stopednow.com Open in urlscan Pro
2001:8d8:100f:f000::2ed Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.coverof.za.com/rxlfqq/rdukxkda302fvaajugb/afg9gzQ6K2wyonBRIKvCmhyjUQ0_wAh7HrdGzdpneTA/2u%20CjUnDsjXmbXQlYH5OD9F...
Effective URL:
https://stopednow.com/?hopId=307da86e-5d10-4289-8803-f07849222896&sib=1029411&h=afg9gzQ6K2wyonBRIKvCmhyjUQ0_wAh7HrdGzd...
Submission: On January 21 via manual (January 21st 2024, 3:50:39 am UTC) from QA — Scanned from DE

Summary HTTP 95 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 26 IPs in 3 countries across 20 domains to perform 95 HTTP transactions. The main IP is 2001:8d8:100f:f000::2ed, located in Germany and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is stopednow.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on May 30th 2023. Valid for: a year.

This is the only time stopednow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3035::6815:22fb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1 1	44.239.165.192 44.239.165.192	16509 (AMAZON-02) (AMAZON-02)
1 2	2001:8d8:100f... 2001:8d8:100f:f000::2ed	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1	35.202.21.90 35.202.21.90	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.107.203.240 34.107.203.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:36::15	15169 (GOOGLE) (GOOGLE)
1	18.66.192.39 18.66.192.39	16509 (AMAZON-02) (AMAZON-02)
23	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:237... 2600:9000:237d:d200:10:6a77:5f80:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	34.194.37.63 34.194.37.63	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c1f::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	35.192.151.63 35.192.151.63	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::2016	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
95	26

3 2606:4700:3035::6815:22fb (United States)

ASN13335 (CLOUDFLARENET, US)

www.coverof.za.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.239.165.192 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-165-192.us-west-2.compute.amazonaws.com

c9ebcctrzlgw7p9bhm59kzdyc8.hop.clickbank.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:8d8:100f:f000::2ed (Germany) 1 redirects

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

stopednow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.202.21.90 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.21.202.35.bc.googleusercontent.com

mennewsletter.lpages.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.203.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.203.107.34.bc.googleusercontent.com

static.leadpages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)

js.center.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-39.muc50.r.cloudfront.net

cdn.clickmagick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh5.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:d200:10:6a77:5f80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.provesrc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.194.37.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-37-63.compute-1.amazonaws.com

client-api.provesrc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1f::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.192.151.63 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.151.192.35.bc.googleusercontent.com

api.leadpages.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 46	467 KB
15	youtube.com www.youtube.com — Cisco Umbrella Rank: 75	2 MB
11	gstatic.com fonts.gstatic.com www.gstatic.com	175 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 jnn-pa.googleapis.com — Cisco Umbrella Rank: 220	82 KB
8	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 static.doubleclick.net — Cisco Umbrella Rank: 263	2 KB
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2616 www.google.com — Cisco Umbrella Rank: 2	40 KB
3	provesrc.com cdn.provesrc.com — Cisco Umbrella Rank: 104507 client-api.provesrc.com — Cisco Umbrella Rank: 80215	56 KB
3	ggpht.com lh5.ggpht.com — Cisco Umbrella Rank: 17045 yt3.ggpht.com — Cisco Umbrella Rank: 231	11 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	218 KB
3	za.com www.coverof.za.com	35 KB
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 93	80 KB
2	leadpages.io api.leadpages.io — Cisco Umbrella Rank: 40531	1014 B
2	google.de www.google.de — Cisco Umbrella Rank: 6518	515 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	center.io js.center.io — Cisco Umbrella Rank: 47100	8 KB
2	stopednow.com 1 redirects stopednow.com	707 B
1	clickmagick.com cdn.clickmagick.com	3 KB
1	leadpages.net static.leadpages.net — Cisco Umbrella Rank: 46777	26 KB
1	lpages.co mennewsletter.lpages.co	31 KB
1	clickbank.net 1 redirects c9ebcctrzlgw7p9bhm59kzdyc8.hop.clickbank.net	738 B
95	20

	Domain	Requested by
23	lh3.googleusercontent.com	mennewsletter.lpages.co stopednow.com
15	www.youtube.com	stopednow.com www.youtube.com
8	jnn-pa.googleapis.com	www.youtube.com
7	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
4	www.gstatic.com	www.youtube.com www.gstatic.com
4	googleads.g.doubleclick.net	2 redirects www.youtube.com
3	www.google.com	stopednow.com www.youtube.com
3	www.googletagmanager.com	www.coverof.za.com mennewsletter.lpages.co www.googletagmanager.com
3	www.coverof.za.com	www.coverof.za.com
2	yt3.ggpht.com	www.youtube.com
2	i.ytimg.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	api.leadpages.io	js.center.io
2	www.google.de	stopednow.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	client-api.provesrc.com	cdn.provesrc.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	js.center.io	www.coverof.za.com js.center.io
2	fonts.googleapis.com	mennewsletter.lpages.co cdn.provesrc.com
2	stopednow.com	1 redirects
1	region1.analytics.google.com	www.googletagmanager.com
1	cdn.provesrc.com	stopednow.com
1	lh5.ggpht.com	mennewsletter.lpages.co
1	cdn.clickmagick.com	mennewsletter.lpages.co
1	static.leadpages.net	mennewsletter.lpages.co
1	mennewsletter.lpages.co	stopednow.com
1	c9ebcctrzlgw7p9bhm59kzdyc8.hop.clickbank.net	1 redirects
95	27

This site contains links to these domains. Also see Links.

Domain
edpro82.pay.clickbank.net
www.clkbank.com
www.clickbank.com
docs.google.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.stopednow.com Encryption Everywhere DV TLS CA - G2	`2023-05-30` - `2024-05-29`	a year	crt.sh
*.lpages.co R3	`2023-11-29` - `2024-02-27`	3 months	crt.sh
static.leadpages.net GTS CA 1D4	`2023-12-14` - `2024-03-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
js.center.io GTS CA 1D4	`2024-01-04` - `2024-04-03`	3 months	crt.sh
*.clickmagick.com AlphaSSL CA - SHA256 - G4	`2023-02-23` - `2024-03-26`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.provesrc.com Amazon RSA 2048 M03	`2023-10-12` - `2024-11-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.leadpages.io R3	`2023-11-29` - `2024-02-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://stopednow.com/?hopId=307da86e-5d10-4289-8803-f07849222896&sib=1029411&h=afg9gzQ6K2wyonBRIKvCmhyjUQ0_wAh7HrdGzdpneTA/2u%20CjUnDsjXmbXQlYH5OD9F1MaLgvcQBx7PnYDjzem-EtJ6LocvrOUhfbQ7C2vOj1
Frame ID: 0FF92AF462A33556D3560BE7A7FF31DD
Requests: 52 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Qtg_XJrEO1w
Frame ID: A6584F8BB1DEF3173A595B74FF95D7A8
Requests: 19 HTTP requests in this frame

Frame: https://www.youtube.com/embed/9Szids-pTr8
Frame ID: 012CE62FECB93ED7D1249744AD7023E5
Requests: 20 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: E1BC213C5D359C77C5E4DD6D2385E6F9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Stop ED Now - Special Offer

Page URL History Show full URLs

http://www.coverof.za.com/rxlfqq/rdukxkda302fvaajugb/afg9gzQ6K2wyonBRIKvCmhyjUQ0_wAh7HrdGzdpneTA/2u%20... Page URL
http://www.coverof.za.com/offer.php?id=34&sib=1029411&h=afg9gzQ6K2wyonBRIKvCmhyjUQ0_wAh7HrdGzdpneTA/2u... Page URL
https://c9ebcctrzlgw7p9bhm59kzdyc8.hop.clickbank.net/?tid=__SUBID__&sib=1029411&h=afg9gzQ6K2wyonBRIKvCmhyjUQ0_wAh7HrdGzdpneTA/2u%... HTTP 307
http://stopednow.com/?hopId=307da86e-5d10-4289-8803-f07849222896&sib=1029411&h=afg9gzQ6K2wyonBRIK... HTTP 301
https://stopednow.com/?hopId=307da86e-5d10-4289-8803-f07849222896&sib=1029411&h=afg9gzQ6K2wyonBRIK... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

95
Requests

95 %
HTTPS

77 %
IPv6

20
Domains

27
Subdomains

26
IPs

3
Countries

3266 kB
Transfer

9134 kB
Size

13
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://edpro82.pay.clickbank.net/?cbitems=1&cbskin=23300&cbtimer=212&cbfid=38197&vtid=
Title: .css-1vapvqb{display:inline-block;vertical-align:middle;max-width:522px;}@media (max-width:530px){.site-header .composite .widget .css-1vapvqb{max-width:calc(100% - 80px);}}

Search URL Search Domain Scan URL

URL: https://www.clkbank.com/#!/
Title: here

Search URL Search Domain Scan URL

URL: https://www.clickbank.com/corp/support/
Title: Customer Support

Search URL Search Domain Scan URL

URL: https://docs.google.com/document/d/1mOYw1jm6GkFGMemclJKunEANFWx6lPPimBHiVtDz7Ko/edit?usp=sharing
Title: Affiliates

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.coverof.za.com/rxlfqq/rdukxkda302fvaajugb/afg9gzQ6K2wyonBRIKvCmhyjUQ0_wAh7HrdGzdpneTA/2u%20CjUnDsjXmbXQlYH5OD9F1MaLgvcQBx7PnYDjzem-EtJ6LocvrOUhfbQ7C2vOj1 Page URL
http://www.coverof.za.com/offer.php?id=34&sib=1029411&h=afg9gzQ6K2wyonBRIKvCmhyjUQ0_wAh7HrdGzdpneTA/2u%20CjUnDsjXmbXQlYH5OD9F1MaLgvcQBx7PnYDjzem-EtJ6LocvrOUhfbQ7C2vOj1 Page URL
https://c9ebcctrzlgw7p9bhm59kzdyc8.hop.clickbank.net/?tid=__SUBID__&sib=1029411&h=afg9gzQ6K2wyonBRIKvCmhyjUQ0_wAh7HrdGzdpneTA/2u%20CjUnDsjXmbXQlYH5OD9F1MaLgvcQBx7PnYDjzem-EtJ6LocvrOUhfbQ7C2vOj1 HTTP 307
http://stopednow.com/?hopId=307da86e-5d10-4289-8803-f07849222896&sib=1029411&h=afg9gzQ6K2wyonBRIKvCmhyjUQ0_wAh7HrdGzdpneTA/2u%20CjUnDsjXmbXQlYH5OD9F1MaLgvcQBx7PnYDjzem-EtJ6LocvrOUhfbQ7C2vOj1 HTTP 301
https://stopednow.com/?hopId=307da86e-5d10-4289-8803-f07849222896&sib=1029411&h=afg9gzQ6K2wyonBRIKvCmhyjUQ0_wAh7HrdGzdpneTA/2u%20CjUnDsjXmbXQlYH5OD9F1MaLgvcQBx7PnYDjzem-EtJ6LocvrOUhfbQ7C2vOj1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 74

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

95 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK 2u%20CjUnDsjXmbXQlYH5OD9F1MaLgvcQBx7PnYDjzem-EtJ6LocvrOUhfbQ7C2vOj1 Show response
www.coverof.za.com/rxlfqq/rdukxkda302fvaajugb/afg9gzQ6K2wyonBRIKvCmhyjUQ0_wAh7HrdGzdpneTA/ 1 KB
1 KB 535ms
361ms Document
text/html 2606:4700:3035::6815:22fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.coverof.za.com/rxlfqq/rdukxkda302fvaajugb/afg9gzQ6K2wyonBRIKvCmhyjUQ0_wAh7HrdGzdpneTA/2u%20CjUnDsjXmbXQlYH5OD9F1MaLgvcQBx7PnYDjzem-EtJ6LocvrOUhfbQ7C2vOj1
Protocol: HTTP/1.1
Server: 2606:4700:3035::6815:22fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74fe9e2e544524523d332bfe275a172aad5261881b912caf3f1425815ad642e8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 848c97fcb915c46b-EWR
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 21 Jan 2024 03:50:33 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69fsZxAXRSsXQ9rIwN7bcGakdsz0Hj28zFjUnui6EAu5fSmu6C4booMN41fAfMD7GJ9WEwYOqHMn6hrB6XMi2q63hVZvnMjk%2By4HKFudyk92GW%2F%2BYnY4hQ93uYeB2keZdhJyHgHrNG%2F2uc3yaA8Y8XI%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK jquery-1.11.0.min.js Show response
www.coverof.za.com/ 94 KB
33 KB 370ms
370ms Script
application/javascript 2606:4700:3035::6815:22fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.coverof.za.com/jquery-1.11.0.min.js
Requested by: Host: www.coverof.za.com
URL: http://www.coverof.za.com/rxlfqq/rdukxkda302fvaajugb/afg9gzQ6K2wyonBRIKvCmhyjUQ0_wAh7HrdGzdpneTA/2u%20CjUnDsjXmbXQlYH5OD9F1MaLgvcQBx7PnYDjzem-EtJ6LocvrOUhfbQ7C2vOj1
Protocol: HTTP/1.1
Server: 2606:4700:3035::6815:22fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.coverof.za.com/rxlfqq/rdukxkda302fvaajugb/afg9gzQ6K2wyonBRIKvCmhyjUQ0_wAh7HrdGzdpneTA/2u%20CjUnDsjXmbXQlYH5OD9F1MaLgvcQBx7PnYDjzem-EtJ6LocvrOUhfbQ7C2vOj1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 03:50:34 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Sun, 07 Jan 2024 11:46:37 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"659a8f1d-1787d"
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAaYHx1ADhXckClo8SYl6gmwDXSsQTyWC8WhsFuvoY0rtvfWqz9J%2F3WWOM7uyc0WFjDO9ywvpCP75c9u3Ws%2B5%2FUXN5rKfGMj2rMgQbifORxel5CeeYUtK5c7KyLUnQYkHZwb9LUGbOlF7ZBfRc1LLOc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Vary: Accept-Encoding
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 848c97fefb5cc46b-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 188 KB
68 KB 146ms
53ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-22484186-3

Requested by

Host: www.coverof.za.com
URL: http://www.coverof.za.com/rxlfqq/rdukxkda302fvaajugb/afg9gzQ6K2wyonBRIKvCmhyjUQ0_wAh7HrdGzdpneTA/2u%20CjUnDsjXmbXQlYH5OD9F1MaLgvcQBx7PnYDjzem-EtJ6LocvrOUhfbQ7C2vOj1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a5fa71747610ba961f3638505b1eedb8f9dff5c53a3036a54e101d89175130ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.coverof.za.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69339
x-xss-protection: 0
last-modified: Sun, 21 Jan 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 21 Jan 2024 03:50:34 GMT

GET
H/1.1 200
OK offer.php Show response
www.coverof.za.com/ 373 B
938 B 247ms
247ms Document
text/html 2606:4700:3035::6815:22fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.coverof.za.com/offer.php?id=34&sib=1029411&h=afg9gzQ6K2wyonBRIKvCmhyjUQ0_wAh7HrdGzdpneTA/2u%20CjUnDsjXmbXQlYH5OD9F1MaLgvcQBx7PnYDjzem-EtJ6LocvrOUhfbQ7C2vOj1
Requested by: Host: www.coverof.za.com
URL: http://www.coverof.za.com/rxlfqq/rdukxkda302fvaajugb/afg9gzQ6K2wyonBRIKvCmhyjUQ0_wAh7HrdGzdpneTA/2u%20CjUnDsjXmbXQlYH5OD9F1MaLgvcQBx7PnYDjzem-EtJ6LocvrOUhfbQ7C2vOj1
Protocol: HTTP/1.1
Server: 2606:4700:3035::6815:22fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d99cb6a8b9e697dc2d4abb52b11284ef427e21c0d401c389bb631460da40fffc

Request headers

Referer: http://www.coverof.za.com/rxlfqq/rdukxkda302fvaajugb/afg9gzQ6K2wyonBRIKvCmhyjUQ0_wAh7HrdGzdpneTA/2u%20CjUnDsjXmbXQlYH5OD9F1MaLgvcQBx7PnYDjzem-EtJ6LocvrOUhfbQ7C2vOj1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 848c98019ebbc46b-EWR
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 21 Jan 2024 03:50:34 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X13escvx2%2FmKU4hJd9UhBAS3Hxo%2B191dTcONPyzxUigzs7uQCpL%2FpK4zs7Zw0MxbSCfWXh3ViVSqtE%2BSw7FLincau1o4xyoeMEJ4ZFZFNyUsQOAQT9DXzCCb9%2BNcUcDmPATOjN7c7wWr0R1QWILX5tM%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400

GET
H2

200

Primary Request / Show response
stopednow.com/
Redirect Chain

https://c9ebcctrzlgw7p9bhm59kzdyc8.hop.clickbank.net/?tid=__SUBID__&sib=1029411&h=afg9gzQ6K2wyonBRIKvCmhyjUQ0_wAh7HrdGzdpneTA/2u%20CjUnDsjXmbXQlYH5OD9F1MaLgvcQBx7PnYDjzem-EtJ6LocvrOUhfbQ7C2vOj1
http://stopednow.com/?hopId=307da86e-5d10-4289-8803-f07849222896&sib=1029411&h=afg9gzQ6K2wyonBRIKvCmhyjUQ0_wAh7HrdGzdpneTA/2u%20CjUnDsjXmbXQlYH5OD9F1MaLgvcQBx7PnYDjzem-EtJ6LocvrOUhfbQ7C2vOj1
https://stopednow.com/?hopId=307da86e-5d10-4289-8803-f07849222896&sib=1029411&h=afg9gzQ6K2wyonBRIKvCmhyjUQ0_wAh7HrdGzdpneTA/2u%20CjUnDsjXmbXQlYH5OD9F1MaLgvcQBx7PnYDjzem-EtJ6LocvrOUhfbQ7C2vOj1

279 B
303 B

152ms
55ms

Document
text/html

2001:8d8:100f:f000::2ed
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://stopednow.com/?hopId=307da86e-5d10-4289-8803-f07849222896&sib=1029411&h=afg9gzQ6K2wyonBRIKvCmhyjUQ0_wAh7HrdGzdpneTA/2u%20CjUnDsjXmbXQlYH5OD9F1MaLgvcQBx7PnYDjzem-EtJ6LocvrOUhfbQ7C2vOj1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::2ed , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 0b57353e0c0435ff68fb52d3d812b3e43cba2cfd4ca651c8ba87b44a4dd715cf

Request headers

Referer: http://www.coverof.za.com/offer.php?id=34&sib=1029411&h=afg9gzQ6K2wyonBRIKvCmhyjUQ0_wAh7HrdGzdpneTA/2u%20CjUnDsjXmbXQlYH5OD9F1MaLgvcQBx7PnYDjzem-EtJ6LocvrOUhfbQ7C2vOj1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 21 Jan 2024 03:50:35 GMT
etag: W/"117-57b40caacd100"
last-modified: Thu, 22 Nov 2018 13:24:52 GMT
server: Apache

Redirect headers

Connection: keep-alive
Content-Length: 407
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 21 Jan 2024 03:50:35 GMT
Keep-Alive: timeout=15
Location: https://stopednow.com/?hopId=307da86e-5d10-4289-8803-f07849222896&sib=1029411&h=afg9gzQ6K2wyonBRIKvCmhyjUQ0_wAh7HrdGzdpneTA/2u%20CjUnDsjXmbXQlYH5OD9F1MaLgvcQBx7PnYDjzem-EtJ6LocvrOUhfbQ7C2vOj1
Server: Apache

GET
H2 200 / Show response
mennewsletter.lpages.co/_/js/special-offer/ 199 KB
31 KB 615ms
291ms Script
text/html 35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://mennewsletter.lpages.co/_/js/special-offer/

Requested by

Host: stopednow.com
URL: https://stopednow.com/?hopId=307da86e-5d10-4289-8803-f07849222896&sib=1029411&h=afg9gzQ6K2wyonBRIKvCmhyjUQ0_wAh7HrdGzdpneTA/2u%20CjUnDsjXmbXQlYH5OD9F1MaLgvcQBx7PnYDjzem-EtJ6LocvrOUhfbQ7C2vOj1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

49931affbecb8c03bba02248637cbafd0942b6e8f6cd4dcff7d1080fe6fb64ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:36 GMT
strict-transport-security: max-age=15768000
content-encoding: br
last-modified: Thu, 04 Jan 2024 15:24:58 GMT
server: Leadpages
etag: W/"9a559ba68bb9eca25b400eb23f1a699c"
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/html
cache-control: no-cache

GET
H2 200 all.min.css
static.leadpages.net/fonts/font-awesome/6.4.2/css/ 100 KB
26 KB 135ms
40ms Stylesheet
text/css 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/6.4.2/css/all.min.css
Requested by: Host: mennewsletter.lpages.co
URL: https://mennewsletter.lpages.co/_/js/special-offer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 20:43:12 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 1148844
etag: "nt2STQ"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: 16625ec450b406e6987f58b9044f7170
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26836
expires: Mon, 06 Jan 2025 20:43:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 134ms
48ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Work+Sans:300,400,500,700

Requested by

Host: mennewsletter.lpages.co
URL: https://mennewsletter.lpages.co/_/js/special-offer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9ea9ce40a768c0944e4a18ef57c48f92dbd923a819a897d931e78a56611e38cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 Jan 2024 03:50:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 21 Jan 2024 03:50:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Jan 2024 03:50:36 GMT

GET
H2 200 center.js Show response
js.center.io/ 12 KB
5 KB 269ms
164ms Script
application/javascript 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: www.coverof.za.com
URL: http://www.coverof.za.com/rxlfqq/rdukxkda302fvaajugb/afg9gzQ6K2wyonBRIKvCmhyjUQ0_wAh7HrdGzdpneTA/2u%20CjUnDsjXmbXQlYH5OD9F1MaLgvcQBx7PnYDjzem-EtJ6LocvrOUhfbQ7C2vOj1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:36 GMT
content-encoding: gzip
server: Google Frontend
age: 0
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: 7a277721eb0277df6cc02051341c3c8c
cache-control: public, max-age=300
content-length: 5417
expires: Sun, 21 Jan 2024 03:55:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 188 KB
68 KB 52ms
51ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-64695152-4

Requested by

Host: mennewsletter.lpages.co
URL: https://mennewsletter.lpages.co/_/js/special-offer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

44112c96329018547f1ee8dfd6b46bba460075384a3c3d05fcb4c9c744536e8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69385
x-xss-protection: 0
last-modified: Sun, 21 Jan 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 21 Jan 2024 03:50:36 GMT

GET
H2 200 cmtools.js Show response
cdn.clickmagick.com/misc/js/ 3 KB
3 KB 181ms
44ms Script
application/javascript 18.66.192.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.clickmagick.com/misc/js/cmtools.js

Requested by

Host: mennewsletter.lpages.co
URL: https://mennewsletter.lpages.co/_/js/special-offer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-39.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

c3408dcb446d581e5987aac16938c2baa16c26f599b0f89aaea6cc552d0795c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stopednow.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 18 Jan 2024 18:18:26 GMT
via: 1.1 32162aed20605276097da109dc97c5b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-permitted-cross-domain-policies: none
x-amz-cf-pop: MUC50-P1
age: 207130
x-cache: Hit from cloudfront
content-length: 2769
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Jul 2022 16:30:05 GMT
server: nginx
etag: "62d0448d-ad1"
access-control-max-age: 300
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=2592000, public, no-transform
access-control-allow-credentials: true
accept-ranges: bytes
x-robots-tag: noindex
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: q2qk0u1sB0v9ySlTS7j5hIg0S3pgVn37FW60nnOGju_0F0JfIOZV3Q==
expires: Sat, 17 Feb 2024 18:18:26 GMT

GET
H2 200 MY9n7FkXWPwWksG5C_OR5vkr8NIVnZJLtbRGyJ_OZ3YoegeUvjioAD9jG6UHIeceUj0pejSiH5UK8I_iozuYoog=w16
lh3.googleusercontent.com/ 3 KB
4 KB 140ms
52ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/MY9n7FkXWPwWksG5C_OR5vkr8NIVnZJLtbRGyJ_OZ3YoegeUvjioAD9jG6UHIeceUj0pejSiH5UK8I_iozuYoog=w16

Requested by

Host: mennewsletter.lpages.co
URL: https://mennewsletter.lpages.co/_/js/special-offer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bb0222f32ff6ed7f6d2036fb98db886761886fd98ff96e43b8e84168076da43e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:36 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3527
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 22 Jan 2024 03:50:36 GMT

GET
H2 200 Iscg_XbslzZfWVUXSAuPpS_ck-IglkacA65FcIgU-qIT90pfMdj8ceYJJH4UtUvEfOiXHQoqcqX_k9SB4ni1CYY=w16
lh3.googleusercontent.com/ 638 B
701 B 139ms
52ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/Iscg_XbslzZfWVUXSAuPpS_ck-IglkacA65FcIgU-qIT90pfMdj8ceYJJH4UtUvEfOiXHQoqcqX_k9SB4ni1CYY=w16

Requested by

Host: mennewsletter.lpages.co
URL: https://mennewsletter.lpages.co/_/js/special-offer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

605a195ed9c6f223bb961bba8efff6a90ad857b40cb3064a2419c6d4739aba86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:36 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 638
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 22 Jan 2024 03:50:36 GMT

GET
H2 200 duCBRG9nJQnXOCDkTk17gaBH8C-5SrHCePDNF73SSyeVrB9Yvp46QyvwpZCC1TjVLVMwd7cDEc50YSCbPQxy=w16
lh3.googleusercontent.com/ 650 B
713 B 142ms
55ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/duCBRG9nJQnXOCDkTk17gaBH8C-5SrHCePDNF73SSyeVrB9Yvp46QyvwpZCC1TjVLVMwd7cDEc50YSCbPQxy=w16

Requested by

Host: mennewsletter.lpages.co
URL: https://mennewsletter.lpages.co/_/js/special-offer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e098854d078e9dc2de6dbc26b2a48213ead33ff510623d7235865af36adb16ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:36 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 650
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 22 Jan 2024 03:50:36 GMT

GET
H2 200 L5veyKjtGoBfgjjgETRxKti-dT6a06N1brgvGgMv1CC6qXlVAFmyjNFMayNwBWfYJjeZ4NsoyV9So8H8YCYJAw=s0
lh3.googleusercontent.com/ 27 KB
27 KB 143ms
56ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/L5veyKjtGoBfgjjgETRxKti-dT6a06N1brgvGgMv1CC6qXlVAFmyjNFMayNwBWfYJjeZ4NsoyV9So8H8YCYJAw=s0

Requested by

Host: mennewsletter.lpages.co
URL: https://mennewsletter.lpages.co/_/js/special-offer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e48876a3093731ac25b07a6d2b3d85f3b0a5a1aa41696f828dc4bad175e7aa18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:36 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27236
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 22 Jan 2024 03:50:36 GMT

GET
H2 200 i7oFYa5uT96WRhzcb6IAw7mz8-6hIRUEGtUP7p9blzik09QtKZQlS3xEXY_9LDco4mUghE-vGP8sLUTXdR0F=w16
lh3.googleusercontent.com/ 544 B
840 B 137ms
50ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/i7oFYa5uT96WRhzcb6IAw7mz8-6hIRUEGtUP7p9blzik09QtKZQlS3xEXY_9LDco4mUghE-vGP8sLUTXdR0F=w16

Requested by

Host: mennewsletter.lpages.co
URL: https://mennewsletter.lpages.co/_/js/special-offer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7a888583bcadcec93b1814691e31f9b0a88ad2909b79a107f4f1f2cf14c3a28a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:36 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 544
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 22 Jan 2024 03:50:36 GMT

GET
H2 200 SIibyhMqHj_n3SzPBh6nRKpGLRz585P7m2mxmuzUyShh5ffyZ6ov-SenCVr6UgHXkR3xV8yDbPVsEbjjsw9-Mw=s0
lh3.googleusercontent.com/ 23 KB
23 KB 191ms
104ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/SIibyhMqHj_n3SzPBh6nRKpGLRz585P7m2mxmuzUyShh5ffyZ6ov-SenCVr6UgHXkR3xV8yDbPVsEbjjsw9-Mw=s0

Requested by

Host: mennewsletter.lpages.co
URL: https://mennewsletter.lpages.co/_/js/special-offer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a09d75c01eeab43c24e8a8c89d1a53a4282f971b578466443b1455abc7e85875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:36 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23255
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 22 Jan 2024 03:50:36 GMT

GET
H2 200 uJQUkal4xBkH8Y28bT1oGsuHoDjrvaxYk2asDyJSGT3BLvGKqP-1FUAjIOWkdZiiIMx0Fj82Byo-XMkGth2Dwg=w16
lh3.googleusercontent.com/ 404 B
467 B 129ms
121ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/uJQUkal4xBkH8Y28bT1oGsuHoDjrvaxYk2asDyJSGT3BLvGKqP-1FUAjIOWkdZiiIMx0Fj82Byo-XMkGth2Dwg=w16

Requested by

Host: mennewsletter.lpages.co
URL: https://mennewsletter.lpages.co/_/js/special-offer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

acebab7a52fa0d105cba5d589392db6b8cf3ea4dab7d3feb827ede2117c2bebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:36 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 404
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 22 Jan 2024 03:50:36 GMT

GET
H2 200 2dMiW_7oYgXJ-NaljB3SvwLWQVsFueOZ9O-vyIpTZfopdJlwntOtgb_PuKLvOs_vKvaPjGZMsmIfgWLlmKCRMw=w16
lh3.googleusercontent.com/ 814 B
877 B 125ms
119ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/2dMiW_7oYgXJ-NaljB3SvwLWQVsFueOZ9O-vyIpTZfopdJlwntOtgb_PuKLvOs_vKvaPjGZMsmIfgWLlmKCRMw=w16

Requested by

Host: mennewsletter.lpages.co
URL: https://mennewsletter.lpages.co/_/js/special-offer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2c8cd0c64830ab4ccd51f7041af9a0c1c2c82bc26d87c102cad9b29512633fdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:36 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 814
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 22 Jan 2024 03:50:36 GMT

GET
H2 200 fcG9ugQZKCvZRdFuvZ1Qi32RnVIpeB7IdVQ5MsMSgfTtn6qiJSBUL1JfF7vrVIQ0_PiSupifUCizvb8Ka6X_mg=w16
lh3.googleusercontent.com/ 573 B
636 B 130ms
124ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/fcG9ugQZKCvZRdFuvZ1Qi32RnVIpeB7IdVQ5MsMSgfTtn6qiJSBUL1JfF7vrVIQ0_PiSupifUCizvb8Ka6X_mg=w16

Requested by

Host: mennewsletter.lpages.co
URL: https://mennewsletter.lpages.co/_/js/special-offer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4d00b0a2af3d2cb80777eb1decde09cb120b2ac64c74ff1d8a6a0d70b5d1024c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:36 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 573
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 22 Jan 2024 03:50:36 GMT

GET
H2 200 AGDpCUaiBHMnt9IbzeN-WBhyvpsTrcEgP2PPny41-c49syaX4z0IW0Q4Ahy7r0HEgZl4u_pIpfvQsTkU0m83rw=w16
lh3.googleusercontent.com/ 638 B
697 B 126ms
120ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/AGDpCUaiBHMnt9IbzeN-WBhyvpsTrcEgP2PPny41-c49syaX4z0IW0Q4Ahy7r0HEgZl4u_pIpfvQsTkU0m83rw=w16

Requested by

Host: mennewsletter.lpages.co
URL: https://mennewsletter.lpages.co/_/js/special-offer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

605a195ed9c6f223bb961bba8efff6a90ad857b40cb3064a2419c6d4739aba86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:36 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 638
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 22 Jan 2024 03:50:36 GMT

GET
H2 200 bQDnsOS6xdvH9zVRye0YYOXrZbdzl9axLlUyDMkK0kd6Poi2bZ_wqlUQyzNJrpXEIx3C_zThvRt0zcwZRJf9=w16
lh3.googleusercontent.com/ 820 B
882 B 129ms
123ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/bQDnsOS6xdvH9zVRye0YYOXrZbdzl9axLlUyDMkK0kd6Poi2bZ_wqlUQyzNJrpXEIx3C_zThvRt0zcwZRJf9=w16

Requested by

Host: mennewsletter.lpages.co
URL: https://mennewsletter.lpages.co/_/js/special-offer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a0448452c23025db2d1734c34bb36e9db3217f84dfca259030836eab27b9e188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:36 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 820
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 22 Jan 2024 03:50:36 GMT

GET
H2 200 NOIS9qbtiE00r8a2weW632P1jFLnZDhzK2lzj3QeuQsmtLDpJqNjO_lhyQnYIhT_TQ9uZdHFZhUp5F371ZCazx4=w16
lh3.googleusercontent.com/ 832 B
895 B 124ms
118ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/NOIS9qbtiE00r8a2weW632P1jFLnZDhzK2lzj3QeuQsmtLDpJqNjO_lhyQnYIhT_TQ9uZdHFZhUp5F371ZCazx4=w16

Requested by

Host: mennewsletter.lpages.co
URL: https://mennewsletter.lpages.co/_/js/special-offer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dd20ba0bf8e16a5d97f6eaf9bbe089383d6132a9852bff0165786edba2ebade5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:36 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 832
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 22 Jan 2024 03:50:36 GMT

GET
H2 200 hhfxsGI-8lsLOMYVO3WS-y6FJr6i01Q7C3_-WdLQbd6qUE6VeOPYLkcSOFNRbUxxZ2cBV1m0IVttrWF_2h3C=w16
lh3.googleusercontent.com/ 590 B
653 B 128ms
122ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/hhfxsGI-8lsLOMYVO3WS-y6FJr6i01Q7C3_-WdLQbd6qUE6VeOPYLkcSOFNRbUxxZ2cBV1m0IVttrWF_2h3C=w16

Requested by

Host: mennewsletter.lpages.co
URL: https://mennewsletter.lpages.co/_/js/special-offer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

53652754bed19d1dfd13c16e7131d6e1e6dd407a435fee8ae3024e4fd25fd656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:36 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 590
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 22 Jan 2024 03:50:36 GMT

GET
H2 200 jtxyc-x9O9LKAJy0li1_egaGMEYNZAoy0QnGzyis7droephiYXjyHT0Or2UNTV_ll8YJCatWwxLBZfu16vBX=w16
lh3.googleusercontent.com/ 597 B
660 B 127ms
121ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/jtxyc-x9O9LKAJy0li1_egaGMEYNZAoy0QnGzyis7droephiYXjyHT0Or2UNTV_ll8YJCatWwxLBZfu16vBX=w16

Requested by

Host: mennewsletter.lpages.co
URL: https://mennewsletter.lpages.co/_/js/special-offer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

801476ed292d4c221f81431ea5be11471fcc3b0a01e7d8d3f778382a4a96afee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:36 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 597
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 22 Jan 2024 03:50:36 GMT

GET
H2 200 rhUzGRCkiR328GjtAlgVIwyrUEyLLKd3lZ7hfh3cQS7hkQDMbYseRRaAHXkNlZzJ1J5QuBOBE3DVaJFemlfcp8o=w16
lh3.googleusercontent.com/ 811 B
873 B 126ms
120ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/rhUzGRCkiR328GjtAlgVIwyrUEyLLKd3lZ7hfh3cQS7hkQDMbYseRRaAHXkNlZzJ1J5QuBOBE3DVaJFemlfcp8o=w16

Requested by

Host: mennewsletter.lpages.co
URL: https://mennewsletter.lpages.co/_/js/special-offer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e636a5e7bcdb3e682ee80ef80c1603481e84bd938508e972b4959dbe12ea9c70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:36 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 811
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 22 Jan 2024 03:50:36 GMT

GET
H2 200 QQD86kPIF4u7nkvSTlcnFSQ0ZGRarZl6UQiyJxYFVVx8RGJL8tt8zq2pp4EMFvyk3bflzKPjGU1IkDyiRVLZ1IQ=w16
lh5.ggpht.com/ 4 KB
4 KB 142ms
43ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.ggpht.com/QQD86kPIF4u7nkvSTlcnFSQ0ZGRarZl6UQiyJxYFVVx8RGJL8tt8zq2pp4EMFvyk3bflzKPjGU1IkDyiRVLZ1IQ=w16

Requested by

Host: mennewsletter.lpages.co
URL: https://mennewsletter.lpages.co/_/js/special-offer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f5241c923426dd35fb402c540a60f7ed5bcb74779502e1ee7ff7c242b763ed44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:54:14 GMT
x-content-type-options: nosniff
age: 10582
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3600
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 22 Jan 2024 00:54:14 GMT

GET
H2 200 5_kxPmT_YlZAuEgoIIY_GrH90F6t9uCAHBUg-zmglpX9OVqWMytNhLZInCnFtIF9mFRCFa_4gc-J1ux1_Slt5w=s0
lh3.googleusercontent.com/ 49 KB
49 KB 130ms
124ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/5_kxPmT_YlZAuEgoIIY_GrH90F6t9uCAHBUg-zmglpX9OVqWMytNhLZInCnFtIF9mFRCFa_4gc-J1ux1_Slt5w=s0

Requested by

Host: mennewsletter.lpages.co
URL: https://mennewsletter.lpages.co/_/js/special-offer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9bd6ccdbe207f05e09c01c99ab6b1ec1a64443128b9df3464fffb9c19fe4b3d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:36 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50019
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 22 Jan 2024 03:50:36 GMT

GET
H2 200 5mf17zWvrNW_dG6mfHTEYIebmrYXfmn9E52vR-FUKbSZF5j_rbE2uoqN5cXmyHKPRQFohFFganBSZnS8WQ4fVA=w16
lh3.googleusercontent.com/ 3 KB
3 KB 121ms
115ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/5mf17zWvrNW_dG6mfHTEYIebmrYXfmn9E52vR-FUKbSZF5j_rbE2uoqN5cXmyHKPRQFohFFganBSZnS8WQ4fVA=w16

Requested by

Host: mennewsletter.lpages.co
URL: https://mennewsletter.lpages.co/_/js/special-offer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8edb14944dbdcb978ee653dd4471c8488619c24949820827e66fbf7c8a608fb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:36 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3496
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 22 Jan 2024 03:50:36 GMT

GET
H2 200 Cu-AhisHlxKU9JWsIU633UAfpYxEHbDTzT_S4zBWb6fjN0JEXqv3tPmV03nJ5l3nIIN49uYc-zFri4sYwazdNQ=w16
lh3.googleusercontent.com/ 538 B
601 B 128ms
122ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/Cu-AhisHlxKU9JWsIU633UAfpYxEHbDTzT_S4zBWb6fjN0JEXqv3tPmV03nJ5l3nIIN49uYc-zFri4sYwazdNQ=w16

Requested by

Host: mennewsletter.lpages.co
URL: https://mennewsletter.lpages.co/_/js/special-offer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2d03ab3d718ec884ae1d7f77bbd534b25d7464aac9b154030325847055f14c75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:36 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 538
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 22 Jan 2024 03:50:36 GMT

GET
H2 200 eswcMWl7lzSPUHiRJM-gH3Gk_tirRe7YN-Zn2cXV1XSKY5ilEyEDsVfSGUEBgg1MkJVNDs8oMexvWYxgwIUOMss=s0
lh3.googleusercontent.com/ 24 KB
24 KB 135ms
132ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/eswcMWl7lzSPUHiRJM-gH3Gk_tirRe7YN-Zn2cXV1XSKY5ilEyEDsVfSGUEBgg1MkJVNDs8oMexvWYxgwIUOMss=s0

Requested by

Host: mennewsletter.lpages.co
URL: https://mennewsletter.lpages.co/_/js/special-offer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

78db7b49ef768f251d2d634c9c49da61bb0f2e36593120441ef96f326ac30c3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:36 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24276
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 22 Jan 2024 03:50:36 GMT

GET
H2 200 Qtg_XJrEO1w Show response
www.youtube.com/embed/ Frame A658 92 KB
39 KB 252ms
167ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Qtg_XJrEO1w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4a372a4101adfdb9b2db9c68a2b4b6199797f9cbbc32e759f7f38df04a4ca55d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stopednow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 03:50:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 9Szids-pTr8 Show response
www.youtube.com/embed/ Frame 012C 93 KB
41 KB 201ms
116ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/9Szids-pTr8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

856189849fd9b8dda4badb9f39ee7f526c81410ba5c4b4ab38886e5a9b54845d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stopednow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 03:50:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 provesrc.js Show response
cdn.provesrc.com/ 225 KB
55 KB 154ms
48ms Script
application/javascript 2600:9000:237d:d200:10:6a77:5f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.provesrc.com/provesrc.js
Requested by: Host: stopednow.com
URL: https://stopednow.com/?hopId=307da86e-5d10-4289-8803-f07849222896&sib=1029411&h=afg9gzQ6K2wyonBRIKvCmhyjUQ0_wAh7HrdGzdpneTA/2u%20CjUnDsjXmbXQlYH5OD9F1MaLgvcQBx7PnYDjzem-EtJ6LocvrOUhfbQ7C2vOj1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:d200:10:6a77:5f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fafdc006b816a5d9a75316354a165ff79f66b23635e5128efe8586f7c04c52c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 06:08:56 GMT
content-encoding: gzip
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
last-modified: Thu, 26 Oct 2023 09:59:01 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 78110
x-amz-server-side-encryption: AES256
etag: "c147d3d5cc13ce2567befdf82e1baf43"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 55627
x-amz-cf-id: idWUW2-EmjGjBOUMB20ymp1yqI18_UKvQ5sT_LYDcO0wbBFoQ4N7bA==

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v19/ 49 KB
50 KB 178ms
92ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Work+Sans:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://stopednow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:29:50 GMT
x-content-type-options: nosniff
age: 350446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50668
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:13:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:29:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 128ms
43ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Work+Sans:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://stopednow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 14:18:08 GMT
x-content-type-options: nosniff
age: 307948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 14:18:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 142ms
56ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Work+Sans:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://stopednow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:13:53 GMT
x-content-type-options: nosniff
age: 351403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:13:53 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 239 KB
82 KB 58ms
58ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J1VSCFKZQ3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-64695152-4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

41435d54095c097da9ad221dc3b92afc879c001ace3bc1d6fbb37175c01851c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84192
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 21 Jan 2024 03:50:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 134ms
39ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-64695152-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 21 Jan 2024 03:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 147
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 21 Jan 2024 05:48:09 GMT

GET
H2 200 i7oFYa5uT96WRhzcb6IAw7mz8-6hIRUEGtUP7p9blzik09QtKZQlS3xEXY_9LDco4mUghE-vGP8sLUTXdR0F=w292
lh3.googleusercontent.com/ 97 KB
97 KB 65ms
62ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/i7oFYa5uT96WRhzcb6IAw7mz8-6hIRUEGtUP7p9blzik09QtKZQlS3xEXY_9LDco4mUghE-vGP8sLUTXdR0F=w292

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ab53b6bd77d8d356af1b94cfbcfd09acdbbd8ea534795814b10efb142b024277

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:54:35 GMT
x-content-type-options: nosniff
age: 10561
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99425
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 22 Jan 2024 00:54:35 GMT

GET
H2 200 Iscg_XbslzZfWVUXSAuPpS_ck-IglkacA65FcIgU-qIT90pfMdj8ceYJJH4UtUvEfOiXHQoqcqX_k9SB4ni1CYY=w497
lh3.googleusercontent.com/ 197 KB
197 KB 147ms
146ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/Iscg_XbslzZfWVUXSAuPpS_ck-IglkacA65FcIgU-qIT90pfMdj8ceYJJH4UtUvEfOiXHQoqcqX_k9SB4ni1CYY=w497

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00b65fe51ed55ceef459d819baca77d424c40569506e6f344ac18a8eeb840e1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201385
x-xss-protection: 0
expires: Mon, 22 Jan 2024 03:50:36 GMT

GET
H2 200 MY9n7FkXWPwWksG5C_OR5vkr8NIVnZJLtbRGyJ_OZ3YoegeUvjioAD9jG6UHIeceUj0pejSiH5UK8I_iozuYoog=w317
lh3.googleusercontent.com/ 24 KB
24 KB 254ms
254ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/MY9n7FkXWPwWksG5C_OR5vkr8NIVnZJLtbRGyJ_OZ3YoegeUvjioAD9jG6UHIeceUj0pejSiH5UK8I_iozuYoog=w317

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7eb3199fe7ddb4ed7f1b2e0740ebbb5f089b863b2df6d3e014b68d1cf018fba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24450
x-xss-protection: 0
expires: Mon, 22 Jan 2024 03:50:36 GMT

GET
H2 200 duCBRG9nJQnXOCDkTk17gaBH8C-5SrHCePDNF73SSyeVrB9Yvp46QyvwpZCC1TjVLVMwd7cDEc50YSCbPQxy=w286
lh3.googleusercontent.com/ 10 KB
10 KB 253ms
253ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/duCBRG9nJQnXOCDkTk17gaBH8C-5SrHCePDNF73SSyeVrB9Yvp46QyvwpZCC1TjVLVMwd7cDEc50YSCbPQxy=w286

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

71b9442426908970e1640d64fcfe25eaf4af507e2fc918a8cfcdb1974cf2472a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10670
x-xss-protection: 0
expires: Mon, 22 Jan 2024 03:50:36 GMT

OPTIONS
H2 200 configuration
client-api.provesrc.com/account/ Frame 0
0 374ms
117ms Preflight 34.194.37.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://client-api.provesrc.com/account/configuration?url=aHR0cHM6Ly9zdG9wZWRub3cuY29tLz9ob3BJZD0zMDdkYTg2ZS01ZDEwLTQyODktODgwMy1mMDc4NDkyMjI4OTYmc2liPTEwMjk0MTEmaD1hZmc5Z3pRNksyd3lvbkJSSUt2Q21oeWpVUTBfd0FoN0hyZEd6ZHBuZVRBLzJ1JTIwQ2pVbkRzalhtYlhRbFlINU9EOUYxTWFMZ3ZjUUJ4N1BuWURqemVtLUV0SjZMb2N2ck9VaGZiUTdDMnZPajE=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.37.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-37-63.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-ps-uid,x-ps-url,x-ps-version
Access-Control-Request-Method: GET
Origin: https://stopednow.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,x-ps-uid,x-ps-url,x-ps-version
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://stopednow.com
access-control-expose-headers: x-ps-first
access-control-max-age: 7200
date: Sun, 21 Jan 2024 03:50:37 GMT
x-ps-host: ip-172-31-60-16
x-request-id: 44b9d445-9513-4864-9204-8235ea274847

GET
H2 200 configuration Show response
client-api.provesrc.com/account/ 284 B
1 KB 366ms
131ms Fetch
application/json 34.194.37.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://client-api.provesrc.com/account/configuration?url=aHR0cHM6Ly9zdG9wZWRub3cuY29tLz9ob3BJZD0zMDdkYTg2ZS01ZDEwLTQyODktODgwMy1mMDc4NDkyMjI4OTYmc2liPTEwMjk0MTEmaD1hZmc5Z3pRNksyd3lvbkJSSUt2Q21oeWpVUTBfd0FoN0hyZEd6ZHBuZVRBLzJ1JTIwQ2pVbkRzalhtYlhRbFlINU9EOUYxTWFMZ3ZjUUJ4N1BuWURqemVtLUV0SjZMb2N2ck9VaGZiUTdDMnZPajE=
Requested by: Host: cdn.provesrc.com
URL: https://cdn.provesrc.com/provesrc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.37.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-37-63.compute-1.amazonaws.com
Software: /
Resource Hash: 2573bb32ffbbf8b600c8d2c429ede0dcbeb6acde117308de2c404785b96a3b31

Request headers

accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhY2NvdW50SWQiOiI1YmVhN2NhYjM0YTE1ZDcxOWEyYjVlZmYiLCJpYXQiOjE1NDIwOTM5OTV9.SMGSq7OCXllPBdB8J0puSfo6mzJEMsKw6whbpGLsGI4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json
Accept: application/json
x-ps-url: aHR0cHM6Ly9zdG9wZWRub3cuY29tLz9ob3BJZD0zMDdkYTg2ZS01ZDEwLTQyODktODgwMy1mMDc4NDkyMjI4OTYmc2liPTEwMjk0MTEmaD1hZmc5Z3pRNksyd3lvbkJSSUt2Q21oeWpVUTBfd0FoN0hyZEd6ZHBuZVRBLzJ1JTIwQ2pVbkRzalhtYlhRbFlINU9EOUYxTWFMZ3ZjUUJ4N1BuWURqemVtLUV0SjZMb2N2ck9VaGZiUTdDMnZPajE=
Referer: https://stopednow.com/
x-ps-uid: a0790627-b4b4-409a-9771-a908b2794c5e
x-ps-version: 4.6.3

Response headers

date: Sun, 21 Jan 2024 03:50:37 GMT
content-encoding: gzip
etag: W/"11c-EJSJL73RpAHwBj+Egu6GJU63d6o"
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://stopednow.com
x-ps-host: ip-172-31-60-16
access-control-expose-headers: x-ps-first
x-ps-first: psuid=3454f1a5-5928-4ae6-9a01-a74fcba006d7; expires=Tue, 01 Jan 2030 00:00:00 GMT; maxAge=15552000$ps5bea7cab34a15d719a2b5eff=false|1705104000000; maxAge=86400000; expires=Tue, 13 Feb 2024 00:00:00 GMT
access-control-allow-credentials: true
vary: Accept-Encoding
x-request-id: e5bed2d3-4185-41d0-8b6d-7d226e17484c

GET
H2 200 www-player.css
www.youtube.com/s/player/787e9b63/ Frame 012C 359 KB
47 KB 76ms
76ms Stylesheet
text/css 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/787e9b63/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9Szids-pTr8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1515b988fb1fab95f3ba07b215b8fc214e6834106caf76452ad83045ddc73d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9Szids-pTr8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:21:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34127
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47506
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 04:49:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 19 Jan 2025 18:21:49 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 012C 15 KB
15 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9Szids-pTr8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 05:31:50 GMT
x-content-type-options: nosniff
age: 512326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 05:31:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 012C 15 KB
15 KB 46ms
46ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9Szids-pTr8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 09:09:14 GMT
x-content-type-options: nosniff
age: 412882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 09:09:14 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 138ms
52ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-J1VSCFKZQ3&_ono=1&gtm=45je41h0v9123375336&_p=1705809036339&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=29364529.1705809037&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1705809036&sct=1&seg=0&dl=https%3A%2F%2Fstopednow.com%2F%3FhopId%3D307da86e-5d10-4289-8803-f07849222896%26sib%3D1029411%26h%3Dafg9gzQ6K2wyonBRIKvCmhyjUQ0_wAh7HrdGzdpneTA%2F2u%2520CjUnDsjXmbXQlYH5OD9F1MaLgvcQBx7PnYDjzem-EtJ6LocvrOUhfbQ7C2vOj1&dt=Stop%20ED%20Now%20-%20Special%20Offer&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2075
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J1VSCFKZQ3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 03:50:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://stopednow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 201ms
105ms Ping
text/plain 2a00:1450:400c:c1f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-J1VSCFKZQ3&cid=29364529.1705809037&gtm=45je41h0v9123375336&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J1VSCFKZQ3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1f::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 03:50:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://stopednow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 140ms
55ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-J1VSCFKZQ3&cid=29364529.1705809037&gtm=45je41h0v9123375336&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=55173941

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 03:50:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
205 B 47ms
47ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1757899379&t=pageview&_s=1&dl=https%3A%2F%2Fstopednow.com%2F%3FhopId%3D307da86e-5d10-4289-8803-f07849222896%26sib%3D1029411%26h%3Dafg9gzQ6K2wyonBRIKvCmhyjUQ0_wAh7HrdGzdpneTA%2F2u%2520CjUnDsjXmbXQlYH5OD9F1MaLgvcQBx7PnYDjzem-EtJ6LocvrOUhfbQ7C2vOj1&ul=en-us&de=windows-1252&dt=Stop%20ED%20Now%20-%20Special%20Offer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1655657135&gjid=535152683&cid=29364529.1705809037&tid=UA-64695152-4&_gid=1548527517.1705809037&_r=1&gtm=457e41h0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1637907517

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://stopednow.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 03:50:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://stopednow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/ Frame 012C 52 KB
16 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9Szids-pTr8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe65faef556bfc4f04e6f7455ea9e228742e697170990bbe4ae27c55a64f9857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9Szids-pTr8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 08:32:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 415105
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16431
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 04:49:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 15 Jan 2025 08:32:11 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/787e9b63/www-embed-player.vflset/ Frame 012C 323 KB
97 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/787e9b63/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9Szids-pTr8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65cd9fe803c67f0c4236805273a0453daf900d7006170c8cf38ebb8cde1b2f37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9Szids-pTr8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 16:27:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 213791
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98837
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 04:49:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Jan 2025 16:27:25 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/ Frame 012C 2 MB
771 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9Szids-pTr8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

449dffcc02bb5a08f9cff4b8659eef5511bdb979490fd3ce61e5e8004ff0df44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9Szids-pTr8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 10:25:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 321935
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 789191
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 04:49:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 16 Jan 2025 10:25:01 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/787e9b63/ Frame A658 359 KB
46 KB 179ms
179ms Stylesheet
text/css 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/787e9b63/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Qtg_XJrEO1w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1515b988fb1fab95f3ba07b215b8fc214e6834106caf76452ad83045ddc73d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Qtg_XJrEO1w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:21:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34127
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47506
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 04:49:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 19 Jan 2025 18:21:49 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A658 15 KB
15 KB 39ms
38ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Qtg_XJrEO1w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 05:31:50 GMT
x-content-type-options: nosniff
age: 512326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 05:31:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A658 15 KB
15 KB 43ms
43ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Qtg_XJrEO1w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 09:09:14 GMT
x-content-type-options: nosniff
age: 412882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 09:09:14 GMT

GET
H2 200 identify.html Show response
js.center.io/ Frame E1BC 4 KB
2 KB 48ms
48ms Document
text/html 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer: https://stopednow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 75
cache-control: public, max-age=300
content-encoding: gzip
content-length: 2016
content-type: text/html
date: Sun, 21 Jan 2024 03:49:21 GMT
etag: "OMWYXg"
expires: Sun, 21 Jan 2024 03:54:21 GMT
server: Google Frontend
x-cloud-trace-context: 481e8fc0b69f07de85d03bccdc9a47ab

GET
H2 200 embed.js Show response
www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/ Frame A658 52 KB
16 KB 162ms
162ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Qtg_XJrEO1w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe65faef556bfc4f04e6f7455ea9e228742e697170990bbe4ae27c55a64f9857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Qtg_XJrEO1w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 08:32:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 415105
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16431
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 04:49:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 15 Jan 2025 08:32:11 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/787e9b63/www-embed-player.vflset/ Frame A658 323 KB
97 KB 164ms
163ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/787e9b63/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Qtg_XJrEO1w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65cd9fe803c67f0c4236805273a0453daf900d7006170c8cf38ebb8cde1b2f37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Qtg_XJrEO1w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 16:27:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 213791
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98837
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 04:49:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Jan 2025 16:27:25 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/ Frame A658 2 MB
771 KB 189ms
189ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Qtg_XJrEO1w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

449dffcc02bb5a08f9cff4b8659eef5511bdb979490fd3ce61e5e8004ff0df44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Qtg_XJrEO1w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 10:25:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 321935
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 789191
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 04:49:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 16 Jan 2025 10:25:01 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
347 B 138ms
104ms XHR
text/plain 2a00:1450:400c:c1f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-64695152-4&cid=29364529.1705809037&jid=1655657135&gjid=535152683&_gid=1548527517.1705809037&_u=YADAAUAAAAAAACAAI~&z=550051515

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1f::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://stopednow.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 21 Jan 2024 03:50:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://stopednow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/events/ 35 B
660 B 716ms
151ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=Q98bD2XbUdhoqD7UpJEFun&v=&e=&st=&lc=en-US&pid=Tn8VLRBmyM5c2yKKQKZ9qh&uid=8otqCRDqs3beTpYxnctmcB&sid=KFoUtEbWevmUapnM3deecP&cid=lp-Q98bD2XbUdhoqD7UpJEFun&uri=https%3A%2F%2Fstopednow.com%2F%3FhopId%3D307da86e-5d10-4289-8803-f07849222896%26sib%3D1029411%26h%3Dafg9gzQ6K2wyonBRIKvCmhyjUQ0_wAh7HrdGzdpneTA%2F2u%2520CjUnDsjXmbXQlYH5OD9F1MaLgvcQBx7PnYDjzem-EtJ6LocvrOUhfbQ7C2vOj1&rf=&rx=1600&ry=1200&tz=%2B01%3A00
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 03:50:37 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://stopednow.com
X-Forwarded-For: 80.255.7.107
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00rodgefqacnrvpu5110

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 135ms
49ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-64695152-4&cid=29364529.1705809037&jid=1655657135&_u=YADAAUAAAAAAACAAI~&z=966288909

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 03:50:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 87ms
87ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-64695152-4&cid=29364529.1705809037&jid=1655657135&_u=YADAAUAAAAAAACAAI~&z=966288909

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 03:50:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 012C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
189 B

49ms
49ms

XHR
application/json

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9Szids-pTr8

Protocol

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c52123429915bfa4fcbcd67b725976d0f61f0f4590cd9d77eb517a22f532595d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 03:50:37 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 012C 29 B
495 B 140ms
39ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/787e9b63/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:40:32 GMT
x-content-type-options: nosniff
age: 605
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 Jan 2024 03:55:32 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 132ms
46ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 21 Jan 2024 03:50:37 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 012C 86 KB
40 KB 54ms
53ms XHR
application/json+protobuf 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5f95cc48d5062bb2bafc6b442ea16cba49521270a1cf6d3752927fdc374b2c01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 21 Jan 2024 03:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40810
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/ Frame 012C 117 KB
33 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49104223627200e65966dc89d1648e3725bf29e70e8474e1f488a412e8abaef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9Szids-pTr8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:12:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 351509
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33860
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 04:49:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 16 Jan 2025 02:12:08 GMT

GET
H2 200 8Hi5A8hOrTMN2tBLhmCcAO89l4B_aU1bigXouSWjw-4.js Show response
www.google.com/js/th/ Frame 012C 50 KB
20 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/8Hi5A8hOrTMN2tBLhmCcAO89l4B_aU1bigXouSWjw-4.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f078b903c84ead330ddad04b86609c00ef3d97807f694d5b8a05e8b925a3c3ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:40:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 393021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19796
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 14:40:16 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/9Szids-pTr8/ Frame 012C 65 KB
65 KB 148ms
59ms Image
image/webp 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/9Szids-pTr8/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9Szids-pTr8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc309391e94917983b6d42e00aca82c2371d7bcbf55a0b7c7f49022143dcd9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:37 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66910
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 21 Jan 2024 05:50:37 GMT

GET
DATA 200
OK truncated
/ Frame 012C 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 AIf8zZTWv4CuxeSsyeBCdpNAiH1xZrnzomA_d7fOcUmx1g=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 012C 4 KB
4 KB 128ms
43ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AIf8zZTWv4CuxeSsyeBCdpNAiH1xZrnzomA_d7fOcUmx1g=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9Szids-pTr8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

99255af8240806c55a0b0cff016b9db59dcd264bf9b47763e40d48dd96f87372

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:54:15 GMT
x-content-type-options: nosniff
age: 10582
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3611
x-xss-protection: 0
server: fife
etag: "v93"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 22 Jan 2024 00:54:15 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame A658
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

48ms
48ms

XHR
application/json

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Qtg_XJrEO1w

Protocol

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71d81928ae4a61571a222527fe1774a49dced57a448c0a67f3f9898479e86878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 03:50:37 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame A658 29 B
89 B 71ms
40ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/787e9b63/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:40:32 GMT
x-content-type-options: nosniff
age: 605
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 Jan 2024 03:55:32 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 68ms
47ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 21 Jan 2024 03:50:37 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A658 86 KB
40 KB 100ms
100ms XHR
application/json+protobuf 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7ac0396964a79c114b34ce6dcb4d2d58d8a53bf019f49d45cf1056f5f95cd1de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 21 Jan 2024 03:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40871
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/ Frame A658 117 KB
33 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49104223627200e65966dc89d1648e3725bf29e70e8474e1f488a412e8abaef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Qtg_XJrEO1w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:12:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 351509
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33860
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 04:49:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 16 Jan 2025 02:12:08 GMT

GET
H2 200 8Hi5A8hOrTMN2tBLhmCcAO89l4B_aU1bigXouSWjw-4.js Show response
www.google.com/js/th/ Frame A658 50 KB
19 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/8Hi5A8hOrTMN2tBLhmCcAO89l4B_aU1bigXouSWjw-4.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f078b903c84ead330ddad04b86609c00ef3d97807f694d5b8a05e8b925a3c3ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:40:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 393021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19796
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 14:40:16 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/Qtg_XJrEO1w/ Frame A658 15 KB
15 KB 72ms
48ms Image
image/webp 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/Qtg_XJrEO1w/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Qtg_XJrEO1w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf1cfbb6ff1096de8271875bcf5a738a0648a9a82405f6ae567f3473f11835df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:37 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 21 Jan 2024 05:50:37 GMT

GET
DATA 200
OK truncated
/ Frame A658 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 AIf8zZTWv4CuxeSsyeBCdpNAiH1xZrnzomA_d7fOcUmx1g=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame A658 4 KB
4 KB 63ms
39ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AIf8zZTWv4CuxeSsyeBCdpNAiH1xZrnzomA_d7fOcUmx1g=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Qtg_XJrEO1w

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

99255af8240806c55a0b0cff016b9db59dcd264bf9b47763e40d48dd96f87372

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:54:15 GMT
x-content-type-options: nosniff
age: 10582
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3611
x-xss-protection: 0
server: fife
etag: "v93"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 22 Jan 2024 00:54:15 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 012C 4 KB
2 KB 138ms
52ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 21 Jan 2024 03:50:37 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 012C 0
10 B 38ms
38ms Image
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?sDas7Q
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/9Szids-pTr8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9Szids-pTr8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame A658 4 KB
2 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 21 Jan 2024 03:50:37 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame A658 0
10 B 42ms
42ms Image
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?yDur-w
Requested by: Host: stopednow.com
URL: https://stopednow.com/?hopId=307da86e-5d10-4289-8803-f07849222896&sib=1029411&h=afg9gzQ6K2wyonBRIKvCmhyjUQ0_wAh7HrdGzdpneTA/2u%20CjUnDsjXmbXQlYH5OD9F1MaLgvcQBx7PnYDjzem-EtJ6LocvrOUhfbQ7C2vOj1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Qtg_XJrEO1w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 03:50:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 47ms
46ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 21 Jan 2024 03:50:37 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 012C 90 B
134 B 50ms
50ms XHR
application/json+protobuf 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3aea72dbee9fa27fd1c518cccb7ecb521767a98616ae7a329322ee3ab5845dc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 21 Jan 2024 03:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 47ms
47ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 21 Jan 2024 03:50:37 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A658 90 B
134 B 50ms
50ms XHR
application/json+protobuf 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6629e78eace8bb52ad3a0e28c58c509a35735537fd5c2cac06c40c6deb4cf571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 21 Jan 2024 03:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 012C 50 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 10:57:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 21 Jan 2024 10:57:08 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame A658 50 KB
14 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 10:57:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 21 Jan 2024 10:57:08 GMT

GET
H/1.1 200
OK capture
api.leadpages.io/analytics/v1/observations/ 35 B
354 B 280ms
146ms Image
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=0,97,55,152,1,154,993,994,1875,1875
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 03:50:37 GMT
Server: Stargate
Transfer-Encoding: chunked
X-Forwarded-For: 80.255.7.107
Content-Type: image/gif
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00rodgflptorrjoovemg

GET
H2 200 css
fonts.googleapis.com/ 2 KB
521 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,900

Requested by

Host: cdn.provesrc.com
URL: https://cdn.provesrc.com/provesrc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5b2f518b16af2ea31caddc3a440ec626ea710ba6f59485d227e7963fa8c2449d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stopednow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 Jan 2024 03:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 21 Jan 2024 03:14:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Jan 2024 03:50:37 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 012C 28 B
54 B 62ms
59ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/787e9b63/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
X-Goog-Request-Time: 1705809039096
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/9Szids-pTr8
X-YouTube-Client-Version: 1.20240115.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtXOUMwTGZkMjNzYyiMqbKtBjIKCgJERRIEEgAgMQ%3D%3D
X-YouTube-Ad-Signals: dt=1705809036940&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C720%2C405&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 21 Jan 2024 03:50:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sun, 21 Jan 2024 03:50:39 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.api.leadpages.io/analytics/v1/events/capture	1970-01-20 17:51:35	Name: view.Tn8VLRBmyM5c2yKKQKZ9qh.Q98bD2XbUdhoqD7UpJEFun Value: 1705809037000
.clickbank.net/	1970-01-21 02:35:45	Name: q Value: 01.B1179C8CE28730F608EC1B24BB53B1E49800FF39DE8F23FFF99A1A441DA540161A25E418BF4E415CAEA5996474BF08FCCD13D6D4
.stopednow.com/	1970-01-21 03:26:09	Name: _ga_J1VSCFKZQ3 Value: GS1.1.1705809036.1.0.1705809036.60.0.0
.stopednow.com/	1970-01-21 03:26:09	Name: _ga Value: GA1.2.29364529.1705809037
.stopednow.com/	1970-01-20 17:51:35	Name: _gid Value: GA1.2.1548527517.1705809037
.stopednow.com/	1970-01-20 17:50:09	Name: _gat_gtag_UA_64695152_4 Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Mi3GIZo4z3s
.youtube.com/	1970-01-20 22:09:21	Name: VISITOR_INFO1_LIVE Value: KJQRBvCQT_U
js.center.io/	1970-01-21 03:26:09	Name: centerVisitorId Value: 8otqCRDqs3beTpYxnctmcB
.provesrc.com/	1970-01-20 17:50:24	Name: psuid Value: s%3A3454f1a5-5928-4ae6-9a01-a74fcba006d7.zm%2FTEysjXjoWuYiDR0s18bzwYs41nK66qtKjmvlae6M
.provesrc.com/	1970-01-20 17:51:35	Name: ps5bea7cab34a15d719a2b5eff Value: false%7C1705104000000
.stopednow.com/	1970-01-21 03:26:09	Name: psuid Value: 3454f1a5-5928-4ae6-9a01-a74fcba006d7
.stopednow.com/	1970-01-20 18:23:02	Name: ps5bea7cab34a15d719a2b5eff Value: false\|1705104000000

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://mennewsletter.lpages.co/_/js/special-offer/ Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.clickmagick.com/misc/js/cmtools.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://mennewsletter.lpages.co/_/js/special-offer/ Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.clickmagick.com/misc/js/cmtools.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.leadpages.io
c9ebcctrzlgw7p9bhm59kzdyc8.hop.clickbank.net
cdn.clickmagick.com
cdn.provesrc.com
client-api.provesrc.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
js.center.io
lh3.googleusercontent.com
lh5.ggpht.com
mennewsletter.lpages.co
region1.analytics.google.com
static.doubleclick.net
static.leadpages.net
stats.g.doubleclick.net
stopednow.com
www.coverof.za.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
18.66.192.39
2001:4860:4802:32::36
2001:4860:4802:36::15
2001:8d8:100f:f000::2ed
2600:9000:237d:d200:10:6a77:5f80:93a1
2606:4700:3035::6815:22fb
2a00:1450:4001:809::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:812::2001
2a00:1450:4001:812::2003
2a00:1450:4001:81c::2016
2a00:1450:4001:827::2006
2a00:1450:4001:828::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2001
2a00:1450:4001:830::2003
2a00:1450:400c:c1f::9b
34.107.203.240
34.194.37.63
35.192.151.63
35.202.21.90
44.239.165.192
00b65fe51ed55ceef459d819baca77d424c40569506e6f344ac18a8eeb840e1a
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
0b57353e0c0435ff68fb52d3d812b3e43cba2cfd4ca651c8ba87b44a4dd715cf
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
1515b988fb1fab95f3ba07b215b8fc214e6834106caf76452ad83045ddc73d5e
2573bb32ffbbf8b600c8d2c429ede0dcbeb6acde117308de2c404785b96a3b31
2c8cd0c64830ab4ccd51f7041af9a0c1c2c82bc26d87c102cad9b29512633fdc
2d03ab3d718ec884ae1d7f77bbd534b25d7464aac9b154030325847055f14c75
3aea72dbee9fa27fd1c518cccb7ecb521767a98616ae7a329322ee3ab5845dc7
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41435d54095c097da9ad221dc3b92afc879c001ace3bc1d6fbb37175c01851c7
44112c96329018547f1ee8dfd6b46bba460075384a3c3d05fcb4c9c744536e8b
449dffcc02bb5a08f9cff4b8659eef5511bdb979490fd3ce61e5e8004ff0df44
49104223627200e65966dc89d1648e3725bf29e70e8474e1f488a412e8abaef4
49931affbecb8c03bba02248637cbafd0942b6e8f6cd4dcff7d1080fe6fb64ea
4a372a4101adfdb9b2db9c68a2b4b6199797f9cbbc32e759f7f38df04a4ca55d
4d00b0a2af3d2cb80777eb1decde09cb120b2ac64c74ff1d8a6a0d70b5d1024c
53652754bed19d1dfd13c16e7131d6e1e6dd407a435fee8ae3024e4fd25fd656
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b2f518b16af2ea31caddc3a440ec626ea710ba6f59485d227e7963fa8c2449d
5f95cc48d5062bb2bafc6b442ea16cba49521270a1cf6d3752927fdc374b2c01
605a195ed9c6f223bb961bba8efff6a90ad857b40cb3064a2419c6d4739aba86
65cd9fe803c67f0c4236805273a0453daf900d7006170c8cf38ebb8cde1b2f37
6629e78eace8bb52ad3a0e28c58c509a35735537fd5c2cac06c40c6deb4cf571
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
71b9442426908970e1640d64fcfe25eaf4af507e2fc918a8cfcdb1974cf2472a
71d81928ae4a61571a222527fe1774a49dced57a448c0a67f3f9898479e86878
74fe9e2e544524523d332bfe275a172aad5261881b912caf3f1425815ad642e8
78db7b49ef768f251d2d634c9c49da61bb0f2e36593120441ef96f326ac30c3a
7a888583bcadcec93b1814691e31f9b0a88ad2909b79a107f4f1f2cf14c3a28a
7ac0396964a79c114b34ce6dcb4d2d58d8a53bf019f49d45cf1056f5f95cd1de
7eb3199fe7ddb4ed7f1b2e0740ebbb5f089b863b2df6d3e014b68d1cf018fba1
801476ed292d4c221f81431ea5be11471fcc3b0a01e7d8d3f778382a4a96afee
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
856189849fd9b8dda4badb9f39ee7f526c81410ba5c4b4ab38886e5a9b54845d
8edb14944dbdcb978ee653dd4471c8488619c24949820827e66fbf7c8a608fb6
99255af8240806c55a0b0cff016b9db59dcd264bf9b47763e40d48dd96f87372
9bd6ccdbe207f05e09c01c99ab6b1ec1a64443128b9df3464fffb9c19fe4b3d2
9ea9ce40a768c0944e4a18ef57c48f92dbd923a819a897d931e78a56611e38cf
a0448452c23025db2d1734c34bb36e9db3217f84dfca259030836eab27b9e188
a09d75c01eeab43c24e8a8c89d1a53a4282f971b578466443b1455abc7e85875
a5fa71747610ba961f3638505b1eedb8f9dff5c53a3036a54e101d89175130ff
ab53b6bd77d8d356af1b94cfbcfd09acdbbd8ea534795814b10efb142b024277
acebab7a52fa0d105cba5d589392db6b8cf3ea4dab7d3feb827ede2117c2bebe
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
bb0222f32ff6ed7f6d2036fb98db886761886fd98ff96e43b8e84168076da43e
c3408dcb446d581e5987aac16938c2baa16c26f599b0f89aaea6cc552d0795c2
c52123429915bfa4fcbcd67b725976d0f61f0f4590cd9d77eb517a22f532595d
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
cc309391e94917983b6d42e00aca82c2371d7bcbf55a0b7c7f49022143dcd9a6
cf1cfbb6ff1096de8271875bcf5a738a0648a9a82405f6ae567f3473f11835df
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d99cb6a8b9e697dc2d4abb52b11284ef427e21c0d401c389bb631460da40fffc
dd20ba0bf8e16a5d97f6eaf9bbe089383d6132a9852bff0165786edba2ebade5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e098854d078e9dc2de6dbc26b2a48213ead33ff510623d7235865af36adb16ed
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48876a3093731ac25b07a6d2b3d85f3b0a5a1aa41696f828dc4bad175e7aa18
e636a5e7bcdb3e682ee80ef80c1603481e84bd938508e972b4959dbe12ea9c70
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f078b903c84ead330ddad04b86609c00ef3d97807f694d5b8a05e8b925a3c3ee
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f5241c923426dd35fb402c540a60f7ed5bcb74779502e1ee7ff7c242b763ed44
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fafdc006b816a5d9a75316354a165ff79f66b23635e5128efe8586f7c04c52c8
fe65faef556bfc4f04e6f7455ea9e228742e697170990bbe4ae27c55a64f9857

stopednow.com Open in urlscan Pro 2001:8d8:100f:f000::2ed Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

95 Requests

95 %HTTPS

77 %IPv6

20 Domains

27 Subdomains

26 IPs

3 Countries

3266 kBTransfer

9134 kBSize

13 Cookies

4 Outgoing links

Page URL History

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

stopednow.com Open in urlscan Pro
2001:8d8:100f:f000::2ed Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

95 %
HTTPS

77 %
IPv6

20
Domains

27
Subdomains

26
IPs

3
Countries

3266 kB
Transfer

9134 kB
Size

13
Cookies

95 HTTP transactions
2 data transactions