5mEA==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.securesphere.net
referer: https://www.securesphere.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 00:54:52 GMT
last-modified: Tue, 13 Jul 2021 12:43:19 GMT
server: fbs
etag: "2011-5c700951f5bc8"
x-hw: 1632358491.cds122.fr8.hn,1632358491.cds201.fr8.sc,1632358492.cdn2-wafbe01-fra1.stackpath.systems.-.wx,1632358492.cds201.fr8.p
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8209

GET
H2 200 MobileCasino.jpg
dailyblogging.com.au/wp-content/uploads/2020/06/ 107 KB
108 KB 824ms
169ms Image
image/jpeg 216.172.184.14
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dailyblogging.com.au/wp-content/uploads/2020/06/MobileCasino.jpg
Requested by: Host: www.securesphere.net
URL: https://www.securesphere.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.184.14 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-184-14.unifiedlayer.com
Software: Apache /
Resource Hash: 69467173551bf73a9f25f34a135328872a799c8141955980c8417a8ba95ca36a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 00:54:52 GMT
last-modified: Wed, 24 Jun 2020 12:10:20 GMT
server: Apache
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 109182
expires: Fri, 23 Sep 2022 00:54:52 GMT

GET
H2 200 play-593207__340.jpg
cdn.pixabay.com/photo/2015/01/08/16/35/ 18 KB
19 KB 69ms
25ms Image
image/webp 104.18.20.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pixabay.com/photo/2015/01/08/16/35/play-593207__340.jpg
Requested by: Host: www.securesphere.net
URL: https://www.securesphere.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.20.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d24ab7fea2fc94eadea42d13410cacfda39529c9adfdc2d5fdd1d700afc9baf4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 00:54:51 GMT
cf-cache-status: HIT
age: 845709
cf-polished: qual=85, origFmt=jpeg, origSize=31533
cf-ray: 692fcdddd8e6c2ae-FRA
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="play-593207__340.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18220
x-amz-id-2: btHt0kViHo/0lPCGT1picZRQ7ClQl3aIIUZ7+lTS6A3opKXAdWJIfVxaB8WzfCBi5yiGESiXuxs=
last-modified: Tue, 26 Feb 2019 03:41:34 GMT
server: cloudflare
etag: "69970fbaa2204afe66bd8e31456c213d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
x-amz-request-id: N3WQNE61PQ38QJVB
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-amz-version-id: haPqtiiOj6WG2O9X9m5WCMzAxwicOUQN
accept-ranges: bytes
content-type: image/webp
expires: Fri, 23 Sep 2022 00:54:51 GMT

GET
H2 200 index.js Show response
www.securesphere.net/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 445ms
445ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securesphere.net/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.1
Requested by: Host: www.securesphere.net
URL: https://www.securesphere.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: 927d5436967ebce8a52c4bdcd27cc056c910a72270f74990dfbd1d554840c12d

Request headers

:path: /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.1
pragma: no-cache
cookie: SPSI=420b0d6438ea55286ac193da9b936897; SPSE=iMz+jr603TCSZdnS/llJ7nmgKvwWl4/gWtWhxGJ2fvPmUjhkN0+4W4v0K8VJ9p4qbbg/1mlKNkxYX6GktTmYGw==; sbtsck=javefI5jleCDvslac5LsuxGc+IMaXgt6EmimIzfdWUlKB4=; UTGv2=h47658deb4021e8e3cfdf1b4e229d7f73119; spcsrf=741fd0155d7aac97c66f8ccab85b30f0; PRLST=; sp_lit=VSP3O9ObEJca9K3epT5mEA==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.securesphere.net
referer: https://www.securesphere.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 00:54:51 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 14:40:50 GMT
server: fbs
etag: "34ad-5c6ee1b8e9330-gzip"
vary: Accept-Encoding,User-Agent
x-hw: 1632358491.cds122.fr8.hn,1632358491.cds262.fr8.sc,1632358491.cdn2-wafbe01-fra1.stackpath.systems.-.wx,1632358491.cds262.fr8.p
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4004

GET
H2 200 wp-embed.min.js Show response
www.securesphere.net/wp-includes/js/ 1 KB
958 B 443ms
442ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securesphere.net/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by: Host: www.securesphere.net
URL: https://www.securesphere.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.8.1
pragma: no-cache
cookie: SPSI=420b0d6438ea55286ac193da9b936897; SPSE=iMz+jr603TCSZdnS/llJ7nmgKvwWl4/gWtWhxGJ2fvPmUjhkN0+4W4v0K8VJ9p4qbbg/1mlKNkxYX6GktTmYGw==; sbtsck=javefI5jleCDvslac5LsuxGc+IMaXgt6EmimIzfdWUlKB4=; UTGv2=h47658deb4021e8e3cfdf1b4e229d7f73119; spcsrf=741fd0155d7aac97c66f8ccab85b30f0; PRLST=; sp_lit=VSP3O9ObEJca9K3epT5mEA==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.securesphere.net
referer: https://www.securesphere.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 00:54:52 GMT
content-encoding: gzip
last-modified: Thu, 07 Jan 2021 01:59:24 GMT
server: fbs
etag: "592-5b845c9f3b700-gzip"
vary: Accept-Encoding,User-Agent
x-hw: 1632358491.cds122.fr8.hn,1632358491.cds010.fr8.sc,1632358492.cdn2-redis02-fra1.stackpath.systems.-.wx,1632358492.cds010.fr8.p
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 765

GET
H2 200 wp-emoji-release.min.js Show response
www.securesphere.net/wp-includes/js/ 18 KB
5 KB 462ms
462ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securesphere.net/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by: Host: www.securesphere.net
URL: https://www.securesphere.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
pragma: no-cache
cookie: SPSI=420b0d6438ea55286ac193da9b936897; SPSE=iMz+jr603TCSZdnS/llJ7nmgKvwWl4/gWtWhxGJ2fvPmUjhkN0+4W4v0K8VJ9p4qbbg/1mlKNkxYX6GktTmYGw==; sbtsck=javefI5jleCDvslac5LsuxGc+IMaXgt6EmimIzfdWUlKB4=; UTGv2=h47658deb4021e8e3cfdf1b4e229d7f73119; spcsrf=741fd0155d7aac97c66f8ccab85b30f0; PRLST=; sp_lit=VSP3O9ObEJca9K3epT5mEA==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.securesphere.net
referer: https://www.securesphere.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 00:54:52 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 03:46:44 GMT
server: fbs
etag: "4705-5c79a04df8228-gzip"
vary: Accept-Encoding,User-Agent
x-hw: 1632358491.cds122.fr8.hn,1632358491.cds109.fr8.sc,1632358492.cdn2-wafbe04-fra1.stackpath.systems.-.wx,1632358492.cds109.fr8.p
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4930

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 505ms
151ms Script
application/x-javascript 104.97.21.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.8.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.97.21.152 Chennai, India, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-97-21-152.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 00:54:52 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 8F9489783A22706F
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=32562
accept-ranges: bytes
content-length: 948
x-amz-id-2: W2sBRIwovAV/BchMaHBrWG+dr2TRQV9V8jAzA7ZTnJ2tiNnpYjPHAGiU/ltNGJ8UC7B35ObhF4E=

GET
H2 200 / Show response
www.securesphere.net/sbbi/ Frame D192 7 KB
3 KB 19ms
19ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securesphere.net/sbbi/?sbbpg=sbbShell&gprid=GE
Requested by: Host: www.securesphere.net
URL: https://www.securesphere.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: 5864bee16f320a43c7c424514a4b5398f905a99311cfe660303b9ff67c771a88

Request headers

:method: GET
:authority: www.securesphere.net
:scheme: https
:path: /sbbi/?sbbpg=sbbShell&gprid=GE
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.securesphere.net/
accept-encoding: gzip, deflate, br
cookie: SPSI=420b0d6438ea55286ac193da9b936897; SPSE=iMz+jr603TCSZdnS/llJ7nmgKvwWl4/gWtWhxGJ2fvPmUjhkN0+4W4v0K8VJ9p4qbbg/1mlKNkxYX6GktTmYGw==; sbtsck=javefI5jleCDvslac5LsuxGc+IMaXgt6EmimIzfdWUlKB4=; UTGv2=h47658deb4021e8e3cfdf1b4e229d7f73119; spcsrf=741fd0155d7aac97c66f8ccab85b30f0; sp_lit=VSP3O9ObEJca9K3epT5mEA==; PRLST=GE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/

Response headers

date: Thu, 23 Sep 2021 00:54:51 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: fbs
x-accel-expires: 0
access-control-allow-origin: *
x-hw: 1632358491.cds122.fr8.hn,1632358491.cds266.fr8.sc,1632358491.cdn2-wafbe03-fra1.stackpath.systems.-.i,1632358491.cds266.fr8.p

GET
H2 200 cash27-1.png
www.securesphere.net/wp-content/uploads/2021/07/ 536 KB
537 KB 777ms
777ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securesphere.net/wp-content/uploads/2021/07/cash27-1.png
Requested by: Host: www.securesphere.net
URL: https://www.securesphere.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: 152d1617aee810956164f57f8682476aff542e6927ea6230bd1b825bd5b2a7b2

Request headers

:path: /wp-content/uploads/2021/07/cash27-1.png
pragma: no-cache
cookie: SPSI=420b0d6438ea55286ac193da9b936897; SPSE=iMz+jr603TCSZdnS/llJ7nmgKvwWl4/gWtWhxGJ2fvPmUjhkN0+4W4v0K8VJ9p4qbbg/1mlKNkxYX6GktTmYGw==; sbtsck=javefI5jleCDvslac5LsuxGc+IMaXgt6EmimIzfdWUlKB4=; UTGv2=h47658deb4021e8e3cfdf1b4e229d7f73119; spcsrf=741fd0155d7aac97c66f8ccab85b30f0; sp_lit=VSP3O9ObEJca9K3epT5mEA==; PRLST=GE
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.securesphere.net
referer: https://www.securesphere.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 00:54:52 GMT
last-modified: Tue, 13 Jul 2021 12:29:00 GMT
server: fbs
etag: "86183-5c70061f09f00"
x-hw: 1632358491.cds122.fr8.hn,1632358491.cds168.fr8.sc,1632358492.cdn2-redis01-fra1.stackpath.systems.-.wx,1632358492.cds168.fr8.p
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 549251

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855

Request headers

Referer
Origin: https://www.securesphere.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 dmtId3QF6u0 Show response
www.youtube.com/embed/ Frame 9A37 56 KB
25 KB 82ms
61ms Document
text/html 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/dmtId3QF6u0

Requested by

Host: www.securesphere.net
URL: https://www.securesphere.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

66e74ec70037294e9011c5318caaa6d4902aabe44f08569de28c0ba23bc6f9d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/dmtId3QF6u0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.securesphere.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 23 Sep 2021 00:54:51 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
report-to: {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=MXastL8Kgzc; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=tkvsiv20Slo; Domain=.youtube.com; Expires=Tue, 22-Mar-2022 00:54:51 GMT; Path=/; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK casino-3d-cover-slot-machines-and-roulette-with-cards-scene-art-vector-id1186931132
media.istockphoto.com/vectors/ 44 KB
45 KB 284ms
223ms Image
image/jpeg 13.224.193.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.istockphoto.com/vectors/casino-3d-cover-slot-machines-and-roulette-with-cards-scene-art-vector-id1186931132?k=6&m=1186931132&s=612x612&w=0&h=nTwUgw1Ek4HNtaz6AJtCRsvZZSPNcVtei43BEwX_VQI=
Requested by: Host: www.securesphere.net
URL: https://www.securesphere.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-27.fra2.r.cloudfront.net
Software: Kestrel /
Resource Hash: b368dc4aab715be8e164dba10429541deffd1b558bded779b961fdef540c7852

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 00:54:52 GMT
Via: 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 23 Sep 2021 00:54:52 GMT
Server: Kestrel
X-Edge-Origin-Shield-Skipped: 0
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=7776000
Content-Disposition: inline; filename=istockphoto-1186931132-612x612.jpg
X-Amz-Cf-Pop: FRA2-C1
Link: </vectors/casino-3d-cover-slot-machines-and-roulette-with-cards-scene-art-vector-id1186931132>; rel= "canonical"
Content-Length: 45478
X-Amz-Cf-Id: IKTTr2_xRscxtF7MfZ7RenNIs47uCKSREBhb1x5TycCVeVr0vOGH1Q==

GET
H2 200 cash2.png
www.securesphere.net/wp-content/uploads/2021/07/ 575 KB
576 KB 782ms
781ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securesphere.net/wp-content/uploads/2021/07/cash2.png
Requested by: Host: www.securesphere.net
URL: https://www.securesphere.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: fbs /
Resource Hash: 41d37ee04611156fe31d009bda07afc8f37577a90228b45fd073f0e8e2d5c1b0

Request headers

:path: /wp-content/uploads/2021/07/cash2.png
pragma: no-cache
cookie: SPSI=420b0d6438ea55286ac193da9b936897; SPSE=iMz+jr603TCSZdnS/llJ7nmgKvwWl4/gWtWhxGJ2fvPmUjhkN0+4W4v0K8VJ9p4qbbg/1mlKNkxYX6GktTmYGw==; sbtsck=javefI5jleCDvslac5LsuxGc+IMaXgt6EmimIzfdWUlKB4=; UTGv2=h47658deb4021e8e3cfdf1b4e229d7f73119; spcsrf=741fd0155d7aac97c66f8ccab85b30f0; sp_lit=VSP3O9ObEJca9K3epT5mEA==; PRLST=GE
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.securesphere.net
referer: https://www.securesphere.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 00:54:52 GMT
last-modified: Tue, 13 Jul 2021 12:29:05 GMT
server: fbs
etag: "8fcb4-5c70062364708"
x-hw: 1632358491.cds122.fr8.hn,1632358491.cds201.fr8.sc,1632358492.cdn2-wafbe04-fra1.stackpath.systems.-.wx,1632358492.cds201.fr8.p
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 588980

GET
H2 200 www-player-webp.css
www.youtube.com/s/player/202721c6/ Frame 9A37 329 KB
46 KB 8ms
7ms Stylesheet
text/css 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/202721c6/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dmtId3QF6u0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

sffe /

Resource Hash

5c548c151337a815c681c21526d74a2a18d333af03de18c3416b7ecbec5efa49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dmtId3QF6u0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:44:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 205833
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46356
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 00:16:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 20 Sep 2022 15:44:18 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/202721c6/www-embed-player.vflset/ Frame 9A37 201 KB
66 KB 13ms
13ms Script
text/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/202721c6/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dmtId3QF6u0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

sffe /

Resource Hash

d246d268ccbb30f7aadd23581fb30e4e790b9570fe1906c8ecbaa451427dc283

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dmtId3QF6u0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 14:35:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67318
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 00:16:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 22 Sep 2022 14:35:43 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/ Frame 9A37 2 MB
505 KB 18ms
18ms Script
text/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dmtId3QF6u0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

sffe /

Resource Hash

0fc4119bc1cbfb84c3decc599049a609d37530c85c6272d2babb5e6f8aea51d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dmtId3QF6u0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:44:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 205798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 517198
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 00:16:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 20 Sep 2022 15:44:53 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/202721c6/fetch-polyfill.vflset/ Frame 9A37 8 KB
3 KB 11ms
10ms Script
text/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/202721c6/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dmtId3QF6u0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dmtId3QF6u0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 12:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43681
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 00:16:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 22 Sep 2022 12:46:50 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9A37 15 KB
15 KB 31ms
6ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dmtId3QF6u0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 19:58:13 GMT
x-content-type-options: nosniff
age: 190598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Sep 2022 19:58:13 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 9A37
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
161 B

30ms
16ms

XHR
application/json

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dmtId3QF6u0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

f86c787de07d769ead79fef887c7daee15835cb70603f4e2de4ad4cd6602f8f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 00:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 23 Sep 2021 00:54:52 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 9A37 29 B
424 B 29ms
6ms Script
text/javascript 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/202721c6/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 00:42:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 714
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 23 Sep 2021 00:57:58 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/ Frame 9A37 95 KB
29 KB 8ms
7ms Script
text/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

sffe /

Resource Hash

375ed48cd9e95d6226f860a4e264e95d284f7f2e1afd3e273a487b523a4667b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dmtId3QF6u0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:44:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 205798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29973
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 00:16:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 20 Sep 2022 15:44:54 GMT

GET
H2 200 EWy-AQV1UPoR_yYiMIFOvRAIrcYXYpRYkvBHwHw3rlg.js Show response
www.google.com/js/th/ Frame 9A37 35 KB
14 KB 50ms
15ms Script
text/javascript 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/EWy-AQV1UPoR_yYiMIFOvRAIrcYXYpRYkvBHwHw3rlg.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.132 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f132.1e100.net

Software

sffe /

Resource Hash

116cbe01057550fa11ff262230814ebd1008adc61762945892f047c07c37ae58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 05:14:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13227
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 14:30:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 22 Sep 2022 05:14:53 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/ Frame 9A37 25 KB
7 KB 7ms
7ms Script
text/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

sffe /

Resource Hash

6fc0154a9a3bb9f72d51c7dc2438412bf3e5b7fd637af7947d78ba3260e20d21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dmtId3QF6u0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:44:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 205798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7353
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 00:16:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 20 Sep 2022 15:44:54 GMT

GET
DATA 200
OK truncated
/ Frame 9A37 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 XyR2c8ILFYsifH-ibG9U34PqJsDzdGNZ3O-t0_BSxaXh_t8_iaB7dZ5csy9z7hIQmBMsvkOATQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 9A37 4 KB
4 KB 41ms
19ms Image
image/jpeg 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/XyR2c8ILFYsifH-ibG9U34PqJsDzdGNZ3O-t0_BSxaXh_t8_iaB7dZ5csy9z7hIQmBMsvkOATQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dmtId3QF6u0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

fife /

Resource Hash

a66187a43496a138a5f80fe0872ed395c28447e7268de590b4363daadc07fe6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 00:54:52 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3826
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 18 Sep 2021 01:30:37 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/dmtId3QF6u0/ Frame 9A37 62 KB
62 KB 29ms
7ms Image
image/jpeg 142.250.185.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/dmtId3QF6u0/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dmtId3QF6u0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.214 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f22.1e100.net

Software

sffe /

Resource Hash

2e1dae85e2a2e4487b2ac870995bbe5a1bec4185694d675a2f271ff118839956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 23:15:33 GMT
x-content-type-options: nosniff
age: 5959
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63033
x-xss-protection: 0
server: sffe
etag: "1606069824"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Sep 2021 01:15:33 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 9A37 4 KB
3 KB 38ms
16ms Script
text/javascript 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 00:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview"
expires: Thu, 23 Sep 2021 00:54:52 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 9A37 0
9 B 7ms
6ms Image
text/plain 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?QdzAfg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/dmtId3QF6u0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f14.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dmtId3QF6u0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 00:54:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 341ms
205ms Script
application/javascript 104.106.1.225
AS6453

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=614bd05b5e36a757&bkl=0&bl=1&pdt=854&sid=614bd05b5e36a757&pub=wp-231fcc56c1ab7d236530083fabf23c2b&rev=v8.28.8-wp&ln=en&pc=wpp&cb=0&ab=-&dp=www.securesphere.net&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=2&gen=100&chr=UTF-8&colc=1632358492184&wpv=wpp-6.2.6&addthis_plugin_info=%7B%22info_status%22%3A%22enabled%22%2C%22cms_name%22%3A%22WordPress%22%2C%22plugin_name%22%3A%22Share%20Buttons%20by%20AddThis%22%2C%22plugin_version%22%3A%226.2.6%22%2C%22plugin_mode%22%3A%22WordPress%22%2C%22anonymous_profile_id%22%3A%22wp-231fcc56c1ab7d236530083fabf23c2b%22%2C%22page_info%22%3A%7B%22template%22%3A%22home%22%2C%22post_type%22%3A%22%22%7D%2C%22sharing_enabled_on_post_via_metabox%22%3Afalse%7D&jsl=1&uvs=614bd05bfd83a0f3000&skipb=1&callback=addthis.cbs.jsonp__488568417960597130
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.8.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.106.1.225 Atlanta, United States, ASN6453 (AS6453, US),
Reverse DNS: a104-106-1-225.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 379b9fcb863bd3e741c0547c90c88203253696fee953f908cf64f1d9dbb0a014

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Sep 2021 00:54:52 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 093A 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 5CA7 71 KB
26 KB 122ms
121ms Document
text/html 104.106.1.225
AS6453

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.8.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.106.1.225 Atlanta, United States, ASN6453 (AS6453, US),

Reverse DNS

a104-106-1-225.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.securesphere.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Thu, 23 Sep 2021 00:54:52 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/93/ Frame 9A37 52 KB
15 KB 40ms
16ms Script
text/javascript 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/93/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

d7a0b5f26abc2ee8452715addae1516723a88843bfb0a8b80537f4c334caf22d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 21:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15359
x-xss-protection: 0
last-modified: Mon, 12 Jul 2021 15:09:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Thu, 23 Sep 2021 21:05:47 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 122ms
121ms Script
application/javascript 104.106.1.225
AS6453

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.8.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.106.1.225 Atlanta, United States, ASN6453 (AS6453, US),

Reverse DNS

a104-106-1-225.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.securesphere.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Thu, 23 Sep 2021 00:54:52 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 9A37 28 B
50 B 22ms
21ms XHR
application/json 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/202721c6/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/dmtId3QF6u0
X-YouTube-Client-Version: 1.20210919.0.0
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgt0a3ZzaXYyMFNsbyjboK-KBg%3D%3D
X-YouTube-Ad-Signals: dt=1632358491934&flash=0&frm=2&u_tz&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java&u_nplug=3&u_nmime=4&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1532%2C400&vis=1&wgl=true&ca_type=image&bid=ANyPxKpoUn64KyF9jQY3qlWMMmzknS5564t6B-ciAQKMLzCFkDCH5ha1_C7Wj-I_LhoayeeAqcbtPfulW2bso_6dKi7M_Pn7JA

Response headers

date: Thu, 23 Sep 2021 00:54:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.securesphere.net/	1969-12-31 23:59:59	Name: SPSI Value: 420b0d6438ea55286ac193da9b936897
www.securesphere.net/	1969-12-31 23:59:59	Name: SPSE Value: iMz+jr603TCSZdnS/llJ7nmgKvwWl4/gWtWhxGJ2fvPmUjhkN0+4W4v0K8VJ9p4qbbg/1mlKNkxYX6GktTmYGw==
www.securesphere.net/	1970-01-19 21:27:24	Name: sbtsck Value: javefI5jleCDvslac5LsuxGc+IMaXgt6EmimIzfdWUlKB4=
www.securesphere.net/	1970-01-20 01:45:10	Name: UTGv2 Value: h47658deb4021e8e3cfdf1b4e229d7f73119
www.securesphere.net/	1970-01-19 21:26:05	Name: spcsrf Value: 741fd0155d7aac97c66f8ccab85b30f0
www.securesphere.net/	1970-01-19 21:25:58	Name: sp_lit Value: VSP3O9ObEJca9K3epT5mEA==
www.securesphere.net/	1969-12-31 23:59:59	Name: PRLST Value: GE
www.securesphere.net/	1969-12-31 23:59:59	Name: adOtr Value: 0b2d44036e8
.pixabay.com/	1970-01-19 21:26:00	Name: __cf_bm Value: yGKRD3f8QIh_i_4EUzY5Ii096R7gj5cI7_BIjb_knnI-1632358491-0-AbtiJ2JMM11mzpIa+8jMQD2nMbWcWs+ZJY8In/8NqwHdyjBUeXvwloHSIt1DjKHDaaUG4XNHzRUOST6hiLoH3yA=
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: MXastL8Kgzc
.youtube.com/	1970-01-20 01:45:10	Name: VISITOR_INFO1_LIVE Value: tkvsiv20Slo
.doubleclick.net/	1970-01-20 14:57:10	Name: IDE Value: AHWqTUn4YFdTdj7ktauAi32KKYmWJ1HtM6HPim3eBdWoTlqrbKjPMKjGJkP0SeYM
www.securesphere.net/	1970-01-20 06:54:46	Name: __atuvc Value: 1%7C38
www.securesphere.net/	1970-01-19 21:26:00	Name: __atuvs Value: 614bd05bfd83a0f3000
.addthis.com/	1970-01-20 06:54:46	Name: uvc Value: 1%7C38
.addthis.com/	1970-01-20 06:54:46	Name: loc Value: MDAwMDBFVURFQlcyMjc4MTg5ODAwNDAwMDBDSA==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.securesphere.net/ Message: Mixed Content: The page at 'https://www.securesphere.net/' was loaded over HTTPS, but requested an insecure element 'http://www.securesphere.net/wp-content/uploads/2021/07/cash2.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.securesphere.net/ Message: Mixed Content: The page at 'https://www.securesphere.net/' was loaded over HTTPS, but requested an insecure element 'http://www.securesphere.net/wp-content/uploads/2021/07/cash2.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.pixabay.com
dailyblogging.com.au
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
m.addthis.com
media.istockphoto.com
s7.addthis.com
static.doubleclick.net
www.google.com
www.gstatic.com
www.securesphere.net
www.youtube.com
yt3.ggpht.com
z.moatads.com
s7.addthis.com
104.106.1.225
104.18.20.183
104.97.21.152
13.224.193.27
142.250.181.225
142.250.185.131
142.250.185.174
142.250.185.214
142.250.185.226
142.250.186.35
142.250.74.198
151.139.128.11
216.172.184.14
216.58.212.132
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf
0fc4119bc1cbfb84c3decc599049a609d37530c85c6272d2babb5e6f8aea51d4
116cbe01057550fa11ff262230814ebd1008adc61762945892f047c07c37ae58
152d1617aee810956164f57f8682476aff542e6927ea6230bd1b825bd5b2a7b2
2721cb3be7704be75a403489d609671fab74269a881ca8b62f1b47f118c02a76
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2e1dae85e2a2e4487b2ac870995bbe5a1bec4185694d675a2f271ff118839956
375ed48cd9e95d6226f860a4e264e95d284f7f2e1afd3e273a487b523a4667b3
379b9fcb863bd3e741c0547c90c88203253696fee953f908cf64f1d9dbb0a014
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41d37ee04611156fe31d009bda07afc8f37577a90228b45fd073f0e8e2d5c1b0
5864bee16f320a43c7c424514a4b5398f905a99311cfe660303b9ff67c771a88
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c548c151337a815c681c21526d74a2a18d333af03de18c3416b7ecbec5efa49
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
66e74ec70037294e9011c5318caaa6d4902aabe44f08569de28c0ba23bc6f9d2
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69467173551bf73a9f25f34a135328872a799c8141955980c8417a8ba95ca36a
6f7decc07dcdb6ac2f6be96754df226986aeec9447ef36e2a9d1657fa9929135
6fc0154a9a3bb9f72d51c7dc2438412bf3e5b7fd637af7947d78ba3260e20d21
739276e5a7ea7d73da64ba87ceb4391d741f11f5db349becacea6b64b7c73088
76aba5d4e5db7eb218d6a1378af48dcc252d19e159d7340681b8b723b32d403a
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
927d5436967ebce8a52c4bdcd27cc056c910a72270f74990dfbd1d554840c12d
a217a61ae73ceb5d9227b2f76ddaf561dfcf321b5220060df6f603b4497cd16f
a66187a43496a138a5f80fe0872ed395c28447e7268de590b4363daadc07fe6a
aa502aa1d315243f049bc1865dd756e1b4a1d72b3bbd9cfd92648213df61a8ad
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b368dc4aab715be8e164dba10429541deffd1b558bded779b961fdef540c7852
baf8828391506949eb0166ac5c749a408ec19301ea0ca8a4a5934952666179ef
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
d155160aea288964eebe06a362795ab879ed657ca75f7ca60d5a1c8e9fe05d7b
d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb
d246d268ccbb30f7aadd23581fb30e4e790b9570fe1906c8ecbaa451427dc283
d24ab7fea2fc94eadea42d13410cacfda39529c9adfdc2d5fdd1d700afc9baf4
d4ea1e6128116fd885867ad8c3ac03277b0e939ce42ea638319169a72bbb0707
d7a0b5f26abc2ee8452715addae1516723a88843bfb0a8b80537f4c334caf22d
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f86c787de07d769ead79fef887c7daee15835cb70603f4e2de4ad4cd6602f8f3

www.securesphere.net Open in urlscan Pro 151.139.128.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

48 %HTTPS

0 %IPv6

12 Domains

15 Subdomains

15 IPs

3 Countries

2482 kBTransfer

5076 kBSize

16 Cookies

6 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.securesphere.net Open in urlscan Pro
151.139.128.11 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

48 %
HTTPS

0 %
IPv6

12
Domains

15
Subdomains

15
IPs

3
Countries

2482 kB
Transfer

5076 kB
Size

16
Cookies

52 HTTP transactions
3 data transactions