plsdonate.net Open in urlscan Pro
198.187.29.148 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://plsdonate.net/
Submission Tags: https://phish.report @phish_report Search All
Submission: On May 07 via api (May 7th 2023, 9:23:04 pm UTC) from FI — Scanned from FI

Summary HTTP 47 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 17 domains to perform 47 HTTP transactions. The main IP is 198.187.29.148, located in United States and belongs to NAMECHEAP-NET, US. The main domain is plsdonate.net.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 17th 2023. Valid for: a year.

This is the only time plsdonate.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	198.187.29.148 198.187.29.148	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	76.76.21.21 76.76.21.21	16509 (AMAZON-02) (AMAZON-02)
5	162.19.58.158 162.19.58.158	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:806::2016	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:9::210:ee0e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
3	2606:4700::68... 2606:4700::6812:d63b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:249... 2600:9000:2491:c800:1c:8de0:8c80:21	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
47	21

5 198.187.29.148 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server128-1.web-hosting.com

plsdonate.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.76.21.21 (Walnut, United States)

ASN16509 (AMAZON-02, US)

hazem.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.19.58.158 (France)

ASN16276 (OVH, FR)
PTR: ns3096590.ip-162-19-58.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:9::210:ee0e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

images.rbxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2491:c800:1c:8de0:8c80:21 (United States)

ASN16509 (AMAZON-02, US)

d2punpeg7vtjci.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 77	2 MB
5	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 328 jnn-pa.googleapis.com — Cisco Umbrella Rank: 209	65 KB
5	ibb.co i.ibb.co — Cisco Umbrella Rank: 12438	3 MB
5	plsdonate.net plsdonate.net	111 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	48 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 static.doubleclick.net — Cisco Umbrella Rank: 245	1 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3525 onesignal.com — Cisco Umbrella Rank: 1305	73 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 200	33 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2587	297 B
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 95	97 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 225	4 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	15 KB
1	cloudfront.net d2punpeg7vtjci.cloudfront.net	6 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 708	30 KB
1	rbxcdn.com images.rbxcdn.com — Cisco Umbrella Rank: 19879	10 KB
1	hazem.gg hazem.gg	25 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	83 KB
47	17

	Domain	Requested by
9	www.youtube.com	plsdonate.net www.youtube.com
5	i.ibb.co	plsdonate.net
5	plsdonate.net	plsdonate.net
4	jnn-pa.googleapis.com	www.youtube.com
3	cdnjs.cloudflare.com	plsdonate.net
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	fonts.gstatic.com	www.youtube.com
2	region1.google-analytics.com	www.googletagmanager.com
2	cdn.onesignal.com	plsdonate.net cdn.onesignal.com
2	i.ytimg.com	plsdonate.net www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	onesignal.com	cdn.onesignal.com
1	d2punpeg7vtjci.cloudfront.net	cdnjs.cloudflare.com
1	code.jquery.com	plsdonate.net
1	ajax.googleapis.com	plsdonate.net
1	images.rbxcdn.com	plsdonate.net
1	hazem.gg	plsdonate.net
1	www.googletagmanager.com	plsdonate.net
47	21

This site contains links to these domains. Also see Links.

Domain
d1bkis4ydqgspg.cloudfront.net
d1ph51qsmnjpvt.cloudfront.net
d8xv5ds0z1009.cloudfront.net
dovrphu8b0md6.cloudfront.net

Subject Issuer	Validity	Valid
plsdonate.net Sectigo RSA Domain Validation Secure Server CA	`2023-04-17` - `2024-04-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
hazem.gg R3	`2023-04-21` - `2023-07-20`	3 months	crt.sh
i.ibb.co R3	`2023-04-11` - `2023-07-10`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.rbxcdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-06` - `2024-04-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://plsdonate.net/
Frame ID: DFDD8F210D96AACBA91C6A52B852A09B
Requests: 25 HTTP requests in this frame

Frame: https://www.youtube.com/embed/fy_ZI71Jv-E
Frame ID: 9450E1C4E7D53AEE33AD5194202DE607
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

How to Get Free Robux | Get 800 Robux Code

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

98 %
HTTPS

85 %
IPv6

17
Domains

21
Subdomains

21
IPs

4
Countries

6566 kB
Transfer

8272 kB
Size

5
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://d1bkis4ydqgspg.cloudfront.net/public/dynamo/feedClick.php?offer_id=53344805&offer_position=1&visitor_id=Vdba4482dac9c4&m=0&user_id=178709&hash=bc557b35a0e939b01c7a4af81db1e39e
Title: Get the best multimedia today!

Search URL Search Domain Scan URL

URL: https://d1ph51qsmnjpvt.cloudfront.net/public/dynamo/feedClick.php?offer_id=53277440&offer_position=2&visitor_id=Vdba4482dac9c4&m=0&user_id=178709&hash=a53d648a30427c59dbbbebc26ec228f6
Title: Lähetä tekstiviesti ladataksesi nyt

Search URL Search Domain Scan URL

URL: https://d1bkis4ydqgspg.cloudfront.net/public/dynamo/feedClick.php?offer_id=53337208&offer_position=3&visitor_id=Vdba4482dac9c4&m=0&user_id=178709&hash=443deacdc12af2d1b1d14f51e9919204
Title: Anna tietosi saadaksesi parhaan palkinnon!

Search URL Search Domain Scan URL

URL: https://d8xv5ds0z1009.cloudfront.net/public/dynamo/feedClick.php?offer_id=53271412&offer_position=4&visitor_id=Vdba4482dac9c4&m=0&user_id=178709&hash=186a2d3959df06d20a1fe4638674ecfd
Title: Lähetä tekstiviesti saadaksesi parhaan WhatsApp-sisällön

Search URL Search Domain Scan URL

URL: https://dovrphu8b0md6.cloudfront.net/public/dynamo/feedClick.php?offer_id=53300388&offer_position=5&visitor_id=Vdba4482dac9c4&m=0&user_id=178709&hash=a8f858f2c6188530a13df746cd628799
Title: Paras Coin Master -opas on täällä! Lähetä tekstiviesti ladataksesi nyt!

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

47 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
plsdonate.net/ 225 KB
62 KB 1253ms
480ms Document
text/html 198.187.29.148
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://plsdonate.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.187.29.148 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server128-1.web-hosting.com
Software: LiteSpeed / PHP/8.0.28
Resource Hash: be3a687909ebe82a79214e01c24ff47b752cff930bf1cde586570124ad2dfd0f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 07 May 2023 21:22:55 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/8.0.28
x-turbo-charged-by: LiteSpeed

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 243 KB
83 KB 301ms
106ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3WJF997W0V

Requested by

Host: plsdonate.net
URL: https://plsdonate.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

09ebfff57c312c05aa1ec1900493e3aaf96afc8185fc999cfb49801f752c9c61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://plsdonate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 07 May 2023 21:22:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84647
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 07 May 2023 21:22:55 GMT

GET
H2 200 reset.min.css
cdnjs.cloudflare.com/ajax/libs/meyer-reset/2.0/ 773 B
1 KB 223ms
72ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/meyer-reset/2.0/reset.min.css

Requested by

Host: plsdonate.net
URL: https://plsdonate.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://plsdonate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 07 May 2023 21:22:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 418506
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 333
last-modified: Mon, 04 May 2020 16:13:23 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f23-305"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mDeexlA3n9d8KY%2FXLXpPRY3hW%2BoRZhAd53v%2F7WBU%2FDhLVRTURAJS1ooZbrBFp6AeRACdXXmfZZACGdibuDouw4Yxb4HQjF7w9vUoED3%2FlcNJ7z%2BFVQfmZVxJC19H6SqfxusU%2BgRIP3M%2B8MxUUlN2RU0z"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c3c856c58d2b523-OSL
expires: Fri, 26 Apr 2024 21:22:56 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 239ms
88ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: plsdonate.net
URL: https://plsdonate.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://plsdonate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 07 May 2023 21:22:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 268044
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4pdG476dMYqX79R0McUhb7DZJHMRFBluADc4NtpwoLZZvQp6vB3kLnaSzN9NtSKDxRhqUk6F7w7l88aSQA%2FWRgKoKOQdvAe3q23leFzetoBC0jk%2BEuhpHRmmabwDD2yScy7nAA3qtz8GziQuGm%2FbnZZ7"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c3c856c58d4b523-OSL
expires: Fri, 26 Apr 2024 21:22:56 GMT

GET
H2 200 style.css
plsdonate.net/ 10 KB
3 KB 247ms
247ms Stylesheet
text/css 198.187.29.148
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://plsdonate.net/style.css
Requested by: Host: plsdonate.net
URL: https://plsdonate.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.187.29.148 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server128-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: dbe84439650a89e84785f2aab67397cb9603c5a1829ee62c84c9a8806451284a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://plsdonate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 07 May 2023 21:22:56 GMT
content-encoding: br
last-modified: Sun, 07 May 2023 11:36:21 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2502
expires: Sun, 14 May 2023 21:22:56 GMT

GET
H2 200 fy_ZI71Jv-E Show response
www.youtube.com/embed/ Frame 9450 75 KB
33 KB 349ms
154ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/fy_ZI71Jv-E

Requested by

Host: plsdonate.net
URL: https://plsdonate.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c5187baad223c399cc18250784148f8cc6baaf02c0848b0c3dfe051c13c5a536

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plsdonate.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 07 May 2023 21:22:56 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=fi for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hzmico.png
hazem.gg/ 25 KB
25 KB 243ms
78ms Image
image/png 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hazem.gg/hzmico.png

Requested by

Host: plsdonate.net
URL: https://plsdonate.net/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

ac22853c9547333d1b591784adcdf9aef589ce3dfa3c155bb0884f18b699190f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://plsdonate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 07 May 2023 21:22:56 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: arn1:arn1::wmbm4-1683494576086-463588b20a82
age: 128982
etag: "b20b472df9871699e1f46647a8bb10d3"
x-vercel-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="hzmico.png"
accept-ranges: bytes
content-length: 25475

GET
H2 200 animation-500-lh9650hw.gif
i.ibb.co/z7kCMRh/ 3 MB
3 MB 400ms
98ms Image
image/gif 162.19.58.158
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/z7kCMRh/animation-500-lh9650hw.gif
Requested by: Host: plsdonate.net
URL: https://plsdonate.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.158 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096590.ip-162-19-58.eu
Software: nginx /
Resource Hash: c33cc1c92e84af6459423842bdee2a8577ba3ce659da736a6de29a21b7364dc7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://plsdonate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 07 May 2023 21:22:56 GMT
last-modified: Thu, 04 May 2023 13:35:01 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 3172077
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 t-l-chargement.jpg
i.ibb.co/10pT9Yx/ 11 KB
11 KB 400ms
99ms Image
image/jpeg 162.19.58.158
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/10pT9Yx/t-l-chargement.jpg
Requested by: Host: plsdonate.net
URL: https://plsdonate.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.158 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096590.ip-162-19-58.eu
Software: nginx /
Resource Hash: e4efcd23bbf2cde0f0df88a9ba3007d5fb7ad122ebe348095fd2123579d6e713

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://plsdonate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 07 May 2023 21:22:56 GMT
last-modified: Sat, 06 May 2023 14:53:38 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 11269
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/wv2uk2Elgtw/ 71 KB
72 KB 277ms
89ms Image
image/jpeg 2a00:1450:4001:806::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/wv2uk2Elgtw/maxresdefault.jpg

Requested by

Host: plsdonate.net
URL: https://plsdonate.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

805591469eb9bb3471e3f71c65e72f9482fb71c5849a8236a84257701c6780c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://plsdonate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 07 May 2023 20:56:05 GMT
x-content-type-options: nosniff
age: 1611
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72806
x-xss-protection: 0
server: sffe
etag: "1673383551"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 07 May 2023 22:56:05 GMT

GET
H2 200 fab3a9d08d254fef4aea4408d4db1dfe-loading_dark.gif
images.rbxcdn.com/ 10 KB
10 KB 370ms
91ms Image
image/gif 2a02:26f0:480:9::210:ee0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.rbxcdn.com/fab3a9d08d254fef4aea4408d4db1dfe-loading_dark.gif
Requested by: Host: plsdonate.net
URL: https://plsdonate.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee0e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3b62b9ae0092be12291d7c0c16e00f10b5c9de9b4bc5060ff61f3037363d64f5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://plsdonate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: McY6XCuDSyRtDm.wmj8FPRI8jQhrdG6g
date: Sun, 07 May 2023 21:22:56 GMT
last-modified: Tue, 19 Mar 2019 20:13:02 GMT
server: AmazonS3
x-amz-request-id: ED77CF27A93A6FD3
etag: "fab3a9d08d254fef4aea4408d4db1dfe"
content-type: image/gif
cache-control: public, max-age=22186418
accept-ranges: bytes
content-length: 10013
x-amz-id-2: oPfEybMmrfqmWC7cCgohaMA6ekJRna5qN7/DEp2AhiRc3v/rrX6U85FfUnD0FZR3Qzxdt+lAXeQ=

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 275ms
88ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: plsdonate.net
URL: https://plsdonate.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://plsdonate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 07 May 2023 09:48:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41637
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 May 2024 09:48:59 GMT

GET
H2 200 script.js Show response
plsdonate.net/ 630 B
518 B 242ms
241ms Script
application/javascript 198.187.29.148
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://plsdonate.net/script.js
Requested by: Host: plsdonate.net
URL: https://plsdonate.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.187.29.148 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server128-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 03ca37eb1367c0f95e73ff550bdb6158647770e4e442445a17788f0c9cf77715

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://plsdonate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 07 May 2023 21:22:56 GMT
content-encoding: br
last-modified: Fri, 31 Mar 2023 14:37:40 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 284
expires: Sun, 14 May 2023 21:22:56 GMT

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ 88 KB
30 KB 207ms
64ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: plsdonate.net
URL: https://plsdonate.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer: https://plsdonate.net/
Origin: https://plsdonate.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 07 May 2023 21:22:56 GMT
content-encoding: gzip
last-modified: Fri, 26 Aug 2022 17:36:05 GMT
server: nginx
etag: W/"63090485-15e40"
vary: Accept-Encoding
x-hw: 1683494576.dop015.sk1.t,1683494576.cds248.sk1.hn,1683494576.cds206.sk1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30957

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ 82 KB
26 KB 212ms
73ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: plsdonate.net
URL: https://plsdonate.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://plsdonate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 07 May 2023 21:22:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2161900
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26660
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14983"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NsJF02oUNzTuUW7mw53xkAiw8GpKF39nkixyPCHTrdXYkCq8Dsm6aHJUltCv2yCYZBLMqS1miOCPHK5GVsMDfw%2BTLj93vpjOa6TBUk7oI7NJcWM4c5CVf0EYZgVrTc7qPJVlw8pl3Eub%2B9LNj8tiuoMP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c3c856c58d7b523-OSL
expires: Fri, 26 Apr 2024 21:22:56 GMT

GET
H2 200 scriptt.js Show response
plsdonate.net/ 693 B
472 B 242ms
241ms Script
application/javascript 198.187.29.148
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://plsdonate.net/scriptt.js
Requested by: Host: plsdonate.net
URL: https://plsdonate.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.187.29.148 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server128-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 73eef03bcd2bfc62c86a25e5e2b8978055f20fc75274df2c4038a6df4acfebaa

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://plsdonate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 07 May 2023 21:22:56 GMT
content-encoding: br
last-modified: Tue, 04 Apr 2023 20:48:36 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 238
expires: Sun, 14 May 2023 21:22:56 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 223ms
77ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: plsdonate.net
URL: https://plsdonate.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://plsdonate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 07 May 2023 21:22:56 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 256
etag: W/"06f50014011c1fcd9e21b6b0481979de"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7c3c856c68e1b523-OSL
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 10 May 2023 21:22:56 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
243 B 199ms
69ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3WJF997W0V&gtm=45je3530&_p=1582605490&cid=265904991.1683494576&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683494576&sct=1&seg=0&dl=https%3A%2F%2Fplsdonate.net%2F&dt=How%20to%20Get%20Free%20Robux%20%7C%20Get%20800%20Robux%20Code&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3WJF997W0V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://plsdonate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 May 2023 21:22:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://plsdonate.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/50cf60f0/ Frame 9450 403 KB
48 KB 94ms
94ms Stylesheet
text/css 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50cf60f0/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/fy_ZI71Jv-E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18653164675b2868ca6932104b1d8e134c22eb1362094fee2a12539d932bbe23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.youtube.com/embed/fy_ZI71Jv-E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 07 May 2023 18:02:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12038
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48390
x-xss-protection: 0
last-modified: Wed, 03 May 2023 00:18:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 May 2024 18:02:18 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9450 15 KB
16 KB 289ms
88ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/fy_ZI71Jv-E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 23:28:35 GMT
x-content-type-options: nosniff
age: 78861
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 23:28:35 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9450 15 KB
15 KB 311ms
110ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/fy_ZI71Jv-E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 17:47:45 GMT
x-content-type-options: nosniff
age: 99311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 17:47:45 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 80ms
79ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://plsdonate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 07 May 2023 21:22:56 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 257
etag: W/"2cf94922e2d551e8dc7c38c022a9a3ca"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7c3c856e3b49b523-OSL
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 10 May 2023 21:22:56 GMT

GET
H2 200 feed.php Show response
d2punpeg7vtjci.cloudfront.net/public/offers/ 5 KB
6 KB 723ms
516ms Script
application/javascript 2600:9000:2491:c800:1c:8de0:8c80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2punpeg7vtjci.cloudfront.net/public/offers/feed.php?user_id=178709&api_key=da5944c8b54c6b2177278c65dbe776a3&s1=&s2=&callback=jQuery2130258252054612774_1683494576314&_=1683494576315
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:c800:1c:8de0:8c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash: bfd42b1a8d32a75d5c26084cffa9655c780a45c5b6c4c1469489b9b0b9a5599f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://plsdonate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 07 May 2023 21:22:56 GMT
via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop: FRA56-P7
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
content-length: 5341
x-amz-cf-id: j690-LA5W8YXL4WarYq7TvhkJVaBK6NQagKosP-PFOyWuTdiI1IPXA==

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/50cf60f0/www-embed-player.vflset/ Frame 9450 336 KB
95 KB 87ms
86ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50cf60f0/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/fy_ZI71Jv-E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3f27fa62f50d09a17ab3b2de9836d722abdf58ec1a817b83cb7d6414cfdd8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.youtube.com/embed/fy_ZI71Jv-E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 07 May 2023 21:00:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1331
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96876
x-xss-protection: 0
last-modified: Wed, 03 May 2023 00:18:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 May 2024 21:00:45 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/50cf60f0/player_ias.vflset/fi_FI/ Frame 9450 2 MB
2 MB 175ms
174ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50cf60f0/player_ias.vflset/fi_FI/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/fy_ZI71Jv-E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d14c81ea2274365c0eee31318e1f1f64d1f9478a1367bd96d7369f007fc637fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.youtube.com/embed/fy_ZI71Jv-E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 23:23:02 GMT
x-content-type-options: nosniff
age: 165594
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2353640
x-xss-protection: 0
last-modified: Wed, 03 May 2023 00:18:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 04 May 2024 23:23:02 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/50cf60f0/fetch-polyfill.vflset/ Frame 9450 9 KB
3 KB 174ms
173ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50cf60f0/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/fy_ZI71Jv-E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.youtube.com/embed/fy_ZI71Jv-E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 07 May 2023 20:59:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2604
x-xss-protection: 0
last-modified: Wed, 03 May 2023 00:18:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 May 2024 20:59:07 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/7d37acf7-c4ea-4e4c-bd07-91bc7323588b/ 3 KB
2 KB 153ms
145ms Script
text/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/7d37acf7-c4ea-4e4c-bd07-91bc7323588b/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22a2b0d03875a9b9ab0700d379dc2204cad799877b29087d86103f1cea407b67

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://plsdonate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 07 May 2023 21:22:56 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 630457a0-1ee3-43cd-90ee-afd9a8e988fd
x-runtime: 0.028925
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"22a2b0d03875a9b9ab0700d379dc2204"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 7c3c856f5ce8b523-OSL
access-control-allow-headers: SDK-Version
expires: Sun, 07 May 2023 22:22:56 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 9450
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

91ms
91ms

XHR
application/json

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/fy_ZI71Jv-E

Protocol

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0cb6da119f08df16e310cece43274002cb49389c86ca4eade0062128a17478b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 07 May 2023 21:22:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 07 May 2023 21:22:57 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 9450 29 B
494 B 274ms
84ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50cf60f0/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 07 May 2023 21:22:07 GMT
x-content-type-options: nosniff
age: 50
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 07 May 2023 21:37:07 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 289ms
94ms Preflight
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 07 May 2023 21:22:57 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 9450 68 KB
31 KB 102ms
101ms XHR
application/json+protobuf 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50cf60f0/player_ias.vflset/fi_FI/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8424702a69f6e725c8b6efcba7615eb68241d7de2ce66f5f562001060ebc6f5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 07 May 2023 21:22:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31788
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/50cf60f0/player_ias.vflset/fi_FI/ Frame 9450 116 KB
33 KB 87ms
86ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50cf60f0/player_ias.vflset/fi_FI/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50cf60f0/player_ias.vflset/fi_FI/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3784ca58deab1ca6aecc917593b758f7f3c1178041a5530e55699a9f93c1b3e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.youtube.com/embed/fy_ZI71Jv-E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 07:26:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 136606
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33602
x-xss-protection: 0
last-modified: Wed, 03 May 2023 00:18:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 May 2024 07:26:10 GMT

GET
H2 200 CArqea_BMtmFg-uSis-Ut8_SWhTX20Rj4YEAuxCzmAg.js Show response
www.google.com/js/th/ Frame 9450 37 KB
15 KB 273ms
87ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/CArqea_BMtmFg-uSis-Ut8_SWhTX20Rj4YEAuxCzmAg.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50cf60f0/player_ias.vflset/fi_FI/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

080aea79afc132d98583eb928acf94b7cfd25a14d7db4463e18100bb10b39808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 05:04:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 404323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14744
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 16:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 May 2024 05:04:14 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/fy_ZI71Jv-E/ Frame 9450 25 KB
25 KB 97ms
96ms Image
image/webp 2a00:1450:4001:806::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/fy_ZI71Jv-E/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/fy_ZI71Jv-E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

518aa20f168ef84c6ff7dcca258eb0b217a0ced6e9ae9a283afa33b3c71e4182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 07 May 2023 21:22:57 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25944
x-xss-protection: 0
server: sffe
etag: "1680987450"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 07 May 2023 23:22:57 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/50cf60f0/player_ias.vflset/fi_FI/ Frame 9450 29 KB
8 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50cf60f0/player_ias.vflset/fi_FI/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50cf60f0/player_ias.vflset/fi_FI/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5db7eb91e874d3411dd30168164cdabce10678be721e53ff15254eae734aea22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.youtube.com/embed/fy_ZI71Jv-E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:10:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 115970
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8338
x-xss-protection: 0
last-modified: Wed, 03 May 2023 00:18:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 May 2024 13:10:07 GMT

GET
DATA 200
OK truncated
/ Frame 9450 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 t8PMo27HFumv3TWTTUwoRacFmhcWr3pKzzs1Fj56kCxzZIDlmC21wppQBx0Y7Xd9iAlG6pER=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 9450 4 KB
4 KB 293ms
89ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/t8PMo27HFumv3TWTTUwoRacFmhcWr3pKzzs1Fj56kCxzZIDlmC21wppQBx0Y7Xd9iAlG6pER=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/fy_ZI71Jv-E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a0d9f2144f0d807675bc7a41e837df48b91339750782bf5d22122ec0b68787bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 07 May 2023 19:29:33 GMT
x-content-type-options: nosniff
age: 6804
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3664
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 08 May 2023 19:29:33 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 9450 4 KB
2 KB 279ms
93ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50cf60f0/player_ias.vflset/fi_FI/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 07 May 2023 21:22:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 07 May 2023 21:22:57 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 9450 0
10 B 86ms
85ms Image
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?YG8AEw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/fy_ZI71Jv-E
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.youtube.com/embed/fy_ZI71Jv-E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 07 May 2023 21:22:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/113/ Frame 9450 51 KB
15 KB 87ms
86ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/113/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a54e29a4b1f0cdf4f5cb2e77963987ff5051d96515bf7ee4cf0a17a28756539

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 07 May 2023 13:36:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15228
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 15:06:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 08 May 2023 13:36:03 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 9450 90 B
134 B 98ms
98ms XHR
application/json+protobuf 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50cf60f0/player_ias.vflset/fi_FI/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

64f8938c0879adfae59e5aab9201bb0966d8ffddb8e1652ff842b4d829a09160

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 07 May 2023 21:22:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 95ms
94ms Preflight
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 07 May 2023 21:22:57 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 textfile.txt Show response
plsdonate.net/ 163 KB
45 KB 482ms
481ms XHR
text/plain 198.187.29.148
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://plsdonate.net/textfile.txt
Requested by: Host: plsdonate.net
URL: https://plsdonate.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.187.29.148 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server128-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: c0c095e632c8efb7d2077585d2d10012cecc30719b91b94b744be85b1dda3fb3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://plsdonate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 07 May 2023 21:22:58 GMT
content-encoding: br
last-modified: Tue, 28 Feb 2023 22:20:25 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/plain
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 45567

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 9450 28 B
54 B 101ms
98ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50cf60f0/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
X-Goog-Request-Time: 1683494579625
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/fy_ZI71Jv-E
X-YouTube-Client-Version: 1.20230502.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgt1aEtrQm5FTURKWSiwreCiBg%3D%3D
X-YouTube-Ad-Signals: dt=1683494576526&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C400%2C230&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 07 May 2023 21:22:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sun, 07 May 2023 21:22:59 GMT

GET
H2 200 juyjfu-1.gif
i.ibb.co/cF4k9df/ 111 KB
111 KB 93ms
92ms Image
image/gif 162.19.58.158
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/cF4k9df/juyjfu-1.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.158 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096590.ip-162-19-58.eu
Software: nginx /
Resource Hash: 18c3f99486a8d5140792039e9c630385bf4effa93a6b26fcaaecb2e0c1039c44

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://plsdonate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 07 May 2023 21:22:59 GMT
last-modified: Wed, 01 Mar 2023 14:51:46 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 113185
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 68ms
68ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3WJF997W0V&gtm=45je3530&_p=1582605490&cid=265904991.1683494576&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1683494576&sct=1&seg=0&dl=https%3A%2F%2Fplsdonate.net%2F&dt=How%20to%20Get%20Free%20Robux%20%7C%20Get%20800%20Robux%20Code&en=scroll&epn.percent_scrolled=90&_et=9
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3WJF997W0V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://plsdonate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 May 2023 21:23:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://plsdonate.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 juyjfu-1.gif
i.ibb.co/cF4k9df/ 111 KB
111 KB 93ms
92ms Image
image/gif 162.19.58.158
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/cF4k9df/juyjfu-1.gif
Requested by: Host: plsdonate.net
URL: https://plsdonate.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.158 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096590.ip-162-19-58.eu
Software: nginx /
Resource Hash: 18c3f99486a8d5140792039e9c630385bf4effa93a6b26fcaaecb2e0c1039c44

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://plsdonate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 07 May 2023 21:23:02 GMT
last-modified: Wed, 01 Mar 2023 14:51:46 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 113185
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 juyjfu-1.gif
i.ibb.co/cF4k9df/ 111 KB
111 KB 92ms
92ms Image
image/gif 162.19.58.158
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/cF4k9df/juyjfu-1.gif
Requested by: Host: plsdonate.net
URL: https://plsdonate.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.158 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096590.ip-162-19-58.eu
Software: nginx /
Resource Hash: 18c3f99486a8d5140792039e9c630385bf4effa93a6b26fcaaecb2e0c1039c44

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://plsdonate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 07 May 2023 21:23:03 GMT
last-modified: Wed, 01 Mar 2023 14:51:46 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 113185
expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.plsdonate.net/	1970-01-20 21:14:14	Name: _ga Value: GA1.1.265904991.1683494576
.plsdonate.net/	1970-01-20 21:14:14	Name: _ga_3WJF997W0V Value: GS1.1.1683494576.1.0.1683494576.0.0.0
.onesignal.com/	1970-01-20 11:38:16	Name: __cf_bm Value: 1T1jj4lLAIoQVOvh5ks_ib8GqdUjUzCl6VOO20vgFBg-1683494576-0-AesjzTwXfrymUyDceSneDf10xh7GsNwcJM53k3oifAz62SpZiym2ymGJgogh5egztJS/oI9h7DWhX76pmKILI2E=
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: B9RdRsH3cOA
.youtube.com/	1970-01-20 15:57:26	Name: VISITOR_INFO1_LIVE Value: uhKkBnEMDJY

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://plsdonate.net/(Line 253) Message: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.onesignal.com
cdnjs.cloudflare.com
code.jquery.com
d2punpeg7vtjci.cloudfront.net
fonts.gstatic.com
googleads.g.doubleclick.net
hazem.gg
i.ibb.co
i.ytimg.com
images.rbxcdn.com
jnn-pa.googleapis.com
onesignal.com
plsdonate.net
region1.google-analytics.com
static.doubleclick.net
www.google.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
162.19.58.158
198.187.29.148
2001:4860:4802:32::36
2001:4de0:ac18::1:a:2b
2600:9000:2491:c800:1c:8de0:8c80:21
2606:4700::6811:190e
2606:4700::6812:d63b
2a00:1450:4001:801::200a
2a00:1450:4001:806::2016
2a00:1450:4001:808::2006
2a00:1450:4001:809::2004
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:811::200a
2a00:1450:4001:811::200e
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2001
2a02:26f0:480:9::210:ee0e
76.76.21.21
03ca37eb1367c0f95e73ff550bdb6158647770e4e442445a17788f0c9cf77715
080aea79afc132d98583eb928acf94b7cfd25a14d7db4463e18100bb10b39808
09ebfff57c312c05aa1ec1900493e3aaf96afc8185fc999cfb49801f752c9c61
18653164675b2868ca6932104b1d8e134c22eb1362094fee2a12539d932bbe23
18c3f99486a8d5140792039e9c630385bf4effa93a6b26fcaaecb2e0c1039c44
194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
22a2b0d03875a9b9ab0700d379dc2204cad799877b29087d86103f1cea407b67
2a54e29a4b1f0cdf4f5cb2e77963987ff5051d96515bf7ee4cf0a17a28756539
3784ca58deab1ca6aecc917593b758f7f3c1178041a5530e55699a9f93c1b3e4
3b62b9ae0092be12291d7c0c16e00f10b5c9de9b4bc5060ff61f3037363d64f5
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
518aa20f168ef84c6ff7dcca258eb0b217a0ced6e9ae9a283afa33b3c71e4182
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5db7eb91e874d3411dd30168164cdabce10678be721e53ff15254eae734aea22
64f8938c0879adfae59e5aab9201bb0966d8ffddb8e1652ff842b4d829a09160
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
73eef03bcd2bfc62c86a25e5e2b8978055f20fc75274df2c4038a6df4acfebaa
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
805591469eb9bb3471e3f71c65e72f9482fb71c5849a8236a84257701c6780c7
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e
8424702a69f6e725c8b6efcba7615eb68241d7de2ce66f5f562001060ebc6f5a
a0cb6da119f08df16e310cece43274002cb49389c86ca4eade0062128a17478b
a0d9f2144f0d807675bc7a41e837df48b91339750782bf5d22122ec0b68787bc
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
ac22853c9547333d1b591784adcdf9aef589ce3dfa3c155bb0884f18b699190f
be3a687909ebe82a79214e01c24ff47b752cff930bf1cde586570124ad2dfd0f
bfd42b1a8d32a75d5c26084cffa9655c780a45c5b6c4c1469489b9b0b9a5599f
c0c095e632c8efb7d2077585d2d10012cecc30719b91b94b744be85b1dda3fb3
c33cc1c92e84af6459423842bdee2a8577ba3ce659da736a6de29a21b7364dc7
c5187baad223c399cc18250784148f8cc6baaf02c0848b0c3dfe051c13c5a536
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
d14c81ea2274365c0eee31318e1f1f64d1f9478a1367bd96d7369f007fc637fd
d3f27fa62f50d09a17ab3b2de9836d722abdf58ec1a817b83cb7d6414cfdd8d2
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dbe84439650a89e84785f2aab67397cb9603c5a1829ee62c84c9a8806451284a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4efcd23bbf2cde0f0df88a9ba3007d5fb7ad122ebe348095fd2123579d6e713
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

plsdonate.net Open in urlscan Pro 198.187.29.148 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

47 Requests

98 %HTTPS

85 %IPv6

17 Domains

21 Subdomains

21 IPs

4 Countries

6566 kBTransfer

8272 kBSize

5 Cookies

5 Outgoing links

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

plsdonate.net Open in urlscan Pro
198.187.29.148 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

98 %
HTTPS

85 %
IPv6

17
Domains

21
Subdomains

21
IPs

4
Countries

6566 kB
Transfer

8272 kB
Size

5
Cookies

47 HTTP transactions
1 data transactions