sand.thesandbox.repl.co Open in urlscan Pro
35.186.245.55 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428
Submission: On January 15 via manual (January 15th 2022, 1:54:51 pm UTC) from EG — Scanned from DE

Summary HTTP 59 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 22 domains to perform 59 HTTP transactions. The main IP is 35.186.245.55, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is sand.thesandbox.repl.co.
TLS certificate: Issued by R3 on November 29th 2021. Valid for: 3 months.

This is the only time sand.thesandbox.repl.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
4	35.186.245.55 35.186.245.55	15169 (GOOGLE) (GOOGLE)
1	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
1	104.18.29.199 104.18.29.199	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	67.202.94.86 67.202.94.86	32748 (STEADFAST) (STEADFAST)
4	158.69.139.226 158.69.139.226	16276 (OVH) (OVH)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
2	192.0.77.40 192.0.77.40	2635 (AUTOMATTIC) (AUTOMATTIC)
1	143.204.98.115 143.204.98.115	16509 (AMAZON-02) (AMAZON-02)
1	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
9 9	199.232.192.193 199.232.192.193	54113 (FASTLY) (FASTLY)
9	151.101.12.193 151.101.12.193	54113 (FASTLY) (FASTLY)
1	2606:4700:20:... 2606:4700:20::ac43:4739	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	159.203.161.83 159.203.161.83	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	52.222.214.22 52.222.214.22	16509 (AMAZON-02) (AMAZON-02)
1 1	169.50.137.182 169.50.137.182	36351 (SOFTLAYER) (SOFTLAYER)
1	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2 2	54.166.203.135 54.166.203.135	14618 (AMAZON-AES) (AMAZON-AES)
1 2	3.124.83.68 3.124.83.68	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:7::... 2606:4700:7::a29f:9804	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	67.202.105.32 67.202.105.32	32748 (STEADFAST) (STEADFAST)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	13.35.253.70 13.35.253.70	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	13.225.80.9 13.225.80.9	16509 (AMAZON-02) (AMAZON-02)
59	28

4 35.186.245.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.245.186.35.bc.googleusercontent.com

sand.thesandbox.repl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.29.199 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.94.86 (United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 158.69.139.226 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip226.ip-158-69-139.net

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.77.40 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: assets.tumblr.com

static.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-115.fra50.r.cloudfront.net

data-beacons.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 199.232.192.193 (United States) 9 redirects

ASN54113 (FASTLY, US)

imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4739 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.203.161.83 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: lb4.ny1.dtscdn.com

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-22.fra56.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.182 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.166.203.135 (United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-203-135.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.83.68 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-83-68.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:7::a29f:9804 (United States)

ASN13335 (CLOUDFLARENET, US)

glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-70.fra6.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.80.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-9.fra2.r.cloudfront.net

onetag-geo-grouping.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	imgur.com 9 redirects imgur.com — Cisco Umbrella Rank: 3893 i.imgur.com — Cisco Umbrella Rank: 5301	359 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 91	734 KB
9	tynt.com de.tynt.com — Cisco Umbrella Rank: 1127 cdn.tynt.com — Cisco Umbrella Rank: 6692 ic.tynt.com — Cisco Umbrella Rank: 3828	8 KB
4	s-onetag.com data-beacons.s-onetag.com — Cisco Umbrella Rank: 12976 get.s-onetag.com — Cisco Umbrella Rank: 3312 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 3801 onetag-geo-grouping.s-onetag.com — Cisco Umbrella Rank: 24236	14 KB
4	dtscout.com t.dtscout.com — Cisco Umbrella Rank: 13169	6 KB
4	repl.co sand.thesandbox.repl.co	272 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 static.doubleclick.net — Cisco Umbrella Rank: 341	1 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	33 KB
2	medium.com glyph.medium.com — Cisco Umbrella Rank: 19531	40 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 254	1 KB
2	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 458	1022 B
2	tumblr.com static.tumblr.com — Cisco Umbrella Rank: 33080	574 KB
2	amung.us whos.amung.us — Cisco Umbrella Rank: 14480	286 B
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 112	10 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 224	2 KB
1	google.com www.google.com — Cisco Umbrella Rank: 8	14 KB
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 701	348 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 631	602 B
1	dtscdn.com t.dtscdn.com — Cisco Umbrella Rank: 14729	407 B
1	waust.at waust.at — Cisco Umbrella Rank: 40332	7 KB
1	twimg.com pbs.twimg.com — Cisco Umbrella Rank: 691	7 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 541	30 KB
59	22

	Domain	Requested by
9	www.youtube.com	sand.thesandbox.repl.co www.youtube.com
9	i.imgur.com	sand.thesandbox.repl.co
9	imgur.com	9 redirects
7	ic.tynt.com	sand.thesandbox.repl.co
4	t.dtscout.com	sand.thesandbox.repl.co waust.at t.dtscout.com
4	sand.thesandbox.repl.co	sand.thesandbox.repl.co
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	glyph.medium.com	static.tumblr.com
2	x.bidswitch.net	1 redirects sand.thesandbox.repl.co
2	i.liadm.com	2 redirects
2	static.tumblr.com	sand.thesandbox.repl.co
2	whos.amung.us	sand.thesandbox.repl.co waust.at
1	onetag-geo-grouping.s-onetag.com	get.s-onetag.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	onetag-geo.s-onetag.com	get.s-onetag.com
1	fonts.gstatic.com	www.youtube.com
1	ce.lijit.com	sand.thesandbox.repl.co
1	um.simpli.fi	1 redirects
1	get.s-onetag.com	sand.thesandbox.repl.co
1	t.dtscdn.com	sand.thesandbox.repl.co
1	waust.at	sand.thesandbox.repl.co
1	pbs.twimg.com	sand.thesandbox.repl.co
1	data-beacons.s-onetag.com	sand.thesandbox.repl.co
1	code.jquery.com	sand.thesandbox.repl.co
1	cdn.tynt.com	sand.thesandbox.repl.co
1	de.tynt.com	sand.thesandbox.repl.co
59	30

This site contains links to these domains. Also see Links.

Domain
medium.com
whos.amung.us

Subject Issuer	Validity	Valid
thesandbox.repl.co R3	`2021-11-29` - `2022-02-27`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
whos.amung.us Sectigo RSA Domain Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh
*.dtscout.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
tumblr.com DigiCert SHA2 Extended Validation Server CA	`2020-07-09` - `2022-04-14`	2 years	crt.sh
*.s-onetag.com Amazon	`2022-01-04` - `2023-02-01`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-08-04` - `2022-08-03`	a year	crt.sh
*.dtscdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-04` - `2022-12-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
medium.com Cloudflare Inc ECC CA-3	`2021-12-28` - `2022-03-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428
Frame ID: C449D334BDB08138C9DD7EACFCB401D4
Requests: 48 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Zg5vcdEeLOA
Frame ID: 84C46F4B809724900C43FD622E060BA5
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

200 K $Sand SandBox Airdrop – Medium

Detected technologies

Medium (Blogs) Expand

Overall confidence: 100%
Detected patterns

medium\.com

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

59
Requests

80 %
HTTPS

40 %
IPv6

22
Domains

30
Subdomains

28
IPs

5
Countries

2156 kB
Transfer

4281 kB
Size

13
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://medium.com/
Title: Homepage

Search URL Search Domain Scan URL

URL: https://medium.com/membership?source=upgrade_membership---nav_full
Title: Become a member

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?redirect=https%3A%2F%2Fmedium.com%2F%40Natalixxxx98%2Fmcafee-crypto-extravaganza-SandBox-and-eth-airdrop-promo-d0f0afa4999f&source=--------------------------nav_reg&operation=login
Title: Sign in

Search URL Search Domain Scan URL

URL: https://medium.com/?source=post_header_lockup

Search URL Search Domain Scan URL

URL: https://medium.com/?source=footer_card

Search URL Search Domain Scan URL

URL: https://medium.com/@cryptorand

Search URL Search Domain Scan URL

URL: https://medium.com/@AleksandarSvetski

Search URL Search Domain Scan URL

URL: https://medium.com/@ThisIsKlinger

Search URL Search Domain Scan URL

URL: https://medium.com/@crpto3332
Title: Digital Asset Investor

Search URL Search Domain Scan URL

URL: https://medium.com/@e434534egwer

Search URL Search Domain Scan URL

URL: https://medium.com/@NateRubenRDM

Search URL Search Domain Scan URL

URL: https://medium.com/p/d0f0afa4999f/share/twitter

Search URL Search Domain Scan URL

URL: https://medium.com/p/d0f0afa4999f/share/facebook

Search URL Search Domain Scan URL

URL: https://medium.com/@Medium/personalize-your-medium-experience-with-users-publications-tags-26a41ab1ee0c#.hx4zuv3mg
Title: Learn more

Search URL Search Domain Scan URL

URL: https://whos.amung.us/stats/kralbenim/
Title: 7

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://imgur.com/fxEuNMj.jpg HTTP 301
https://i.imgur.com/fxEuNMj.jpg

Request Chain 14

https://imgur.com/EmRUP3S.jpg HTTP 301
https://i.imgur.com/EmRUP3S.jpg

Request Chain 15

https://imgur.com/ZmO7j4s.jpg HTTP 301
https://i.imgur.com/ZmO7j4s.jpg

Request Chain 16

https://imgur.com/GOV2rh7.jpg HTTP 301
https://i.imgur.com/GOV2rh7.jpg

Request Chain 17

https://imgur.com/kKTtsr7.jpg HTTP 301
https://i.imgur.com/kKTtsr7.jpg

Request Chain 18

https://imgur.com/EyAtCTu.jpg HTTP 301
https://i.imgur.com/EyAtCTu.jpg

Request Chain 19

https://imgur.com/WzzWZyq.jpg HTTP 301
https://i.imgur.com/WzzWZyq.jpg

Request Chain 20

https://imgur.com/ULdp2iV.jpg HTTP 301
https://i.imgur.com/ULdp2iV.jpg

Request Chain 21

https://imgur.com/fzSkCnJ.jpg HTTP 301
https://i.imgur.com/fzSkCnJ.jpg

Request Chain 25

https://um.simpli.fi/lj_match?r=71464 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=FAFF7609C871450BBE6945FDD1E984A4

Request Chain 26

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=e0bcc290d7676ad1492f74d8 HTTP 303
https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=e0bcc290d7676ad1492f74d8&_li_chk=true&previous_uuid=72cf9a4e80144c29a209c51f5e3ca309 HTTP 303
https://x.bidswitch.net/sync?dsp_id=42&user_id= HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=

Request Chain 45

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

59 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
sand.thesandbox.repl.co/ 197 KB
197 KB 387ms
176ms Document
text/html 35.186.245.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.245.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.245.186.35.bc.googleusercontent.com

Software

Resource Hash

c278e7a2226a4ff57f328e3baad9a7a85c5471ca7995634e2ff03f16e0077499

Security Headers

Name	Value
Strict-Transport-Security	max-age=3737385; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-type: text/html; charset=utf-8
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=3737385; includeSubDomains
content-length: 201665
date: Sat, 15 Jan 2022 13:54:42 GMT

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
202 B 368ms
119ms Script
application/javascript 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!kralbenim&dn=TC&cc=1&r=
Requested by: Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 13:54:41 GMT
cache-control: max-age=86400
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Sun, 16 Jan 2022 13:54:42 GMT

GET
H2 200 tc.js Show response
cdn.tynt.com/ 17 KB
7 KB 130ms
60ms Script
application/javascript 104.18.29.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.29.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 13:54:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 20:58:45 GMT
server: cloudflare
age: 34166
etag: W/"61295205-431d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6cdf98f74e95699b-FRA
expires: Tue, 18 Jan 2022 13:54:42 GMT

GET
H2 200 / Show response
whos.amung.us/pingjs/ 27 B
143 B 375ms
119ms Script
text/javascript 67.202.94.86
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=kralbenim&t=200%20K%20SandBox%20Elon%20Musk%20Airdrop%20%E2%80%93%20Medium&c=d&x=https%3A%2F%2Fspace-x-bounty.xbounty.repl.co%2F&y=&a=0&v=27&r=5585
Requested by: Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.94.86 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: b18536f5f4a521eca7b78ce6f3658ed1563dd069d138daee2d32848c28ed8b5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 13:54:42 GMT
content-encoding: gzip
content-type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK / Show response
t.dtscout.com/i/ 2 KB
3 KB 373ms
105ms Script
application/javascript 158.69.139.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fspace-x-bounty.xbounty.repl.co%2F&j=
Requested by: Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.226 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-158-69-139.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 13:54:42 GMT
X-T: 2.29
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: mtl1
Expires: Sat, 15 Jan 2022 13:54:41 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 60ms
22ms Script
application/javascript 2001:4de0:ac18::1:a:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 13:54:42 GMT
content-encoding: gzip
last-modified: Wed, 01 May 2019 21:14:27 GMT
server: nginx
etag: W/"5cca0c33-15851"
vary: Accept-Encoding
x-hw: 1642254882.dop229.fr8.t,1642254882.cds253.fr8.hn,1642254882.cds261.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30638

GET
H2 200 m2.css
static.tumblr.com/bejxdgc/NDhpx23f1/ 64 KB
64 KB 117ms
13ms Stylesheet
text/css 192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tumblr.com/bejxdgc/NDhpx23f1/m2.css

Requested by

Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

29e89f00341d65ffbab6fdfce78f7e42a1daf4bda2e3615ad9466e2ce47760ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sat, 15 Jan 2022 13:54:42 GMT
last-modified: Fri, 30 Aug 2019 15:37:50 GMT
server: nginx
etag: "376dd17dad7defb0a0c4f2d99445382f"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 65054

GET
H2 200 main-branding-base.css
static.tumblr.com/bejxdgc/H7hpx23gv/ 510 KB
511 KB 117ms
13ms Stylesheet
text/css 192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tumblr.com/bejxdgc/H7hpx23gv/main-branding-base.css

Requested by

Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

be9a62a389ef14e5aa7c9c7ef9f7bec271ecce1f86aa8f0cdcc9a5e3acf7948e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sat, 15 Jan 2022 13:54:42 GMT
last-modified: Fri, 30 Aug 2019 15:38:57 GMT
server: nginx
etag: "0acc5b1299f898a0c3a615c3aab31699"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 522276

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ 0
262 B 380ms
108ms Script
application/javascript 158.69.139.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=space-x-bounty.xbounty.repl.co&_ss=1qrll4v9cm&_pv=4&_ls=620&_cc=tn&_pl=d&_b=opera%4080&_cbid=1atb&_cb=_dtspv.c
Requested by: Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.226 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-158-69-139.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 13:54:42 GMT
X-T: 0.227
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Sat, 15 Jan 2022 13:54:41 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ 6 KB
2 KB 95ms
16ms Script
text/javascript 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31e12a7a30e633b99dc01daa1c2064b8b78098f5d9cccfe3aad2d2904125a775

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: syrhL4HxyQ94RzTlcl0y8HYCMGvvMWLr
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 16:31:37 GMT
server: AmazonS3
age: 2534
etag: W/"5ff42869b876a4eddafd981cab0b8818"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control: max-age=3600
date: Sat, 15 Jan 2022 13:12:29 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: pMkd9BvVPzgDCvRKZaq6B25PA5R0iXXHNm91hWKsC7wwB3gPDj1YAA==

GET
H2 200 logo.png
sand.thesandbox.repl.co/ 2 KB
2 KB 184ms
180ms Image
image/png 35.186.245.55
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sand.thesandbox.repl.co/logo.png

Requested by

Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.245.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.245.186.35.bc.googleusercontent.com

Software

Resource Hash

52605a3494e19813cea4c39f8d725ecfd822ba227d528de70b4d615368f429d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=3737385; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=3737385; includeSubDomains
replit-cluster: global
date: Sat, 15 Jan 2022 13:54:42 GMT
content-length: 1743
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type: image/png

GET
H2 404 1UATD6Vui-5Xa4Vb2QAOtbg_002.png
sand.thesandbox.repl.co/medium/ 4 KB
4 KB 182ms
179ms Image
text/html 35.186.245.55
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sand.thesandbox.repl.co/medium/1UATD6Vui-5Xa4Vb2QAOtbg_002.png

Requested by

Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.245.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.245.186.35.bc.googleusercontent.com

Software

Resource Hash

05a08327e34fcb3cb99cbd6ee41aae57fcd6c386001de5ab25d136f170dc486b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3737385; includeSubDomains

Request headers

Referer: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428
Origin: https://sand.thesandbox.repl.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=3737385; includeSubDomains
replit-cluster: global
date: Sat, 15 Jan 2022 13:54:42 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type: text/html; charset=utf-8

GET
H2 200 test123.jpg
sand.thesandbox.repl.co/ 69 KB
69 KB 174ms
171ms Image
image/jpeg 35.186.245.55
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sand.thesandbox.repl.co/test123.jpg

Requested by

Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.245.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.245.186.35.bc.googleusercontent.com

Software

Resource Hash

91dcf75f840edf72accefbf2f333f55c5266082ba53ecff67ecf2f88eee84c60

Security Headers

Name	Value
Strict-Transport-Security	max-age=3737385; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=3737385; includeSubDomains
replit-cluster: global
date: Sat, 15 Jan 2022 13:54:42 GMT
content-length: 70629
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type: image/jpeg

GET
H2 200 pXvMgIpb_400x400.jpg
pbs.twimg.com/profile_images/1245646911530385416/ 6 KB
7 KB 96ms
22ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1245646911530385416/pXvMgIpb_400x400.jpg

Requested by

Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674D) /

Resource Hash

5b209ef1a852caa73dabdcfb3a9852d877034db402efe34523f518bf1b14ad42

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 13:54:42 GMT
x-content-type-options: nosniff
age: 275461
x-cache: HIT
content-length: 6238
x-response-time: 108
surrogate-key: profile_images profile_images/bucket/8 profile_images/1245646911530385416
last-modified: Thu, 02 Apr 2020 09:37:01 GMT
server: ECS (frb/674D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 82cf4e3c7e44bc20fb8eadb6fac1c08bca5437f5796bac12d765e92458a2bb03
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2

200

fxEuNMj.jpg
i.imgur.com/
Redirect Chain

https://imgur.com/fxEuNMj.jpg
https://i.imgur.com/fxEuNMj.jpg

59 KB
59 KB

112ms
48ms

Image
image/png

151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/fxEuNMj.jpg

Requested by

Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428

Protocol

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

0bf49c44b081b5734010a8ba3fd13b7c85d9c500cb1f5451b37b7054c212b4a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 13:54:42 GMT
x-content-type-options: nosniff
age: 3908862
x-cache: HIT, HIT
content-length: 60348
x-served-by: cache-bwi5128-BWI, cache-fra19130-FRA
last-modified: Tue, 29 Jun 2021 18:15:14 GMT
server: cat factory 1.0
x-timer: S1642254883.813581,VS0,VE4
etag: "a4e7831d2b27dc6b4c16ebf842d4fc77"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

Redirect headers

date: Sat, 15 Jan 2022 13:54:42 GMT
server: cat factory 1.0
x-timer: S1642254883.632561,VS0,VE0
x-frame-options: DENY
x-cache: HIT
location: https://i.imgur.com/fxEuNMj.jpg
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: false
x-cache-hits: 0
strict-transport-security: max-age=300
accept-ranges: bytes
access-control-allow-origin: https://imgur.com
content-length: 0
retry-after: 0
x-served-by: cache-hhn4021-HHN

GET
H2

200

EmRUP3S.jpg
i.imgur.com/
Redirect Chain

https://imgur.com/EmRUP3S.jpg
https://i.imgur.com/EmRUP3S.jpg

6 KB
7 KB

107ms
43ms

Image
image/jpeg

151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/EmRUP3S.jpg

Requested by

Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428

Protocol

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

f9d10459c0e3e0b29ebdae9a54c33abc5b95071d43006fb6b17cbf7608036173

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 13:54:42 GMT
x-content-type-options: nosniff
age: 4590942
x-cache: HIT, HIT
content-length: 6569
x-served-by: cache-bwi5148-BWI, cache-fra19130-FRA
last-modified: Tue, 29 Jun 2021 18:16:08 GMT
server: cat factory 1.0
x-timer: S1642254883.813828,VS0,VE2
etag: "799ffed6fed295650a2a7b16559fec5d"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

Redirect headers

date: Sat, 15 Jan 2022 13:54:42 GMT
server: cat factory 1.0
x-timer: S1642254883.632663,VS0,VE0
x-frame-options: DENY
x-cache: HIT
location: https://i.imgur.com/EmRUP3S.jpg
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: false
x-cache-hits: 0
strict-transport-security: max-age=300
accept-ranges: bytes
access-control-allow-origin: https://imgur.com
content-length: 0
retry-after: 0
x-served-by: cache-hhn4021-HHN

GET
H2

200

ZmO7j4s.jpg
i.imgur.com/
Redirect Chain

https://imgur.com/ZmO7j4s.jpg
https://i.imgur.com/ZmO7j4s.jpg

78 KB
78 KB

111ms
48ms

Image
image/jpeg

151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/ZmO7j4s.jpg

Requested by

Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428

Protocol

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

8414c30a198206c39659a3480d99d096bbc830911bae3a1ca7022d500d548c3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 13:54:42 GMT
x-content-type-options: nosniff
age: 784155
x-cache: HIT, HIT
content-length: 79366
x-served-by: cache-iad-kiad7000084-IAD, cache-fra19130-FRA
last-modified: Tue, 29 Jun 2021 18:17:20 GMT
server: cat factory 1.0
x-timer: S1642254883.813713,VS0,VE2
etag: "a94e4504f7c70c06596ff03e670c709c"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

Redirect headers

date: Sat, 15 Jan 2022 13:54:42 GMT
server: cat factory 1.0
x-timer: S1642254883.632705,VS0,VE0
x-frame-options: DENY
x-cache: HIT
location: https://i.imgur.com/ZmO7j4s.jpg
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: false
x-cache-hits: 0
strict-transport-security: max-age=300
accept-ranges: bytes
access-control-allow-origin: https://imgur.com
content-length: 0
retry-after: 0
x-served-by: cache-hhn4021-HHN

GET
H2

200

GOV2rh7.jpg
i.imgur.com/
Redirect Chain

https://imgur.com/GOV2rh7.jpg
https://i.imgur.com/GOV2rh7.jpg

102 KB
102 KB

79ms
15ms

Image
image/jpeg

151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/GOV2rh7.jpg

Requested by

Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428

Protocol

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

8f70c1bb63bcd03623b5c8b4cb078b9b3bdc931692522bf49967d6a57ec0a9c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 13:54:42 GMT
x-content-type-options: nosniff
age: 5037854
x-cache: HIT, HIT, HIT
content-length: 104379
x-served-by: cache-bwi5139-BWI, cache-iad-kjyo7100094-IAD, cache-fra19130-FRA
last-modified: Tue, 29 Jun 2021 18:18:27 GMT
server: cat factory 1.0
x-timer: S1642254883.813669,VS0,VE1
etag: "5d2a503ea94c137158664a118c52ff02"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1, 1

Redirect headers

date: Sat, 15 Jan 2022 13:54:42 GMT
server: cat factory 1.0
x-timer: S1642254883.632781,VS0,VE0
x-frame-options: DENY
x-cache: HIT
location: https://i.imgur.com/GOV2rh7.jpg
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: false
x-cache-hits: 0
strict-transport-security: max-age=300
accept-ranges: bytes
access-control-allow-origin: https://imgur.com
content-length: 0
retry-after: 0
x-served-by: cache-hhn4021-HHN

GET
H2

200

kKTtsr7.jpg
i.imgur.com/
Redirect Chain

https://imgur.com/kKTtsr7.jpg
https://i.imgur.com/kKTtsr7.jpg

18 KB
18 KB

111ms
48ms

Image
image/jpeg

151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/kKTtsr7.jpg

Requested by

Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428

Protocol

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

03d71e2470a7b7f26c4eeb073b600f56acee001873b872df9f72065ac6f07132

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 13:54:42 GMT
x-content-type-options: nosniff
age: 4520571
x-cache: HIT, HIT, HIT
content-length: 18464
x-served-by: cache-bwi5182-BWI, cache-iad-kiad7000072-IAD, cache-fra19130-FRA
last-modified: Tue, 29 Jun 2021 18:19:21 GMT
server: cat factory 1.0
x-timer: S1642254883.813883,VS0,VE2
etag: "103a2af7e51e1b79446a3b570ce4de62"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1, 1

Redirect headers

date: Sat, 15 Jan 2022 13:54:42 GMT
server: cat factory 1.0
x-timer: S1642254883.632830,VS0,VE0
x-frame-options: DENY
x-cache: HIT
location: https://i.imgur.com/kKTtsr7.jpg
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: false
x-cache-hits: 0
strict-transport-security: max-age=300
accept-ranges: bytes
access-control-allow-origin: https://imgur.com
content-length: 0
retry-after: 0
x-served-by: cache-hhn4021-HHN

GET
H2

200

EyAtCTu.jpg
i.imgur.com/
Redirect Chain

https://imgur.com/EyAtCTu.jpg
https://i.imgur.com/EyAtCTu.jpg

31 KB
31 KB

110ms
48ms

Image
image/jpeg

151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/EyAtCTu.jpg

Requested by

Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428

Protocol

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

2d1196c31e454364bf96cc774bfd0da0e0fca248b334e2084d5f27fbc489d12d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 13:54:42 GMT
x-content-type-options: nosniff
age: 4591130
x-cache: HIT, HIT, HIT
content-length: 31406
x-served-by: cache-bwi5133-BWI, cache-iad-kcgs7200030-IAD, cache-fra19130-FRA
last-modified: Tue, 29 Jun 2021 18:20:10 GMT
server: cat factory 1.0
x-timer: S1642254883.814113,VS0,VE2
etag: "923066db3173660015afa2cc2ace6e31"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1, 1

Redirect headers

date: Sat, 15 Jan 2022 13:54:42 GMT
server: cat factory 1.0
x-timer: S1642254883.682100,VS0,VE1
x-frame-options: DENY
x-cache: HIT
location: https://i.imgur.com/EyAtCTu.jpg
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: false
x-cache-hits: 0
strict-transport-security: max-age=300
accept-ranges: bytes
access-control-allow-origin: https://imgur.com
content-length: 0
retry-after: 0
x-served-by: cache-hhn4021-HHN

GET
H2

200

WzzWZyq.jpg
i.imgur.com/
Redirect Chain

https://imgur.com/WzzWZyq.jpg
https://i.imgur.com/WzzWZyq.jpg

19 KB
20 KB

106ms
44ms

Image
image/jpeg

151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/WzzWZyq.jpg

Requested by

Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428

Protocol

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

4370ae6c750b86a4ed5409ac3278fc076573eb04ed16619174ef01ed15f5f724

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 13:54:42 GMT
x-content-type-options: nosniff
age: 4603608
x-cache: HIT, HIT, HIT
content-length: 19834
x-served-by: cache-bwi5128-BWI, cache-iad-kjyo7100078-IAD, cache-fra19130-FRA
last-modified: Tue, 29 Jun 2021 18:35:51 GMT
server: cat factory 1.0
x-timer: S1642254883.814048,VS0,VE1
etag: "43933e2340c67d75328e84815489b409"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1, 1

Redirect headers

date: Sat, 15 Jan 2022 13:54:42 GMT
server: cat factory 1.0
x-timer: S1642254883.682207,VS0,VE0
x-frame-options: DENY
x-cache: HIT
location: https://i.imgur.com/WzzWZyq.jpg
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: false
x-cache-hits: 0
strict-transport-security: max-age=300
accept-ranges: bytes
access-control-allow-origin: https://imgur.com
content-length: 0
retry-after: 0
x-served-by: cache-hhn4021-HHN

GET
H2

200

ULdp2iV.jpg
i.imgur.com/
Redirect Chain

https://imgur.com/ULdp2iV.jpg
https://i.imgur.com/ULdp2iV.jpg

15 KB
15 KB

110ms
47ms

Image
image/jpeg

151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/ULdp2iV.jpg

Requested by

Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428

Protocol

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

fc5fe349128c5c34464403ff2c77de78b74f24ec0f38c7919cd3603060667531

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 13:54:42 GMT
x-content-type-options: nosniff
age: 155430
x-cache: HIT, HIT
content-length: 15501
x-served-by: cache-iad-kcgs7200074-IAD, cache-fra19130-FRA
last-modified: Tue, 29 Jun 2021 18:36:44 GMT
server: cat factory 1.0
x-timer: S1642254883.814015,VS0,VE2
etag: "f479c6c8318ffbd03029cbbdcdd0abc9"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

Redirect headers

date: Sat, 15 Jan 2022 13:54:42 GMT
server: cat factory 1.0
x-timer: S1642254883.682267,VS0,VE0
x-frame-options: DENY
x-cache: HIT
location: https://i.imgur.com/ULdp2iV.jpg
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: false
x-cache-hits: 0
strict-transport-security: max-age=300
accept-ranges: bytes
access-control-allow-origin: https://imgur.com
content-length: 0
retry-after: 0
x-served-by: cache-hhn4021-HHN

GET
H2

200

fzSkCnJ.jpg
i.imgur.com/
Redirect Chain

https://imgur.com/fzSkCnJ.jpg
https://i.imgur.com/fzSkCnJ.jpg

28 KB
28 KB

111ms
49ms

Image
image/jpeg

151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/fzSkCnJ.jpg

Requested by

Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428

Protocol

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

e1dcf10c94027fc9946bc9aaa7eb98cdec4d81b9c0693e2ab2959746f1043075

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 13:54:42 GMT
x-content-type-options: nosniff
age: 786959
x-cache: HIT, HIT
content-length: 28578
x-served-by: cache-iad-kcgs7200045-IAD, cache-fra19130-FRA
last-modified: Tue, 29 Jun 2021 18:37:28 GMT
server: cat factory 1.0
x-timer: S1642254883.825019,VS0,VE2
etag: "1871e36dee49a62c4afddd68e10e8e3d"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

Redirect headers

date: Sat, 15 Jan 2022 13:54:42 GMT
server: cat factory 1.0
x-timer: S1642254883.682368,VS0,VE0
x-frame-options: DENY
x-cache: HIT
location: https://i.imgur.com/fzSkCnJ.jpg
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: false
x-cache-hits: 0
strict-transport-security: max-age=300
accept-ranges: bytes
access-control-allow-origin: https://imgur.com
content-length: 0
retry-after: 0
x-served-by: cache-hhn4021-HHN

GET
H2 200 d.js Show response
waust.at/ 13 KB
7 KB 113ms
33ms Script
application/x-javascript 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/d.js
Requested by: Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 13:54:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2254
last-modified: Mon, 03 May 2021 17:48:53 GMT
server: cloudflare
etag: W/"60903785-3444"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WhwpMe8zgzQlyL3uTJwzyZffN256r7HhIVJ%2BJk0Kme24OztUKabe%2BsXmPC%2B7lii7rnAgye0s5H9ZTlalBvgZK00opJCgf%2Bbt14hzg0LpgzfSSmM%2BjQeJ0TFul9F6cDnAwL%2BVEb5A"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6cdf98f93f8c4abd-FRA
expires: Sun, 16 Jan 2022 13:17:08 GMT

GET
H/1.1 200
OK / Show response
t.dtscdn.com/widget/ 0
407 B 464ms
103ms Script
application/javascript 159.203.161.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=4C301636478842A2FF0096B493457169&nid=0&p=2114454483&t=-60&s=1536x864x24&u=https%3A%2F%2Fspace-x-bounty.xbounty.repl.co%2F&r=
Requested by: Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.203.161.83 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: lb4.ny1.dtscdn.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 13:16:15 GMT
X-T: 0.82
x-server: web12.ny1.dtscdn.com
Cache-Control: no-cache
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Expires: Sat, 15 Jan 2022 13:16:14 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 30 KB
10 KB 73ms
20ms Script
text/javascript 52.222.214.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-22.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 13:27:46 GMT
server: AmazonS3
age: 38052
etag: W/"a1c6ef0f57fd5dc66dd46feb78238adf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Sat, 15 Jan 2022 03:20:31 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: xUetWSEUiAHLKIsG_kRP00HO9sAG7u8AnC9UVrsOqZb9m_prylYqCg==

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match?r=71464
https://ce.lijit.com/merge?pid=2&3pid=FAFF7609C871450BBE6945FDD1E984A4

0
348 B

82ms
29ms

Image
text/plain

72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=FAFF7609C871450BBE6945FDD1E984A4
Requested by: Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428
Protocol: HTTP/1.1
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 15 Jan 2022 13:54:42 GMT
X-MERGE: GDPR Optout true
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sat, 15 Jan 2022 13:54:42 GMT
x-content-type-options: nosniff
server: nginx
location: https://ce.lijit.com/merge?pid=2&3pid=FAFF7609C871450BBE6945FDD1E984A4
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Fri, 14 Jan 2022 13:54:42 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=e0bcc290d7676ad1492f74d8
https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=e0bcc290d7676ad1492f74d8&_li_chk=true&previous_uuid=72cf9a4e80144c29a209c51f5e3ca309
https://x.bidswitch.net/sync?dsp_id=42&user_id=
https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=

43 B
495 B

17ms
17ms

Image
image/gif

3.124.83.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=
Requested by: Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428
Protocol: HTTP/1.1
Server: 3.124.83.68 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-83-68.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 13:54:43 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=
Date: Sat, 15 Jan 2022 13:54:43 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 Zg5vcdEeLOA Show response
www.youtube.com/embed/ Frame 84C4 59 KB
25 KB 129ms
79ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Zg5vcdEeLOA

Requested by

Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f87508df89dbcfca63e05b60e18d521620ea0a0080559c2e1dd0d21574f53b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 15 Jan 2022 13:54:42 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa98238b98383829699b89aa8d4b2835dd6856dc85e3d7525ac22b0b12d07e69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c3c5f2623afaaa4ad6af8048c6e37fa1a4ead58a7a00c5d0b680f09b6850eab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1de21730854ea4db035a81914cb0bd57aa74d715af6f89b46a2d002917ca1ed

Request headers

Referer
Origin: https://sand.thesandbox.repl.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: font/opentype

GET
H2 200 fell-400-normal.woff
glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 24 KB
25 KB 122ms
51ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/fell-400-normal.woff

Requested by

Host: static.tumblr.com
URL: https://static.tumblr.com/bejxdgc/NDhpx23f1/m2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8fed51ae35ba9d9c900b99b774df79551240e4954aa5bdd2289cf32d64c1715

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.tumblr.com/
Origin: https://sand.thesandbox.repl.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 13:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 979856
x-envoy-upstream-service-time: 68
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6cdf98f8bf387037-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sun, 15 Jan 2023 13:54:42 GMT

GET
DATA 200
OK truncated
/ 15 KB
15 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff4c91bf9cb91b2fb2e0344577754e3f2ade240aa8d8d8db0171901c9115feb1

Request headers

Referer
Origin: https://sand.thesandbox.repl.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: font/opentype

GET
H2 200 charter-700-normal.woff
glyph.medium.com/font/f50d520/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 15 KB
15 KB 122ms
51ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/f50d520/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-700-normal.woff

Requested by

Host: static.tumblr.com
URL: https://static.tumblr.com/bejxdgc/NDhpx23f1/m2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

582a04757d62c3d9ad1c9cc5d7e40787a900fd02b3aeace43d41008a7658d071

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.tumblr.com/
Origin: https://sand.thesandbox.repl.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 13:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6883288
x-envoy-upstream-service-time: 53
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6cdf98f8bf397037-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Sun, 15 Jan 2023 13:54:42 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99a9df080944a29084bf6f88ccc49b1f3a0cee1aed655c640ca433871a6af398

Request headers

Referer
Origin: https://sand.thesandbox.repl.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: font/opentype

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 364ms
115ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=&lm=0&ts=1642254882769&dn=TC&iso=0&img=banner.jpg&ct=%F0%9F%93%A5Sandbox%20presents%20the%20Biggest%20Crypto%20Giveaway&t=200%20K%20%24Sand%20SandBox%20Airdrop%20%E2%80%93%20Medium&cu=https%3A%2F%2Fsand.thesandbox.repl.co%2F
Requested by: Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 13:54:43 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 www-player-webp.css
www.youtube.com/s/player/18da33ed/ Frame 84C4 340 KB
47 KB 21ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/18da33ed/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Zg5vcdEeLOA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f71e3dfe76ba6bd96a9474751c9baaf5fd53a3ca529cc6dd8bfb2efdfce74e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Zg5vcdEeLOA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 15:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 166133
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47601
x-xss-protection: 0
last-modified: Thu, 13 Jan 2022 01:19:38 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Jan 2023 15:45:49 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/18da33ed/www-embed-player.vflset/ Frame 84C4 276 KB
85 KB 37ms
33ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/18da33ed/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Zg5vcdEeLOA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfd1c401f85a0fd4319ecc0bcb96ab96857dde344d688d72cdc7a2e76771d2e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Zg5vcdEeLOA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 15:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 166153
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87025
x-xss-protection: 0
last-modified: Thu, 13 Jan 2022 01:19:38 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Jan 2023 15:45:29 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/18da33ed/player_ias.vflset/de_DE/ Frame 84C4 2 MB
538 KB 55ms
52ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/18da33ed/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Zg5vcdEeLOA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425af8c8a91e02519947b7ba05781052c0decfb8703586f047ec492938deece7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Zg5vcdEeLOA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 15:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 166153
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 550271
x-xss-protection: 0
last-modified: Thu, 13 Jan 2022 01:19:38 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Jan 2023 15:45:29 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/18da33ed/fetch-polyfill.vflset/ Frame 84C4 8 KB
3 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/18da33ed/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Zg5vcdEeLOA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Zg5vcdEeLOA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 15:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 166153
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Thu, 13 Jan 2022 01:19:38 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Jan 2023 15:45:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 84C4 15 KB
16 KB 62ms
17ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Zg5vcdEeLOA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 334081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 11 Jan 2023 17:06:41 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/i/ 2 KB
3 KB 331ms
111ms Script
application/javascript 158.69.139.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fsand.thesandbox.repl.co%2F%3Ffbclid%3DIwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428&j=
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.226 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-158-69-139.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 13:54:43 GMT
X-T: 1.732
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: mtl1
Expires: Sat, 15 Jan 2022 13:54:42 GMT

GET
H2 200 / Show response
whos.amung.us/pingjs/ 27 B
143 B 120ms
118ms Script
text/javascript 67.202.94.86
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=kralbenim&t=200%20K%20%24Sand%20SandBox%20Airdrop%20%E2%80%93%20Medium&c=d&x=https%3A%2F%2Fsand.thesandbox.repl.co%2F%3Ffbclid%3DIwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428&y=&a=0&v=27&r=2673
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.94.86 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: b18536f5f4a521eca7b78ce6f3658ed1563dd069d138daee2d32848c28ed8b5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 13:54:42 GMT
content-encoding: gzip
content-type: text/javascript;charset=UTF-8

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
958 B 378ms
325ms Fetch
application/json 13.35.253.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-70.fra6.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 13:54:43 GMT
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront), 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1, FRA6-C1
x-amzn-requestid: d9b443ed-a745-4328-9ce3-c56e34c25bce
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: L_XFhEq5CYcFYag=
content-length: 555
x-amz-cf-id: V6bAz_niD3nAIMfORgOQKbQ35QFh0eD8ioc96hMdr9TH81X0VgZ3yw==

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 84C4
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

48ms
25ms

XHR
application/json

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Zg5vcdEeLOA

Protocol

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95b52cda7286b5eae018e35622241a62adda10343935492a7135f5217a819ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 13:54:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 15 Jan 2022 13:54:43 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 84C4 29 B
588 B 59ms
17ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/18da33ed/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 13:42:14 GMT
x-content-type-options: nosniff
age: 749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Jan 2022 13:57:14 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/18da33ed/player_ias.vflset/de_DE/ Frame 84C4 94 KB
29 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/18da33ed/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/18da33ed/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3502d777ff60e43e573afe9e72a4bcd11629bbd867912fe8963f6478d49ea67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Zg5vcdEeLOA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 15:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 166154
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29832
x-xss-protection: 0
last-modified: Thu, 13 Jan 2022 01:19:38 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Jan 2023 15:45:29 GMT

GET
H2 200 FjGXrOA92DxJ-Ge86N2biEiRBuR_i7UVJS4njUqtT8A.js Show response
www.google.com/js/th/ Frame 84C4 35 KB
14 KB 56ms
16ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/FjGXrOA92DxJ-Ge86N2biEiRBuR_i7UVJS4njUqtT8A.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/18da33ed/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

163197ace03dd83c49f867bce8dd9b88489106e47f8bb515252e278d4aad4fc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 10:54:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 97218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13347
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 11:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Jan 2023 10:54:25 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/18da33ed/player_ias.vflset/de_DE/ Frame 84C4 26 KB
7 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/18da33ed/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/18da33ed/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d72743788e3208d8963ecf1c530712eb02493222a40fde522a4e712473d9ac62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Zg5vcdEeLOA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 15:45:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 166153
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7632
x-xss-protection: 0
last-modified: Thu, 13 Jan 2022 01:19:38 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Jan 2023 15:45:30 GMT

GET
DATA 200
OK truncated
/ Frame 84C4 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLSNemYaNUbXHnQkjN1nfRPFB8DX6RCTp0qISWHKKw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 84C4 2 KB
2 KB 83ms
17ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLSNemYaNUbXHnQkjN1nfRPFB8DX6RCTp0qISWHKKw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Zg5vcdEeLOA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

18c94547d28b1af8b5ca1612fdc2905098fc619c08591dd08a49c4ea906aabba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 12:10:24 GMT
x-content-type-options: nosniff
age: 6259
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2162
x-xss-protection: 0
server: fife
etag: "v1a3"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 13 Nov 2021 13:39:55 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/Zg5vcdEeLOA/ Frame 84C4 9 KB
10 KB 82ms
16ms Image
image/webp 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/Zg5vcdEeLOA/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Zg5vcdEeLOA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0b42741faa7c371239961fab8aa244235dcd972c3e9111b0592d0c57bcf36f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 13:21:10 GMT
x-content-type-options: nosniff
age: 2013
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9718
x-xss-protection: 0
server: sffe
etag: "1629221464"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 15 Jan 2022 15:21:10 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ 50 B
317 B 330ms
112ms Script
application/javascript 158.69.139.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=sand.thesandbox.repl.co&_ss=2sxhfnuk7s&_pv=1&_ls=0&_u1=1&_u3=1&_cc=de&_pl=d&_cbid=1ut3&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fspace-x-bounty.xbounty.repl.co%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.226 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-158-69-139.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 82245bc14db5f18e91810ac630974c2b5b4f5718d33848742d69c11542b49dd4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 13:54:43 GMT
X-T: 0.15
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Sat, 15 Jan 2022 13:54:42 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 84C4 4 KB
3 KB 84ms
37ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/18da33ed/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 13:54:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 15 Jan 2022 13:54:43 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 84C4 0
9 B 17ms
16ms Image
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?f5Y6OA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/Zg5vcdEeLOA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Zg5vcdEeLOA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 13:54:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/97/ Frame 84C4 53 KB
15 KB 41ms
17ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/97/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1a9324c503cc885e5bf568d8c5de12c34c0adc3a4990d547a4514179108badd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 15:28:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15488
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 15:04:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Sat, 15 Jan 2022 15:28:12 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 115ms
114ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=&lm=0&ts=1642254882769&dn=TC&iso=0&img=banner.jpg&ct=%F0%9F%93%A5Sandbox%20presents%20the%20Biggest%20Crypto%20Giveaway&t=200%20K%20%24Sand%20SandBox%20Airdrop%20%E2%80%93%20Medium&cu=https%3A%2F%2Fsand.thesandbox.repl.co%2F
Requested by: Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 13:54:43 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 EU Show response
onetag-geo-grouping.s-onetag.com/regionalbloc/ 1 KB
842 B 85ms
26ms Fetch
application/json 13.225.80.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-9.fra2.r.cloudfront.net
Software: restify /
Resource Hash: 6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 13:42:45 GMT
content-encoding: gzip
server: restify
age: 718
vary: Accept-Encoding,origin
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: https://sand.thesandbox.repl.co
access-control-expose-headers: api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: ZvEGyRO7JB95xqS9f0cgDt92vH_sZ9WCba6kC7qxsNXDAzTcjeqfQw==
via: 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 115ms
114ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=&lm=0&ts=1642254882769&dn=TC&iso=0&img=banner.jpg&ct=%F0%9F%93%A5Sandbox%20presents%20the%20Biggest%20Crypto%20Giveaway&t=200%20K%20%24Sand%20SandBox%20Airdrop%20%E2%80%93%20Medium
Requested by: Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 13:54:43 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 117ms
117ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=&lm=0&ts=1642254882769&dn=TC&iso=0&img=banner.jpg&ct=%F0%9F%93%A5Sandbox%20presents%20the%20Biggest%20Crypto%20Giveaway
Requested by: Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 13:54:43 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 116ms
116ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=&lm=0&ts=1642254882769&dn=TC&iso=0&img=banner.jpg&ct=%F0%9F%93%A5Sandbox%20presents%20the%20Biggest%20Crypto%20Giveaway
Requested by: Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 13:54:43 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 115ms
114ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=&lm=0&ts=1642254882769&dn=TC&iso=0&img=banner.jpg
Requested by: Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 13:54:43 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 115ms
115ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=&lm=0&ts=1642254882769&dn=TC&iso=0
Requested by: Host: sand.thesandbox.repl.co
URL: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sand.thesandbox.repl.co/?fbclid=IwAR2ifwCo9ySc47XTpxS0UHki2nBSjF_Qf4JQh6zfqeVRRdr-ky0yGeKt428
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 13:54:44 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 84C4 28 B
54 B 31ms
31ms XHR
application/json 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/18da33ed/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Zg5vcdEeLOA
X-YouTube-Client-Version: 1.20220112.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtvU1FWSjZUeU54RSiipIuPBg%3D%3D
X-YouTube-Ad-Signals: dt=1642254882957&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C630%2C353&vis=1&wgl=true&ca_type=image

Response headers

date: Sat, 15 Jan 2022 13:54:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Sat, 15 Jan 2022 13:54:45 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 00:54:06	Name: _li_ss Value:
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 62pcwKb44_c
.youtube.com/	1970-01-20 04:30:06	Name: VISITOR_INFO1_LIVE Value: oSQVJ6TyNxE
.simpli.fi/	1970-01-20 08:57:57	Name: suid Value: FAFF7609C871450BBE6945FDD1E984A4
.dtscout.com/	1970-01-20 00:10:59	Name: m Value: 1
.dtscout.com/	1970-01-20 00:11:12	Name: b Value: 1
.dtscout.com/	1970-01-20 00:11:09	Name: oa Value: 1
.dtscout.com/	1970-01-20 02:34:54	Name: df Value: 1642254883
.dtscdn.com/	1970-01-20 04:28:40	Name: uid Value: 4C301636478842A2FF0096B493457169
.liadm.com/	1970-01-20 17:42:06	Name: lidid Value: 72cf9a4e-8014-4c29-a209-c51f5e3ca309
.bidswitch.net/	1970-01-20 08:56:30	Name: tuuid Value: a698af5e-24fe-42fa-b9ca-24bf7bfcbce7
.bidswitch.net/	1970-01-20 08:56:30	Name: c Value: 1642254883
.bidswitch.net/	1970-01-20 08:56:30	Name: tuuid_lu Value: 1642254883

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sand.thesandbox.repl.co/medium/1UATD6Vui-5Xa4Vb2QAOtbg_002.png Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=3737385; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.tynt.com
ce.lijit.com
code.jquery.com
data-beacons.s-onetag.com
de.tynt.com
fonts.gstatic.com
get.s-onetag.com
glyph.medium.com
googleads.g.doubleclick.net
i.imgur.com
i.liadm.com
i.ytimg.com
ic.tynt.com
imgur.com
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
pbs.twimg.com
sand.thesandbox.repl.co
static.doubleclick.net
static.tumblr.com
t.dtscdn.com
t.dtscout.com
um.simpli.fi
waust.at
whos.amung.us
www.google.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
104.18.29.199
13.225.80.9
13.35.253.70
143.204.98.115
151.101.12.193
158.69.139.226
159.203.161.83
169.50.137.182
192.0.77.40
199.232.192.193
2001:4de0:ac18::1:a:1a
2606:2800:134:fa2:1627:1fe:edb:1665
2606:4700:20::ac43:4739
2606:4700:7::a29f:9804
2a00:1450:4001:810::2002
2a00:1450:4001:812::200e
2a00:1450:4001:827::2003
2a00:1450:4001:827::2004
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2016
2a00:1450:4001:830::2003
2a00:1450:4001:831::2006
3.124.83.68
35.186.245.55
52.222.214.22
54.166.203.135
67.202.105.32
67.202.105.34
67.202.94.86
72.251.249.13
03d71e2470a7b7f26c4eeb073b600f56acee001873b872df9f72065ac6f07132
05a08327e34fcb3cb99cbd6ee41aae57fcd6c386001de5ab25d136f170dc486b
08f71e3dfe76ba6bd96a9474751c9baaf5fd53a3ca529cc6dd8bfb2efdfce74e
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0bf49c44b081b5734010a8ba3fd13b7c85d9c500cb1f5451b37b7054c212b4a7
163197ace03dd83c49f867bce8dd9b88489106e47f8bb515252e278d4aad4fc0
18c94547d28b1af8b5ca1612fdc2905098fc619c08591dd08a49c4ea906aabba
2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62
29e89f00341d65ffbab6fdfce78f7e42a1daf4bda2e3615ad9466e2ce47760ef
2d1196c31e454364bf96cc774bfd0da0e0fca248b334e2084d5f27fbc489d12d
31e12a7a30e633b99dc01daa1c2064b8b78098f5d9cccfe3aad2d2904125a775
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
425af8c8a91e02519947b7ba05781052c0decfb8703586f047ec492938deece7
4370ae6c750b86a4ed5409ac3278fc076573eb04ed16619174ef01ed15f5f724
52605a3494e19813cea4c39f8d725ecfd822ba227d528de70b4d615368f429d5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
582a04757d62c3d9ad1c9cc5d7e40787a900fd02b3aeace43d41008a7658d071
5b209ef1a852caa73dabdcfb3a9852d877034db402efe34523f518bf1b14ad42
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
82245bc14db5f18e91810ac630974c2b5b4f5718d33848742d69c11542b49dd4
8414c30a198206c39659a3480d99d096bbc830911bae3a1ca7022d500d548c3c
867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c
8c3c5f2623afaaa4ad6af8048c6e37fa1a4ead58a7a00c5d0b680f09b6850eab
8f70c1bb63bcd03623b5c8b4cb078b9b3bdc931692522bf49967d6a57ec0a9c6
8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd
91dcf75f840edf72accefbf2f333f55c5266082ba53ecff67ecf2f88eee84c60
95b52cda7286b5eae018e35622241a62adda10343935492a7135f5217a819ce4
99a9df080944a29084bf6f88ccc49b1f3a0cee1aed655c640ca433871a6af398
a1a9324c503cc885e5bf568d8c5de12c34c0adc3a4990d547a4514179108badd
b18536f5f4a521eca7b78ce6f3658ed1563dd069d138daee2d32848c28ed8b5e
be9a62a389ef14e5aa7c9c7ef9f7bec271ecce1f86aa8f0cdcc9a5e3acf7948e
bfd1c401f85a0fd4319ecc0bcb96ab96857dde344d688d72cdc7a2e76771d2e0
c278e7a2226a4ff57f328e3baad9a7a85c5471ca7995634e2ff03f16e0077499
c3502d777ff60e43e573afe9e72a4bcd11629bbd867912fe8963f6478d49ea67
d1de21730854ea4db035a81914cb0bd57aa74d715af6f89b46a2d002917ca1ed
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d72743788e3208d8963ecf1c530712eb02493222a40fde522a4e712473d9ac62
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e0b42741faa7c371239961fab8aa244235dcd972c3e9111b0592d0c57bcf36f6
e1dcf10c94027fc9946bc9aaa7eb98cdec4d81b9c0693e2ab2959746f1043075
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fed51ae35ba9d9c900b99b774df79551240e4954aa5bdd2289cf32d64c1715
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f87508df89dbcfca63e05b60e18d521620ea0a0080559c2e1dd0d21574f53b5a
f9d10459c0e3e0b29ebdae9a54c33abc5b95071d43006fb6b17cbf7608036173
fa98238b98383829699b89aa8d4b2835dd6856dc85e3d7525ac22b0b12d07e69
fc5fe349128c5c34464403ff2c77de78b74f24ec0f38c7919cd3603060667531
ff4c91bf9cb91b2fb2e0344577754e3f2ade240aa8d8d8db0171901c9115feb1

sand.thesandbox.repl.co Open in urlscan Pro 35.186.245.55 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

59 Requests

80 %HTTPS

40 %IPv6

22 Domains

30 Subdomains

28 IPs

5 Countries

2156 kBTransfer

4281 kBSize

13 Cookies

16 Outgoing links

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

sand.thesandbox.repl.co Open in urlscan Pro
35.186.245.55 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

80 %
HTTPS

40 %
IPv6

22
Domains

30
Subdomains

28
IPs

5
Countries

2156 kB
Transfer

4281 kB
Size

13
Cookies

59 HTTP transactions
7 data transactions