poppyplaytime.angryuser.help Open in urlscan Pro
2a02:4780:25:4f5a:a2f7:2a58:b647:61a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://poppyplaytime.angryuser.help/
Effective URL:
https://poppyplaytime.angryuser.help/
Submission: On March 02 via api (March 2nd 2024, 12:55:48 am UTC) from US — Scanned from FR

Summary HTTP 55 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 12 domains to perform 55 HTTP transactions. The main IP is 2a02:4780:25:4f5a:a2f7:2a58:b647:61a, located in Manchester, United Kingdom and belongs to AS-HOSTINGER, CY. The main domain is poppyplaytime.angryuser.help.
TLS certificate: Issued by R3 on February 5th 2024. Valid for: 3 months.

This is the only time poppyplaytime.angryuser.help was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	2a02:4780:25:... 2a02:4780:25:4f5a:a2f7:2a58:b647:61a	47583 (AS-HOSTINGER) (AS-HOSTINGER)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
55	17

18 2a02:4780:25:4f5a:a2f7:2a58:b647:61a (Manchester, United Kingdom) 1 redirects

ASN47583 (AS-HOSTINGER, CY)

poppyplaytime.angryuser.help	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	angryuser.help 1 redirects poppyplaytime.angryuser.help	616 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	278 KB
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 66	1010 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30 jnn-pa.googleapis.com — Cisco Umbrella Rank: 218	47 KB
4	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 647 www.google.com — Cisco Umbrella Rank: 2	142 KB
4	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 static.doubleclick.net — Cisco Umbrella Rank: 259	5 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104	189 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 46	10 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 231	5 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 89	117 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2089	263 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	94 KB
55	12

	Domain	Requested by
18	poppyplaytime.angryuser.help	1 redirects poppyplaytime.angryuser.help
8	fonts.gstatic.com	fonts.googleapis.com www.youtube.com poppyplaytime.angryuser.help
8	www.youtube.com	poppyplaytime.angryuser.help www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
3	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
3	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.youtube.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	pagead2.googlesyndication.com	poppyplaytime.angryuser.help pagead2.googlesyndication.com
2	fonts.googleapis.com	poppyplaytime.angryuser.help
1	lh3.googleusercontent.com	poppyplaytime.angryuser.help
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	poppyplaytime.angryuser.help
55	16

This site contains links to these domains. Also see Links.

Domain
fridaynightfunkin.angryuser.help
gacha.angryuser.help
palworld.gamehub.plus

Subject Issuer	Validity	Valid
poppyplaytime.angryuser.help R3	`2024-02-05` - `2024-05-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://poppyplaytime.angryuser.help/
Frame ID: 2FBA6239138B9B423B1713D3DECDA087
Requests: 34 HTTP requests in this frame

Frame: https://www.youtube.com/embed/xMQm8ubM-Cw?feature=oembed
Frame ID: ECA7C77FA65935C2A909687F18495409
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/zrt_lookup_nohtml_fy2021.html
Frame ID: 0F53C1E636FBE3F1213B634AD630FF97
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Poppy Playtime Game

Page URL History Show full URLs

http://poppyplaytime.angryuser.help/ HTTP 301
https://poppyplaytime.angryuser.help/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

55
Requests

98 %
HTTPS

100 %
IPv6

12
Domains

16
Subdomains

17
IPs

3
Countries

2513 kB
Transfer

6532 kB
Size

5
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://fridaynightfunkin.angryuser.help/en/
Title: Friday Night Funkin’

Search URL Search Domain Scan URL

URL: https://gacha.angryuser.help/en/
Title: Gacha Mods

Search URL Search Domain Scan URL

URL: https://palworld.gamehub.plus/
Title: Palworld Mods

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://poppyplaytime.angryuser.help/ HTTP 301
https://poppyplaytime.angryuser.help/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

55 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
poppyplaytime.angryuser.help/
Redirect Chain

http://poppyplaytime.angryuser.help/
https://poppyplaytime.angryuser.help/

37 KB
11 KB

447ms
379ms

Document
text/html

2a02:4780:25:4f5a:a2f7:2a58:b647:61a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://poppyplaytime.angryuser.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:25:4f5a:a2f7:2a58:b647:61a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn / PHP/7.4.33

Resource Hash

81e71e5b1d64fc64cc6fc6856555a5218054084afa73f923d2d5880d832f5257

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sat, 02 Mar 2024 00:55:43 GMT
platform: hostinger
server: hcdn
x-hcdn-cache-status: DYNAMIC
x-hcdn-request-id: d74f2caf61e083900ba8457c3bcf848a-fast-edge1
x-hcdn-upstream-rt: 0.345
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

Redirect headers

Connection: keep-alive
Content-Length: 795
Content-Type: text/html
Date: Sat, 02 Mar 2024 00:55:42 GMT
Server: hcdn
alt-svc: h3=":443"; ma=86400
content-security-policy: upgrade-insecure-requests
location: https://poppyplaytime.angryuser.help/
platform: hostinger
x-hcdn-cache-status: MISS
x-hcdn-request-id: 3927716ec699d3488fe3ecc784e6efa7-fast-edge3
x-hcdn-upstream-rt: 0.037
x-turbo-charged-by: LiteSpeed

GET
H2 200 style.min.css
poppyplaytime.angryuser.help/wp-includes/css/dist/block-library/ 108 KB
13 KB 84ms
84ms Stylesheet
text/css 2a02:4780:25:4f5a:a2f7:2a58:b647:61a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://poppyplaytime.angryuser.help/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: poppyplaytime.angryuser.help
URL: https://poppyplaytime.angryuser.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:25:4f5a:a2f7:2a58:b647:61a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://poppyplaytime.angryuser.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 00:55:43 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 13323
x-hcdn-cache-status: MISS
last-modified: Wed, 31 Jan 2024 14:09:14 GMT
server: hcdn
etag: "1ae43-65ba548a-5d573cb48fc26375;br"
x-hcdn-request-id: 300bb6b88e1c4cc00ec9c96afbad3b29-fast-edge1
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.056
accept-ranges: bytes
platform: hostinger
expires: Sat, 09 Mar 2024 00:55:43 GMT

GET
H2 200 kk-star-ratings.min.css
poppyplaytime.angryuser.help/wp-content/plugins/kk-star-ratings/src/core/public/css/ 2 KB
909 B 82ms
81ms Stylesheet
text/css 2a02:4780:25:4f5a:a2f7:2a58:b647:61a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://poppyplaytime.angryuser.help/wp-content/plugins/kk-star-ratings/src/core/public/css/kk-star-ratings.min.css

Requested by

Host: poppyplaytime.angryuser.help
URL: https://poppyplaytime.angryuser.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:25:4f5a:a2f7:2a58:b647:61a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

1cd6396792d7bfdd898dcb9f2ee195387179b30fb4cc2cdc0c57575fab655230

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://poppyplaytime.angryuser.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 00:55:43 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 503
x-hcdn-cache-status: MISS
last-modified: Fri, 02 Feb 2024 18:30:14 GMT
server: hcdn
etag: "8d3-65bd34b6-27cca2e63e4d4bde;br"
x-hcdn-request-id: 4ce4cb678618e369ca872e9de74d8d4d-fast-edge1
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.053
accept-ranges: bytes
platform: hostinger
expires: Sat, 09 Mar 2024 00:55:43 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 95ms
35ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap

Requested by

Host: poppyplaytime.angryuser.help
URL: https://poppyplaytime.angryuser.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a43b52551128afc75d151d3601470850d85aabd4ce7275a7fb6ba59a39231ebc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://poppyplaytime.angryuser.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Mar 2024 00:55:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Mar 2024 23:56:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Mar 2024 00:55:43 GMT

GET
H2 200 style.min.css
poppyplaytime.angryuser.help/wp-content/themes/root/assets/css/ 163 KB
30 KB 82ms
82ms Stylesheet
text/css 2a02:4780:25:4f5a:a2f7:2a58:b647:61a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://poppyplaytime.angryuser.help/wp-content/themes/root/assets/css/style.min.css

Requested by

Host: poppyplaytime.angryuser.help
URL: https://poppyplaytime.angryuser.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:25:4f5a:a2f7:2a58:b647:61a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

4dfe805ab2bed8d37971273a380cba262da43634048d8741a032015eb256c201

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://poppyplaytime.angryuser.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 00:55:43 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 30670
x-hcdn-cache-status: MISS
last-modified: Fri, 24 Nov 2023 08:46:59 GMT
server: hcdn
etag: "28a9a-65606303-30910b2b67dc59eb;br"
x-hcdn-request-id: a20036f1f0442bd6586e829527305565-fast-edge1
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.058
accept-ranges: bytes
platform: hostinger
expires: Sat, 09 Mar 2024 00:55:43 GMT

GET
H2 200 style.css
poppyplaytime.angryuser.help/wp-content/themes/root_child/ 278 B
589 B 82ms
81ms Stylesheet
text/css 2a02:4780:25:4f5a:a2f7:2a58:b647:61a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://poppyplaytime.angryuser.help/wp-content/themes/root_child/style.css

Requested by

Host: poppyplaytime.angryuser.help
URL: https://poppyplaytime.angryuser.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:25:4f5a:a2f7:2a58:b647:61a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

53cb486a3f6a61535fd7bb4fa01a15a1b1154f18e5f14ce32950ec257bc66aba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://poppyplaytime.angryuser.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 00:55:43 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-hcdn-cache-status: MISS
last-modified: Fri, 10 Jun 2022 10:30:30 GMT
server: hcdn
etag: W/"116-62a31d46-6c9deaffa8cd3d7c;;;"
vary: Accept-Encoding
x-hcdn-request-id: 71c673e98fc1d94bd3debc38693c48e8-fast-edge1
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.053
platform: hostinger
expires: Sat, 09 Mar 2024 00:55:43 GMT

GET
H2 200 jquery.min.js Show response
poppyplaytime.angryuser.help/wp-includes/js/jquery/ 86 KB
29 KB 91ms
91ms Script
application/x-javascript 2a02:4780:25:4f5a:a2f7:2a58:b647:61a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://poppyplaytime.angryuser.help/wp-includes/js/jquery/jquery.min.js

Requested by

Host: poppyplaytime.angryuser.help
URL: https://poppyplaytime.angryuser.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:25:4f5a:a2f7:2a58:b647:61a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://poppyplaytime.angryuser.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 00:55:43 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 29531
x-hcdn-cache-status: MISS
last-modified: Tue, 07 Nov 2023 20:39:58 GMT
server: hcdn
etag: "15601-654aa09e-d1e0a761628c12a;br"
x-hcdn-request-id: b6661f342664920a7c6c2357edb7ffcd-fast-edge1
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.066
accept-ranges: bytes
platform: hostinger
expires: Sat, 09 Mar 2024 00:55:43 GMT

GET
H2 200 style.css
poppyplaytime.angryuser.help/wp-topfile/ 2 KB
1018 B 91ms
90ms Stylesheet
text/css 2a02:4780:25:4f5a:a2f7:2a58:b647:61a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://poppyplaytime.angryuser.help/wp-topfile/style.css

Requested by

Host: poppyplaytime.angryuser.help
URL: https://poppyplaytime.angryuser.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:25:4f5a:a2f7:2a58:b647:61a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

7c8718e5f84983e848c40576b457d1be4950260c4321525bf6f1a49044ea4851

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://poppyplaytime.angryuser.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 00:55:43 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 613
x-hcdn-cache-status: MISS
last-modified: Wed, 15 Jun 2022 07:45:55 GMT
server: hcdn
etag: "8e2-62a98e33-87279f4ee429c8b0;br"
x-hcdn-request-id: 9e9f00a8f31a77b87c32f5e98cc1dc8f-fast-edge1
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.065
accept-ranges: bytes
platform: hostinger
expires: Sat, 09 Mar 2024 00:55:43 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
51 KB 107ms
48ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5534106068881534

Requested by

Host: poppyplaytime.angryuser.help
URL: https://poppyplaytime.angryuser.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

956f8ef8bee50e829d0b1797e7466917efd4a8ef8cb0ba522321d0065f3c7c22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://poppyplaytime.angryuser.help/
Origin: https://poppyplaytime.angryuser.help
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 00:55:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51803
x-xss-protection: 0
server: cafe
etag: 579881681909282339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 02 Mar 2024 00:55:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 281 KB
94 KB 103ms
45ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZLTJKBL74S

Requested by

Host: poppyplaytime.angryuser.help
URL: https://poppyplaytime.angryuser.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ddcec65105abe17e609504d2071a59c4a9ce2512ce971a079aa3ccd4fe5e3238

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://poppyplaytime.angryuser.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 00:55:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96048
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 02 Mar 2024 00:55:43 GMT

GET
H2 200 fontawesome-webfont.ttf
poppyplaytime.angryuser.help/wp-content/themes/root/fonts/ 162 KB
94 KB 123ms
123ms Font
application/x-font-ttf 2a02:4780:25:4f5a:a2f7:2a58:b647:61a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://poppyplaytime.angryuser.help/wp-content/themes/root/fonts/fontawesome-webfont.ttf

Requested by

Host: poppyplaytime.angryuser.help
URL: https://poppyplaytime.angryuser.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:25:4f5a:a2f7:2a58:b647:61a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://poppyplaytime.angryuser.help/
Origin: https://poppyplaytime.angryuser.help
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 00:55:43 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 95483
x-hcdn-cache-status: MISS
last-modified: Fri, 24 Nov 2023 08:46:59 GMT
server: hcdn
etag: "286ac-65606303-3857a06e1bc36712;br"
x-hcdn-request-id: f1363eb65b0f64b432da3aa3b9403f3a-fast-edge1
content-type: application/x-font-ttf
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.068
accept-ranges: bytes
platform: hostinger
expires: Sat, 09 Mar 2024 00:55:43 GMT

GET
H2 200 poppy_playtime_logo.png
poppyplaytime.angryuser.help/wp-content/uploads/2022/06/ 43 KB
44 KB 188ms
188ms Image
image/webp 2a02:4780:25:4f5a:a2f7:2a58:b647:61a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://poppyplaytime.angryuser.help/wp-content/uploads/2022/06/poppy_playtime_logo.png
Requested by: Host: poppyplaytime.angryuser.help
URL: https://poppyplaytime.angryuser.help/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:4780:25:4f5a:a2f7:2a58:b647:61a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: f5a262e40ad35d2b22bad1e7ea52c5c475720e2ce90b5f339ea7dd4cb64b9949

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://poppyplaytime.angryuser.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 00:55:43 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: 5d5c56fbfaf6cda21fdca7182515e42f-fast-edge1
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.141
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 44490

GET
H2 200 hm-image-1536x570-1-1024x380.webp
poppyplaytime.angryuser.help/wp-content/uploads/2022/06/ 32 KB
32 KB 123ms
123ms Image
image/webp 2a02:4780:25:4f5a:a2f7:2a58:b647:61a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://poppyplaytime.angryuser.help/wp-content/uploads/2022/06/hm-image-1536x570-1-1024x380.webp

Requested by

Host: poppyplaytime.angryuser.help
URL: https://poppyplaytime.angryuser.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:25:4f5a:a2f7:2a58:b647:61a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

42eebe39e973663d779894a63cd1c2d26e7f5062fdab034f97275e1c338b60fc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://poppyplaytime.angryuser.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 00:55:43 GMT
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 32716
x-hcdn-cache-status: MISS
last-modified: Wed, 22 Jun 2022 10:33:48 GMT
server: hcdn
etag: "7fcc-62b2f00c-d56404decc210f50;;;"
x-hcdn-request-id: a627faa437dd606fff740c14e96c452f-fast-edge1
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.068
accept-ranges: bytes
platform: hostinger
expires: Sat, 09 Mar 2024 00:55:43 GMT

GET
H2 200 friday-night-funkin.webp
poppyplaytime.angryuser.help/wp-content/uploads/2022/06/ 190 KB
190 KB 91ms
90ms Image
image/webp 2a02:4780:25:4f5a:a2f7:2a58:b647:61a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://poppyplaytime.angryuser.help/wp-content/uploads/2022/06/friday-night-funkin.webp

Requested by

Host: poppyplaytime.angryuser.help
URL: https://poppyplaytime.angryuser.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:25:4f5a:a2f7:2a58:b647:61a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

008724de1d489948f52a8dca6ce07b141e978f8fb64f81d87a07023002f9e2c8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://poppyplaytime.angryuser.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 00:55:43 GMT
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 194412
x-hcdn-cache-status: MISS
last-modified: Tue, 21 Jun 2022 19:56:32 GMT
server: hcdn
etag: "2f76c-62b22270-435805335b5fa3;;;"
x-hcdn-request-id: 3faf7f164ebe2bfc9ac4d2b6b155f3ba-fast-edge1
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.064
accept-ranges: bytes
platform: hostinger
expires: Sat, 09 Mar 2024 00:55:43 GMT

GET
H3 200 kk-star-ratings.min.js Show response
poppyplaytime.angryuser.help/wp-content/plugins/kk-star-ratings/src/core/public/js/ 1 KB
1 KB 26ms
25ms Script
application/x-javascript 2a02:4780:25:4f5a:a2f7:2a58:b647:61a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://poppyplaytime.angryuser.help/wp-content/plugins/kk-star-ratings/src/core/public/js/kk-star-ratings.min.js

Requested by

Host: poppyplaytime.angryuser.help
URL: https://poppyplaytime.angryuser.help/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:25:4f5a:a2f7:2a58:b647:61a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

acdebf935ded5cb063dcca7c46be5bbc503af5e76e295f6d0b7093c4514ed256

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://poppyplaytime.angryuser.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 00:55:43 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 41476
alt-svc: h3=":443"; ma=86400
content-length: 631
x-hcdn-cache-status: HIT
last-modified: Fri, 02 Feb 2024 18:30:14 GMT
server: hcdn
etag: "54f-65bd34b6-f74315ba9ed63c07;br"
x-hcdn-request-id: d204bc88a5d749ad12f688885624d3f3-fast-edge3
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Fri, 08 Mar 2024 13:24:27 GMT

GET
H3 200 lightbox.min.js Show response
poppyplaytime.angryuser.help/wp-content/themes/root/assets/js/plugins/ 2 KB
941 B 27ms
26ms Script
application/x-javascript 2a02:4780:25:4f5a:a2f7:2a58:b647:61a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://poppyplaytime.angryuser.help/wp-content/themes/root/assets/js/plugins/lightbox.min.js

Requested by

Host: poppyplaytime.angryuser.help
URL: https://poppyplaytime.angryuser.help/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:25:4f5a:a2f7:2a58:b647:61a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

fbf413da8be4e1bf8fb4cb0f4e7d667ff0b7fe2bfeaca31d91205520a5111cad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://poppyplaytime.angryuser.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 00:55:43 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 41476
alt-svc: h3=":443"; ma=86400
content-length: 549
x-hcdn-cache-status: HIT
last-modified: Fri, 24 Nov 2023 08:46:59 GMT
server: hcdn
etag: "616-65606303-4f5dc8205bd5e63d;br"
x-hcdn-request-id: c042aed9c770ac70917f1991d4a5cb9c-fast-edge3
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Fri, 08 Mar 2024 13:24:27 GMT

GET
H3 200 scripts.min.js Show response
poppyplaytime.angryuser.help/wp-content/themes/root/assets/js/ 7 KB
3 KB 28ms
27ms Script
application/x-javascript 2a02:4780:25:4f5a:a2f7:2a58:b647:61a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://poppyplaytime.angryuser.help/wp-content/themes/root/assets/js/scripts.min.js

Requested by

Host: poppyplaytime.angryuser.help
URL: https://poppyplaytime.angryuser.help/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:25:4f5a:a2f7:2a58:b647:61a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

68babdfc4950d6f622a966498dbe69a5d2c99665f0388af533848f4f7c165cb4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://poppyplaytime.angryuser.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 00:55:43 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 41476
alt-svc: h3=":443"; ma=86400
content-length: 2451
x-hcdn-cache-status: HIT
last-modified: Fri, 24 Nov 2023 08:46:59 GMT
server: hcdn
etag: "1d5e-65606303-f29c850c9cfe3838;br"
x-hcdn-request-id: fac4ec98e87b957b7c6e8d56428b70b7-fast-edge3
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Fri, 08 Mar 2024 13:24:27 GMT

GET
H2 200 xMQm8ubM-Cw Show response
www.youtube.com/embed/ Frame ECA7 91 KB
39 KB 165ms
106ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/xMQm8ubM-Cw?feature=oembed

Requested by

Host: poppyplaytime.angryuser.help
URL: https://poppyplaytime.angryuser.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

870872c5c16008754b8da0309778c75664edea5ba22a0a9540825e69ac4a2836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://poppyplaytime.angryuser.help/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Mar 2024 00:55:43 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=fr for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bg.jpg
poppyplaytime.angryuser.help/wp-content/uploads/2022/06/ 70 KB
71 KB 396ms
396ms Image
image/webp 2a02:4780:25:4f5a:a2f7:2a58:b647:61a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://poppyplaytime.angryuser.help/wp-content/uploads/2022/06/bg.jpg
Requested by: Host: poppyplaytime.angryuser.help
URL: https://poppyplaytime.angryuser.help/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a02:4780:25:4f5a:a2f7:2a58:b647:61a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: e40cd2fac3dc783ca89150548bdc20a895ef090d492efec6a0b5f38761bad2e2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://poppyplaytime.angryuser.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 00:55:43 GMT
x-hcdn-cache-status: EXPIRED
server: hcdn
x-hcdn-request-id: ebe1d7d3a0aa201f7d0ea0f2c0e60885-fast-edge3
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.366
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 71980

GET
H3 200 header-bg.jpg
poppyplaytime.angryuser.help/wp-content/uploads/2022/06/ 18 KB
18 KB 212ms
212ms Image
image/webp 2a02:4780:25:4f5a:a2f7:2a58:b647:61a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://poppyplaytime.angryuser.help/wp-content/uploads/2022/06/header-bg.jpg
Requested by: Host: poppyplaytime.angryuser.help
URL: https://poppyplaytime.angryuser.help/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a02:4780:25:4f5a:a2f7:2a58:b647:61a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: a0abe7e9152e4dd7444780ebb12cb4c075514f1376decc5aa531d4f9494b9c27

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://poppyplaytime.angryuser.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 00:55:43 GMT
x-hcdn-cache-status: EXPIRED
server: hcdn
x-hcdn-request-id: 409632c6b645f291e8c3034d1cca608d-fast-edge3
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.182
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 18060

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1ac53e44767e808ff66b3ce88ebed0049f3d9cba0d1af7554c94bfe0b29b85b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 84ms
25ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://poppyplaytime.angryuser.help
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:53:04 GMT
x-content-type-options: nosniff
age: 316959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 08:53:04 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 89ms
32ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://poppyplaytime.angryuser.help
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:48:53 GMT
x-content-type-options: nosniff
age: 317210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 08:48:53 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 111ms
54ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://poppyplaytime.angryuser.help
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:59:49 GMT
x-content-type-options: nosniff
age: 316554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 08:59:49 GMT

GET
H3 200 fontawesome-webfont.woff2
poppyplaytime.angryuser.help/wp-content/themes/root/fonts/ 75 KB
76 KB 26ms
26ms Font
font/woff2 2a02:4780:25:4f5a:a2f7:2a58:b647:61a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://poppyplaytime.angryuser.help/wp-content/themes/root/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: poppyplaytime.angryuser.help
URL: https://poppyplaytime.angryuser.help/wp-content/themes/root/assets/css/style.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:25:4f5a:a2f7:2a58:b647:61a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://poppyplaytime.angryuser.help/wp-content/themes/root/assets/css/style.min.css
Origin: https://poppyplaytime.angryuser.help
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 00:55:43 GMT
content-security-policy: upgrade-insecure-requests
age: 46007
alt-svc: h3=":443"; ma=86400
content-length: 77160
x-hcdn-cache-status: HIT
last-modified: Fri, 24 Nov 2023 08:46:59 GMT
server: hcdn
etag: "12d68-65606303-9af1df3fa7ee1303;;;"
x-hcdn-request-id: 5f4a1d32be96743c16307446b0c024e3-fast-edge3
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Fri, 08 Mar 2024 12:08:56 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 110ms
63ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://poppyplaytime.angryuser.help
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:46:27 GMT
x-content-type-options: nosniff
age: 317356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 08:46:27 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/ 407 KB
138 KB 112ms
59ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5534106068881534&plah=poppyplaytime.angryuser.help&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5534106068881534

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84b1ef4ec7f00ff5bfda50847452735f8ddf4279cc58529f39802c6452a938a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://poppyplaytime.angryuser.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 00:55:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140962
x-xss-protection: 0
server: cafe
etag: 9201046418525460733
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 00:55:43 GMT

GET
H2 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/ Frame 0F53 9 KB
4 KB 84ms
25ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/zrt_lookup_nohtml_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5534106068881534

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://poppyplaytime.angryuser.help/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 22065
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 18:47:58 GMT
etag: 5035419970550746386
expires: Fri, 15 Mar 2024 18:47:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 www-player.css
www.youtube.com/s/player/31eb286a/ Frame ECA7 366 KB
47 KB 26ms
25ms Stylesheet
text/css 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31eb286a/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xMQm8ubM-Cw?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af92e92bdd6eb796c55b3aab8839b33b92fd40828d2a59359c81d979e55c98c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/xMQm8ubM-Cw?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 00:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1018
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47553
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 05:18:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 02 Mar 2025 00:38:45 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame ECA7 15 KB
15 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xMQm8ubM-Cw?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:49:09 GMT
x-content-type-options: nosniff
age: 317194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 08:49:09 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame ECA7 15 KB
15 KB 30ms
30ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xMQm8ubM-Cw?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:11:37 GMT
x-content-type-options: nosniff
age: 315846
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 09:11:37 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/31eb286a/player_ias.vflset/fr_FR/ Frame ECA7 54 KB
17 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31eb286a/player_ias.vflset/fr_FR/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xMQm8ubM-Cw?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2aef7e90e9a2b67ed2ea1c6a1490ab31fdb7d23a7a848351178cf7a249745506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/xMQm8ubM-Cw?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 08:34:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 231677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16858
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 05:18:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Feb 2025 08:34:26 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/31eb286a/www-embed-player.vflset/ Frame ECA7 319 KB
95 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31eb286a/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xMQm8ubM-Cw?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e17e6c412d2159ad058eea653b9286f8617781dd517dd07b2171d669c8c7075a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/xMQm8ubM-Cw?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 22:33:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8547
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97346
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 05:18:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 01 Mar 2025 22:33:16 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/31eb286a/player_ias.vflset/fr_FR/ Frame ECA7 2 MB
779 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31eb286a/player_ias.vflset/fr_FR/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xMQm8ubM-Cw?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da34e50910889df6447e4db1d3821327234c11167a1355c6dae56ff7e9f38abd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/xMQm8ubM-Cw?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 08:34:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 797018
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 05:18:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Feb 2025 08:34:26 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
263 B 73ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ZLTJKBL74S&gtm=45je42t1v9137268069za200&_p=1709340943392&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=266170416.1709340944&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709340943&sct=1&seg=0&dl=https%3A%2F%2Fpoppyplaytime.angryuser.help%2F&dt=Poppy%20Playtime%20Game&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=990
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZLTJKBL74S
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://poppyplaytime.angryuser.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 00:55:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://poppyplaytime.angryuser.help
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca-pub-5534106068881534 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 142ms
57ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-5534106068881534?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5534106068881534&plah=poppyplaytime.angryuser.help&aplac=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

53c8fea8d47ab7d74f324f397b4ac7d9415b91d6b9a552a3d6bc7ae8d3a53a55

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-X-NT6Ji_7R6e2z2ypJ2jqA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://poppyplaytime.angryuser.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 00:55:43 GMT
content-security-policy: script-src 'report-sample' 'nonce-X-NT6Ji_7R6e2z2ypJ2jqA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStHikmII0JBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykonn60smCSDWAOIdPh4sfOums6oAse766ayhQBzzfDprChA7pc9gDQJin_oZrDFALMTD0f-pcz2bwIFlLYuYAQLQLRQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame ECA7
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

34ms
34ms

XHR
application/json

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xMQm8ubM-Cw?feature=oembed

Protocol

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db7a3b54d1c986b2950dc30b5ec743d19363983a5c9f218afff89a8613bc0e40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 00:55:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 02 Mar 2024 00:55:43 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame ECA7 29 B
494 B 85ms
26ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 00:48:41 GMT
x-content-type-options: nosniff
age: 422
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Mar 2024 01:03:41 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 98ms
33ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 02 Mar 2024 00:55:43 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame ECA7 87 KB
40 KB 42ms
41ms XHR
application/json+protobuf 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/player_ias.vflset/fr_FR/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a76cc1e7757b66e593c67f598824effea5f1c2ad511d29d6a49e1ada3e4c7e5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 02 Mar 2024 00:55:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40837
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/31eb286a/player_ias.vflset/fr_FR/ Frame ECA7 118 KB
33 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31eb286a/player_ias.vflset/fr_FR/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a3601d494cc044b3e00e6e753b9e19534d338a2a0652581e75916f71a0b795c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/xMQm8ubM-Cw?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 08:34:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 231676
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34000
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 05:18:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Feb 2025 08:34:27 GMT

GET
H2 200 QIgJXlTW_ocH5BKR4VvT459F7KnrK51w4wqraUAmDYI.js Show response
www.google.com/js/th/ Frame ECA7 51 KB
20 KB 91ms
28ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/QIgJXlTW_ocH5BKR4VvT459F7KnrK51w4wqraUAmDYI.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/player_ias.vflset/fr_FR/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4088095e54d6fe8707e41291e15bd3e39f45eca9eb2b9d70e30aab6940260d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 10:05:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19860
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Mar 2025 10:05:01 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/xMQm8ubM-Cw/ Frame ECA7 116 KB
117 KB 103ms
39ms Image
image/jpeg 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/xMQm8ubM-Cw/maxresdefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xMQm8ubM-Cw?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f3d0d9ddd2484efc11927cfaf0f264caf4258c18efa85ad2eb50e3f78a4644c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 00:55:43 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119226
x-xss-protection: 0
server: sffe
etag: "1630509540"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 02 Mar 2024 02:55:43 GMT

GET
DATA 200
OK truncated
/ Frame ECA7 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 3sNL6ThBhi6vYLGVBDeVT8DU5_Wuhl7IcQSwvUpA4IATW7T_weakNsLHMlwr3ZENWDQ_itgtSw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame ECA7 5 KB
5 KB 85ms
25ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/3sNL6ThBhi6vYLGVBDeVT8DU5_Wuhl7IcQSwvUpA4IATW7T_weakNsLHMlwr3ZENWDQ_itgtSw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xMQm8ubM-Cw?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5753dc385b1abad287a9ac45bfe21db5f86e6663e74413a9c2f13f2f02727947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 21:39:33 GMT
x-content-type-options: nosniff
age: 11770
cross-origin-resource-policy: cross-origin
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5108
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 02 Mar 2024 21:39:33 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame ECA7 4 KB
2 KB 142ms
83ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/player_ias.vflset/fr_FR/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 00:55:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 02 Mar 2024 00:55:43 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame ECA7 0
10 B 27ms
27ms Image
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?I_aARg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/xMQm8ubM-Cw?feature=oembed
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/xMQm8ubM-Cw?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 00:55:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 AGSKWxU_rIDbtRL0rjRcInr6Yn1NQL61yQ6URmt8lDGkI_YjsPUOysdmRF4vByxNIqIyA6nWzKIvYeqZV_fPlfn92KfiP91Ifl7r_yQXeFtttMgPkWl2Aqa_KlV7xzZ_NdjTJBhYv9zjEQ== Show response
fundingchoicesmessages.google.com/f/ 411 KB
61 KB 112ms
111ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU_rIDbtRL0rjRcInr6Yn1NQL61yQ6URmt8lDGkI_YjsPUOysdmRF4vByxNIqIyA6nWzKIvYeqZV_fPlfn92KfiP91Ifl7r_yQXeFtttMgPkWl2Aqa_KlV7xzZ_NdjTJBhYv9zjEQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5MzQwOTQzLDk3NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9wb3BweXBsYXl0aW1lLmFuZ3J5dXNlci5oZWxwLyIsbnVsbCxbWzgsInZ6ck52SFEtY3lvIl0sWzksImZyIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIxIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.fr.vzrNvHQ-cyo.es5.O/am=wA/d=1/rs=AJlcJMypEaZ6DbYsICxM9k_YvMEAzYhnSA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0bbc8c271d21cb8dc2ec0a733fd40b7546307118ec9227dd83b358c06300031

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-BC1oS7NBUCNQ9NVui725KQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://poppyplaytime.angryuser.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 00:55:44 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-BC1oS7NBUCNQ9NVui725KQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmLw05BiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykonn60smCSDWAOIdPh4sfOums6oAse766ayhQBzzfDprChA7pc9gDQJin_oZrDFALMTNMeFT53o2gR0vWuUB1PYsxw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 33ms
33ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 02 Mar 2024 00:55:44 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame ECA7 90 B
134 B 36ms
36ms XHR
application/json+protobuf 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4df4dd1182dbf4d417585b8b92468c4b6da94f623ac4a54b06771109dc002ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 02 Mar 2024 00:55:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/122/ Frame ECA7 50 KB
15 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/122/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

765a638d2813ec1b917fc56cf90863f88991ef2550c1a14c99e9e9b243e80f74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 01:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14711
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 16:03:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 02 Mar 2024 01:16:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 107 KB
6 KB 41ms
40ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.fr.vzrNvHQ-cyo.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwpu8RFWuKXpyT36h-7cIdVlxQAWg/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d887816ae8b346d63ebc061959c1b52232e29a7f0f7b72a28a8a89db6f163348

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://poppyplaytime.angryuser.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Mar 2024 00:55:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Mar 2024 00:55:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Mar 2024 00:55:44 GMT

GET
H2 200 nQ640eq0wHvNj1Y95rltss_PGiMOUWwxCmgJHHFqR0b3Z03vu0srxez8VNmRV_RvRAVg0-BpQW-iUgEcdJzHYN3PcBExRC7mJp4RvPCBds6i2rvHl_4=h60
lh3.googleusercontent.com/ 10 KB
10 KB 112ms
38ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/nQ640eq0wHvNj1Y95rltss_PGiMOUWwxCmgJHHFqR0b3Z03vu0srxez8VNmRV_RvRAVg0-BpQW-iUgEcdJzHYN3PcBExRC7mJp4RvPCBds6i2rvHl_4=h60

Requested by

Host: poppyplaytime.angryuser.help
URL: https://poppyplaytime.angryuser.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6d59e7160b953c872a28ff6dfc3f210881ec6122775e5b5e6be851f2f8df8991

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://poppyplaytime.angryuser.help/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 00:55:44 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9751
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 03 Mar 2024 00:55:44 GMT

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
125 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: poppyplaytime.angryuser.help
URL: https://poppyplaytime.angryuser.help/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://poppyplaytime.angryuser.help/
Origin: https://poppyplaytime.angryuser.help
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 05:34:50 GMT
x-content-type-options: nosniff
age: 242454
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Feb 2025 05:34:50 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 27ms
26ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: poppyplaytime.angryuser.help
URL: https://poppyplaytime.angryuser.help/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://poppyplaytime.angryuser.help/
Origin: https://poppyplaytime.angryuser.help
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 03:51:57 GMT
x-content-type-options: nosniff
age: 248627
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Feb 2025 03:51:57 GMT

POST
H3 204 AGSKWxXTjGIzZKY_bqpqqp6_OqGXnLqbWgkqsrdRL3HLNUBdp0XS1hGoD777Tfgp9pXq5NrP-9jdTkY6Ty-hbISfhufcQ3Sq6LHlBNZB1b1B7AXSjq37GpZJs-7g2aKnVTLdU0P1N71aOA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 95ms
38ms XHR
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXTjGIzZKY_bqpqqp6_OqGXnLqbWgkqsrdRL3HLNUBdp0XS1hGoD777Tfgp9pXq5NrP-9jdTkY6Ty-hbISfhufcQ3Sq6LHlBNZB1b1B7AXSjq37GpZJs-7g2aKnVTLdU0P1N71aOA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Hxe9BQ70OPBjz96XVQ9Z8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://poppyplaytime.angryuser.help/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 02 Mar 2024 00:55:44 GMT
content-security-policy: script-src 'report-sample' 'nonce-Hxe9BQ70OPBjz96XVQ9Z8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmII0JBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrAFALMTNMeFT53o2gYY9qzMAehMQ5Q"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://poppyplaytime.angryuser.help
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame ECA7 28 B
50 B 41ms
41ms XHR
application/json 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
X-Goog-Request-Time: 1709340946068
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/xMQm8ubM-Cw?feature=oembed
X-YouTube-Client-Version: 1.20240227.01.00
X-YouTube-Time-Zone: Europe/Paris
X-Goog-Visitor-Id: CgtuY25Ucmt2aTJIWSiP8omvBjIOCgJGUhIIEgQSAgsMIDM%3D
X-YouTube-Ad-Signals: dt=1709340943664&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C670%2C394&vis=1&wgl=true&ca_type=image

Response headers

date: Sat, 02 Mar 2024 00:55:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
poppyplaytime.angryuser.help/	1970-01-21 03:34:36	Name: pll_language Value: en
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: B5ATVPGyA3w
.youtube.com/	1970-01-20 23:08:12	Name: VISITOR_INFO1_LIVE Value: ncnTrkvi2HY
.angryuser.help/	1970-01-21 04:25:00	Name: _ga_ZLTJKBL74S Value: GS1.1.1709340943.1.0.1709340943.0.0.0
.angryuser.help/	1970-01-21 04:25:00	Name: _ga Value: GA1.1.266170416.1709340944

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://poppyplaytime.angryuser.help/(Line 5) Message: Unrecognized feature: 'web-share'.
other	warning	URL: https://poppyplaytime.angryuser.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poppyplaytime.angryuser.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poppyplaytime.angryuser.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poppyplaytime.angryuser.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poppyplaytime.angryuser.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poppyplaytime.angryuser.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poppyplaytime.angryuser.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poppyplaytime.angryuser.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poppyplaytime.angryuser.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poppyplaytime.angryuser.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poppyplaytime.angryuser.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poppyplaytime.angryuser.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poppyplaytime.angryuser.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poppyplaytime.angryuser.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poppyplaytime.angryuser.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poppyplaytime.angryuser.help/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
lh3.googleusercontent.com
pagead2.googlesyndication.com
poppyplaytime.angryuser.help
region1.google-analytics.com
static.doubleclick.net
www.google.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
2001:4860:4802:32::36
2a00:1450:4001:803::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2016
2a00:1450:4001:812::200e
2a00:1450:4001:813::200e
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2006
2a00:1450:4001:827::200a
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:831::2004
2a00:1450:4001:831::2008
2a02:4780:25:4f5a:a2f7:2a58:b647:61a
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
008724de1d489948f52a8dca6ce07b141e978f8fb64f81d87a07023002f9e2c8
1cd6396792d7bfdd898dcb9f2ee195387179b30fb4cc2cdc0c57575fab655230
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2aef7e90e9a2b67ed2ea1c6a1490ab31fdb7d23a7a848351178cf7a249745506
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4088095e54d6fe8707e41291e15bd3e39f45eca9eb2b9d70e30aab6940260d82
42eebe39e973663d779894a63cd1c2d26e7f5062fdab034f97275e1c338b60fc
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4df4dd1182dbf4d417585b8b92468c4b6da94f623ac4a54b06771109dc002ac6
4dfe805ab2bed8d37971273a380cba262da43634048d8741a032015eb256c201
53c8fea8d47ab7d74f324f397b4ac7d9415b91d6b9a552a3d6bc7ae8d3a53a55
53cb486a3f6a61535fd7bb4fa01a15a1b1154f18e5f14ce32950ec257bc66aba
5753dc385b1abad287a9ac45bfe21db5f86e6663e74413a9c2f13f2f02727947
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68babdfc4950d6f622a966498dbe69a5d2c99665f0388af533848f4f7c165cb4
6d59e7160b953c872a28ff6dfc3f210881ec6122775e5b5e6be851f2f8df8991
765a638d2813ec1b917fc56cf90863f88991ef2550c1a14c99e9e9b243e80f74
7c8718e5f84983e848c40576b457d1be4950260c4321525bf6f1a49044ea4851
81e71e5b1d64fc64cc6fc6856555a5218054084afa73f923d2d5880d832f5257
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
84b1ef4ec7f00ff5bfda50847452735f8ddf4279cc58529f39802c6452a938a3
870872c5c16008754b8da0309778c75664edea5ba22a0a9540825e69ac4a2836
956f8ef8bee50e829d0b1797e7466917efd4a8ef8cb0ba522321d0065f3c7c22
9a3601d494cc044b3e00e6e753b9e19534d338a2a0652581e75916f71a0b795c
9f3d0d9ddd2484efc11927cfaf0f264caf4258c18efa85ad2eb50e3f78a4644c
a0abe7e9152e4dd7444780ebb12cb4c075514f1376decc5aa531d4f9494b9c27
a43b52551128afc75d151d3601470850d85aabd4ce7275a7fb6ba59a39231ebc
a76cc1e7757b66e593c67f598824effea5f1c2ad511d29d6a49e1ada3e4c7e5d
aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8
acdebf935ded5cb063dcca7c46be5bbc503af5e76e295f6d0b7093c4514ed256
af92e92bdd6eb796c55b3aab8839b33b92fd40828d2a59359c81d979e55c98c4
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d0bbc8c271d21cb8dc2ec0a733fd40b7546307118ec9227dd83b358c06300031
d1ac53e44767e808ff66b3ce88ebed0049f3d9cba0d1af7554c94bfe0b29b85b
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d887816ae8b346d63ebc061959c1b52232e29a7f0f7b72a28a8a89db6f163348
da34e50910889df6447e4db1d3821327234c11167a1355c6dae56ff7e9f38abd
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
db7a3b54d1c986b2950dc30b5ec743d19363983a5c9f218afff89a8613bc0e40
ddcec65105abe17e609504d2071a59c4a9ce2512ce971a079aa3ccd4fe5e3238
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e17e6c412d2159ad058eea653b9286f8617781dd517dd07b2171d669c8c7075a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40cd2fac3dc783ca89150548bdc20a895ef090d492efec6a0b5f38761bad2e2
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f5a262e40ad35d2b22bad1e7ea52c5c475720e2ce90b5f339ea7dd4cb64b9949
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fbf413da8be4e1bf8fb4cb0f4e7d667ff0b7fe2bfeaca31d91205520a5111cad

poppyplaytime.angryuser.help Open in urlscan Pro 2a02:4780:25:4f5a:a2f7:2a58:b647:61a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

98 %HTTPS

100 %IPv6

12 Domains

16 Subdomains

17 IPs

3 Countries

2513 kBTransfer

6532 kBSize

5 Cookies

3 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

poppyplaytime.angryuser.help Open in urlscan Pro
2a02:4780:25:4f5a:a2f7:2a58:b647:61a Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

98 %
HTTPS

100 %
IPv6

12
Domains

16
Subdomains

17
IPs

3
Countries

2513 kB
Transfer

6532 kB
Size

5
Cookies

55 HTTP transactions
2 data transactions