dreamhardest.com Open in urlscan Pro
198.71.233.148 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://buycok.com/
Effective URL:
https://dreamhardest.com/
Submission: On May 09 via manual (May 9th 2022, 1:36:37 pm UTC) from IN — Scanned from DE

Summary HTTP 41 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 13 domains to perform 41 HTTP transactions. The main IP is 198.71.233.148, located in Ashburn, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is dreamhardest.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 15th 2022. Valid for: a year.

This is the only time dreamhardest.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.33.152.147 3.33.152.147	16509 (AMAZON-02) (AMAZON-02)
1 1	15.197.142.173 15.197.142.173	16509 (AMAZON-02) (AMAZON-02)
1	198.71.233.148 198.71.233.148	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
12	2a02:fe80:101... 2a02:fe80:1010::16	30148 (SUCURI-SEC) (SUCURI-SEC)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3 5	23.36.163.225 23.36.163.225	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2016	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:170... 2a02:26f0:1700:11::b856:678c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
41	15

1 3.33.152.147 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com

buycok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.142.173 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com

www.bainksy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.71.233.148 (Ashburn, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-198-71-233-148.ip.secureserver.net

dreamhardest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:fe80:1010::16 (United States)

ASN30148 (SUCURI-SEC, US)

secureservercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.36.163.225 (Frankfurt am Main, Germany) 3 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-225.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img6.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:11::b856:678c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

events.api.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	secureservercdn.net secureservercdn.net — Cisco Umbrella Rank: 22484	456 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 88	732 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	64 KB
5	wsimg.com 3 redirects img1.wsimg.com — Cisco Umbrella Rank: 12583 img6.wsimg.com — Cisco Umbrella Rank: 15976	20 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 111 jnn-pa.googleapis.com — Cisco Umbrella Rank: 336	23 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 65 static.doubleclick.net — Cisco Umbrella Rank: 419	1 KB
2	secureserver.net events.api.secureserver.net — Cisco Umbrella Rank: 19130	582 B
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 102	21 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 191	3 KB
1	google.com www.google.com — Cisco Umbrella Rank: 20	14 KB
1	dreamhardest.com dreamhardest.com	12 KB
1	bainksy.com 1 redirects www.bainksy.com	295 B
1	buycok.com 1 redirects buycok.com	293 B
41	13

	Domain	Requested by
12	secureservercdn.net	dreamhardest.com
9	www.youtube.com	dreamhardest.com www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
3	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
3	img1.wsimg.com	3 redirects
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	events.api.secureserver.net	img1.wsimg.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	img6.wsimg.com	dreamhardest.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	fonts.googleapis.com	dreamhardest.com
1	dreamhardest.com
1	www.bainksy.com	1 redirects
1	buycok.com	1 redirects
41	17

This site contains links to these domains. Also see Links.

Domain
www.prenatle.com
www.lokbit.com
www.bothands.com
www.pantiesdropped.com
www.gapwage.com

Subject Issuer	Validity	Valid
dreamhardest.com Go Daddy Secure Certificate Authority - G2	`2022-04-15` - `2023-05-17`	a year	crt.sh
secureservercdn.net Starfield Secure Certificate Authority - G2	`2021-05-27` - `2022-06-26`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.api.secureserver.net Starfield Secure Certificate Authority - G2	`2021-09-14` - `2022-10-16`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://dreamhardest.com/
Frame ID: F034E0CAE200DA630236317AEBCB7C8E
Requests: 20 HTTP requests in this frame

Frame: https://www.youtube.com/embed/EPhWR4d3FJQ?feature=oembed
Frame ID: 6045D08989573621139FA8D741BE6B36
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Question's Home. - Dream Hardest

Page URL History Show full URLs

http://buycok.com/ HTTP 301
http://www.bainksy.com/ HTTP 301
https://dreamhardest.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Lightbox (JavaScript Libraries) Expand

Page Statistics

41
Requests

93 %
HTTPS

75 %
IPv6

13
Domains

17
Subdomains

15
IPs

2
Countries

1347 kB
Transfer

3906 kB
Size

4
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.prenatle.com/
Title: Open Facebook in a new tab

Search URL Search Domain Scan URL

URL: https://www.lokbit.com/
Title: Open Twitter in a new tab

Search URL Search Domain Scan URL

URL: https://www.bothands.com/
Title: Open Instagram in a new tab

Search URL Search Domain Scan URL

URL: https://www.pantiesdropped.com/
Title: Open LinkedIn in a new tab

Search URL Search Domain Scan URL

URL: https://www.gapwage.com/
Title: Open Pinterest in a new tab

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://buycok.com/ HTTP 301
http://www.bainksy.com/ HTTP 301
https://dreamhardest.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js HTTP 302
https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 302
https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js

Request Chain 13

https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js HTTP 302
https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js

Request Chain 23

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

41 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
dreamhardest.com/
Redirect Chain

http://buycok.com/
http://www.bainksy.com/
https://dreamhardest.com/

48 KB
12 KB

695ms
237ms

Document
text/html

198.71.233.148
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://dreamhardest.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.71.233.148 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-198-71-233-148.ip.secureserver.net

Software

openresty /

Resource Hash

318c13098c5c83978a92f07d6a3f2b78f26e06a3c91a8ed848de56fb6fff3124

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1455
content-encoding: gzip
content-length: 12240
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Mon, 09 May 2022 13:36:31 GMT
server: openresty
strict-transport-security: max-age=300 max-age=31536000; includeSubDomains
vary: Accept-Encoding, User-Agent
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES:Forced
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 59
Content-Type: text/html; charset=utf-8
Date: Mon, 09 May 2022 13:36:30 GMT
Location: https://dreamhardest.com
Server: ip-100-74-3-117.eu-west-2.compute.internal
X-Request-Id: a00c4a3d-68fe-47d5-bbd1-4cd2ee61987f

GET
H2 200 style.min.css
secureservercdn.net/198.71.233.148/mnr.2ff.myftpupload.com/wp-includes/css/dist/block-library/ 81 KB
11 KB 375ms
341ms Stylesheet
text/css 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/198.71.233.148/mnr.2ff.myftpupload.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3&time=1649999489

Requested by

Host: dreamhardest.com
URL: https://dreamhardest.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dreamhardest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 89598
x-cache: cached
x-sucuri-cache: MISS
content-length: 11206
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Apr 2022 19:23:24 GMT
server: nginx
etag: "145db-5dd7f82891ea8;5dca9f7c30c68
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19016
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style-coblocks-1.css
secureservercdn.net/198.71.233.148/mnr.2ff.myftpupload.com/wp-content/plugins/coblocks/dist/ 266 KB
38 KB 453ms
420ms Stylesheet
text/css 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/198.71.233.148/mnr.2ff.myftpupload.com/wp-content/plugins/coblocks/dist/style-coblocks-1.css?ver=2.22.10&time=1649999489

Requested by

Host: dreamhardest.com
URL: https://dreamhardest.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

4ddabd815aad50661305ed88d7822af14173a0f41854d693513913de15ad0336

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dreamhardest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 89598
x-cache: cached
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 38587
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Apr 2022 04:37:52 GMT
server: nginx
etag: "4264b-5dca9f94032af-gzip"
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19016
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 38ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Crimson+Text%3A400%2C400i%2C700%2C700i%7CNunito+Sans%3A400%2C400i%2C600%2C700&subset=latin%2Clatin-ext&display=swap&ver=1.6.0

Requested by

Host: dreamhardest.com
URL: https://dreamhardest.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8bfaa57ec1b84e15bfa912734784996eaac035c20b34f09fd213711d6960431f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dreamhardest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 May 2022 13:31:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 09 May 2022 13:36:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 May 2022 13:36:31 GMT

GET
H2 200 style-shared.min.css
secureservercdn.net/198.71.233.148/mnr.2ff.myftpupload.com/wp-content/themes/go/dist/css/ 150 KB
21 KB 452ms
418ms Stylesheet
text/css 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/198.71.233.148/mnr.2ff.myftpupload.com/wp-content/themes/go/dist/css/style-shared.min.css?time=1649999489&ver=1.6.0

Requested by

Host: dreamhardest.com
URL: https://dreamhardest.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

55d15f890793c78faf3b151fa9aabf889a9f84eef287a0d86a4db9e7f57ee984

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dreamhardest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 89598
x-cache: cached
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 21496
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Apr 2022 04:38:10 GMT
server: nginx
etag: "256c2-5dca9fa471419-gzip"
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19016
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style-traditional.min.css
secureservercdn.net/198.71.233.148/mnr.2ff.myftpupload.com/wp-content/themes/go/dist/css/design-styles/ 4 KB
2 KB 385ms
352ms Stylesheet
text/css 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/198.71.233.148/mnr.2ff.myftpupload.com/wp-content/themes/go/dist/css/design-styles/style-traditional.min.css?time=1649999489&ver=1.6.0

Requested by

Host: dreamhardest.com
URL: https://dreamhardest.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

33738eb2d3cb0337345f46f3a148fe213cead6ae56fd20543d048b9b76b053fc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dreamhardest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 89598
x-cache: cached
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 1090
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Apr 2022 04:38:09 GMT
server: nginx
etag: "1057-5dca9fa43c857-gzip"
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19016
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 istockphoto-1133809617-612x612-4.jpg
secureservercdn.net/198.71.233.148/mnr.2ff.myftpupload.com/wp-content/uploads/2022/04/ 35 KB
35 KB 426ms
425ms Image
image/jpeg 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/198.71.233.148/mnr.2ff.myftpupload.com/wp-content/uploads/2022/04/istockphoto-1133809617-612x612-4.jpg

Requested by

Host: dreamhardest.com
URL: https://dreamhardest.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

a23cebd6557cde503d7b46952ccffa39e50828f2da5c0f79bd5c6800170eb9eb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dreamhardest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 89598
x-cache: cached
x-sucuri-cache: MISS
content-length: 35377
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Apr 2022 05:11:12 GMT
server: nginx
date: Mon, 09 May 2022 13:36:31 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19016
etag: "8a31-5dcaa7074c6b9"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 home-image-3.jpg
secureservercdn.net/198.71.233.148/mnr.2ff.myftpupload.com/wp-content/uploads/2022/04/ 39 KB
39 KB 437ms
436ms Image
image/jpeg 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/198.71.233.148/mnr.2ff.myftpupload.com/wp-content/uploads/2022/04/home-image-3.jpg

Requested by

Host: dreamhardest.com
URL: https://dreamhardest.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

25d38bba023b7c5e1f2d3d22cf8997ecb264065bb06dacf8095f24073b4b3c1d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dreamhardest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 89598
x-cache: cached
x-sucuri-cache: MISS
content-length: 39841
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Apr 2022 04:38:19 GMT
server: nginx
date: Mon, 09 May 2022 13:36:31 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19016
etag: "9ba1-5dca9fad00311"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 home-image-1.jpg
secureservercdn.net/198.71.233.148/mnr.2ff.myftpupload.com/wp-content/uploads/2022/04/ 209 KB
210 KB 438ms
437ms Image
image/jpeg 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/198.71.233.148/mnr.2ff.myftpupload.com/wp-content/uploads/2022/04/home-image-1.jpg

Requested by

Host: dreamhardest.com
URL: https://dreamhardest.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

f6a518bb7526e585f4e2d0a8e5ca9ef6416b60493031117f894c13b733c27d30

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dreamhardest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 89598
x-cache: cached
x-sucuri-cache: MISS
content-length: 213843
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Apr 2022 04:38:17 GMT
server: nginx
date: Mon, 09 May 2022 13:36:31 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19016
etag: "34353-5dca9fab4e982"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 home-image-2.jpg
secureservercdn.net/198.71.233.148/mnr.2ff.myftpupload.com/wp-content/uploads/2022/04/ 88 KB
89 KB 437ms
436ms Image
image/jpeg 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/198.71.233.148/mnr.2ff.myftpupload.com/wp-content/uploads/2022/04/home-image-2.jpg

Requested by

Host: dreamhardest.com
URL: https://dreamhardest.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

4d27b7e7536cf4a9e5afd3860a6afe2f0caef8e67385b74086ad6f9555b6d963

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dreamhardest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 89598
x-cache: cached
x-sucuri-cache: MISS
content-length: 90113
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Apr 2022 04:38:18 GMT
server: nginx
date: Mon, 09 May 2022 13:36:31 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19016
etag: "16001-5dca9facbccee"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 coblocks-animation.js Show response
secureservercdn.net/198.71.233.148/mnr.2ff.myftpupload.com/wp-content/plugins/coblocks/dist/js/ 412 B
738 B 356ms
340ms Script
application/javascript 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/198.71.233.148/mnr.2ff.myftpupload.com/wp-content/plugins/coblocks/dist/js/coblocks-animation.js?ver=2.22.10&time=1649999489

Requested by

Host: dreamhardest.com
URL: https://dreamhardest.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

a2c1967d4bc375b190863aabb8bb22a2da4ec5461f8dfd8add4987e3687a26ed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dreamhardest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 89598
x-cache: cached
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 245
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Apr 2022 04:37:52 GMT
server: nginx
etag: "19c-5dca9f94059bf-gzip"
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19016
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 coblocks-lightbox.js Show response
secureservercdn.net/198.71.233.148/mnr.2ff.myftpupload.com/wp-content/plugins/coblocks/dist/js/ 3 KB
2 KB 368ms
353ms Script
application/javascript 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/198.71.233.148/mnr.2ff.myftpupload.com/wp-content/plugins/coblocks/dist/js/coblocks-lightbox.js?ver=2.22.10&time=1649999489

Requested by

Host: dreamhardest.com
URL: https://dreamhardest.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

422ae86efcba1de408df4e7153afb113a5e570f9d320dabb47000e27051ef756

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dreamhardest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 89598
x-cache: cached
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 1150
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Apr 2022 04:37:52 GMT
server: nginx
etag: "da9-5dca9f9404637-gzip"
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19016
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.js Show response
secureservercdn.net/198.71.233.148/mnr.2ff.myftpupload.com/wp-content/themes/go/dist/js/ 9 KB
3 KB 348ms
347ms Script
application/javascript 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/198.71.233.148/mnr.2ff.myftpupload.com/wp-content/themes/go/dist/js/frontend.min.js?time=1649999489&ver=1.6.0

Requested by

Host: dreamhardest.com
URL: https://dreamhardest.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

1e1ba2064786d6e54c78441ac44dd7f3970f9ed531aee22fd1fea7cf9ed10466

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dreamhardest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 89598
x-cache: cached
x-sucuri-cache: MISS
vary: Accept-Encoding
content-length: 2580
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Apr 2022 04:38:09 GMT
server: nginx
etag: "22c6-5dca9fa3e4dfc-gzip"
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19016
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

tccl.min.js Show response
img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/
Redirect Chain

https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
https://img1.wsimg.com/traffic-assets/js/tccl.min.js
https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js

44 KB
11 KB

26ms
21ms

Script
application/javascript

23.36.163.225
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
Requested by: Host: dreamhardest.com
URL: https://dreamhardest.com/
Protocol: H2
Server: 23.36.163.225 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-225.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6cb0efedc1729d965016a35584cb00b03aa46e1a5e170f4b3ce092c7c3e99ec7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dreamhardest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 135, 135
x-amz-version-id: Z0H0F1CdjRUI_nRMydHHi17Rv0HOw5tB
content-encoding: br
etag: "362d20193a8fed115f99b16a157b7fc4"
x-amz-request-id: N5JSXGJTVEFZM8E9
x-edgeconnect-midmile-rtt: 15, 15
x-amz-server-side-encryption: AES256
date: Mon, 09 May 2022 13:36:31 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 11155
x-amz-id-2: 73c+ZpWNgBh9xtilh6Nj22iH/BmUfkHwAgj9PgWHmvdTmSCUhi96da6Ell5SKHaif06RANK80zY=
last-modified: Mon, 11 Apr 2022 14:15:53 GMT
x-edgeconnect-cache-status: 1
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

location: https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
date: Mon, 09 May 2022 13:36:31 GMT
cache-control: max-age=5
access-control-allow-origin: *
timing-allow-origin: *
content-length: 0
expires: Mon, 09 May 2022 13:36:36 GMT

GET
H2

200

tti.min.js Show response
img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/
Redirect Chain

https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js

24 KB
8 KB

42ms
19ms

Script
application/javascript

23.36.163.225
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
Requested by: Host: dreamhardest.com
URL: https://dreamhardest.com/
Protocol: H2
Server: 23.36.163.225 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-225.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6e74c12390bdb48bf5b0bb295ceed4f68add11467d2472d983a42e3023ecf312

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dreamhardest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 247, 247
x-amz-version-id: F4fYptXBkP0fCCCWFLfVGE1HXlZmORny
content-encoding: br
etag: "ce554d2333f3801abafb32da18213ff7"
x-amz-request-id: VP8MMSVFK992J1PT
x-edgeconnect-midmile-rtt: 15, 15
x-amz-server-side-encryption: AES256
date: Mon, 09 May 2022 13:36:31 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 7498
x-amz-id-2: WPdzJfQDQyS4hD+xuYsG8/XIlDF8SfFW6fY7TywWHFwCrHZxYW7+fWZzjZljcKq0iGAfdR/ixq8=
last-modified: Wed, 16 Jun 2021 21:48:11 GMT
x-edgeconnect-cache-status: 1
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

location: https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
date: Mon, 09 May 2022 13:36:31 GMT
cache-control: max-age=5
access-control-allow-origin: *
timing-allow-origin: *
content-length: 0
expires: Mon, 09 May 2022 13:36:36 GMT

GET
H2 200 wp-emoji-release.min.js Show response
secureservercdn.net/198.71.233.148/mnr.2ff.myftpupload.com/wp-includes/js/ 18 KB
5 KB 348ms
348ms Script
application/javascript 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/198.71.233.148/mnr.2ff.myftpupload.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3&time=1649999489

Requested by

Host: dreamhardest.com
URL: https://dreamhardest.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dreamhardest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 89598
x-cache: cached
x-sucuri-cache: MISS
content-length: 4930
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Apr 2022 19:23:34 GMT
server: nginx
etag: "4705-5dd7f832e3491;5dca9f7c30c68
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 19016
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v11/ 16 KB
17 KB 30ms
9ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v11/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Crimson+Text%3A400%2C400i%2C700%2C700i%7CNunito+Sans%3A400%2C400i%2C600%2C700&subset=latin%2Clatin-ext&display=swap&ver=1.6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b125629b135235aea4609c07048a5a7671a9058910b632db5d69a0d09339ed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dreamhardest.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 19:37:58 GMT
x-content-type-options: nosniff
age: 410314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16840
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:16:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 04 May 2023 19:37:58 GMT

GET
H2 200 wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2
fonts.gstatic.com/s/crimsontext/v14/ 15 KB
15 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/crimsontext/v14/wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f6fb4a5ed73890ce881e4b94a3e971684a44fdead6c1c2a45b31e96ab32de4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dreamhardest.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 20:39:11 GMT
x-content-type-options: nosniff
age: 320241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14888
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:47:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 May 2023 20:39:11 GMT

GET
H2 200 EPhWR4d3FJQ Show response
www.youtube.com/embed/ Frame 6045 60 KB
26 KB 94ms
72ms Document
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/EPhWR4d3FJQ?feature=oembed

Requested by

Host: dreamhardest.com
URL: https://dreamhardest.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

370ea5cdd7d6d49f54c076d73f34688f599384f1be7fdca5e6b70f07d53160fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dreamhardest.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Mon, 09 May 2022 13:36:32 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 www-player.css
www.youtube.com/s/player/a4d8b401/ Frame 6045 335 KB
46 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a4d8b401/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EPhWR4d3FJQ?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba2b65836b472334c8abe1133ccdd57f61ccc6ae8c64dfad891735b080475611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EPhWR4d3FJQ?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 21:07:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59350
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47149
x-xss-protection: 0
last-modified: Thu, 05 May 2022 00:17:48 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 08 May 2023 21:07:22 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/a4d8b401/www-embed-player.vflset/ Frame 6045 278 KB
86 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a4d8b401/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EPhWR4d3FJQ?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a1e5e964ff9c7d7c163ca04fe10c66d1e9ef4f2c066b4e6cabd68aa4112234b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EPhWR4d3FJQ?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 07 May 2022 21:22:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 144824
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87515
x-xss-protection: 0
last-modified: Thu, 05 May 2022 00:17:48 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 07 May 2023 21:22:48 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/a4d8b401/player_ias.vflset/de_DE/ Frame 6045 2 MB
526 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a4d8b401/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EPhWR4d3FJQ?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d3ec73d8be9ac7eeaaf328a7c3d0eebea099118746687e05e4b0d868ea37738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EPhWR4d3FJQ?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 02:26:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 299427
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 538583
x-xss-protection: 0
last-modified: Thu, 05 May 2022 00:17:48 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 06 May 2023 02:26:05 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/a4d8b401/fetch-polyfill.vflset/ Frame 6045 9 KB
3 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a4d8b401/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EPhWR4d3FJQ?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EPhWR4d3FJQ?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 08:55:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103237
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 05 May 2022 00:17:48 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 08 May 2023 08:55:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6045 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EPhWR4d3FJQ?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 526707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 03 May 2023 11:18:05 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 6045
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

31ms
15ms

XHR
application/json

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EPhWR4d3FJQ?feature=oembed

Protocol

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16f714e98044267aaad771732a32531b80dae3e3845f28c1246d207dcc525704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 09 May 2022 13:36:32 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 6045 29 B
587 B 29ms
7ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a4d8b401/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:29:42 GMT
x-content-type-options: nosniff
age: 410
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 09 May 2022 13:44:42 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 39ms
15ms Preflight
text/html 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 09 May 2022 13:36:32 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 6045 44 KB
22 KB 40ms
23ms XHR
application/json+protobuf 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a4d8b401/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

89def1eb06aa50e66c7e447032b90620b2766f16430c1a05d78e6b5f44c8fd40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 09 May 2022 13:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 22105
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/a4d8b401/player_ias.vflset/de_DE/ Frame 6045 119 KB
37 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a4d8b401/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a4d8b401/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab9ae28f2c8555e43de63ff61df6c4be167086b88a5330050427962d10a14c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EPhWR4d3FJQ?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 02:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 299426
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
last-modified: Thu, 05 May 2022 00:17:48 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 06 May 2023 02:26:06 GMT

GET
H2 200 -VrFTrdkvDltPjgq0ehWXbZDQsH93PIClx2OnGFxhmo.js Show response
www.google.com/js/th/ Frame 6045 35 KB
14 KB 34ms
6ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/-VrFTrdkvDltPjgq0ehWXbZDQsH93PIClx2OnGFxhmo.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a4d8b401/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f95ac54eb764bc396d3e382ad1e8565db64342c1fddcf202971d8e9c6171866a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 07 May 2022 16:39:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 161793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13568
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 13:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 07 May 2023 16:39:59 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/a4d8b401/player_ias.vflset/de_DE/ Frame 6045 27 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a4d8b401/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a4d8b401/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc2df4bc1cc39ab3e4a277f38227c02704b9b66ee9bd5f9ce247a334a8b4e4d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EPhWR4d3FJQ?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 02:33:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 298979
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8106
x-xss-protection: 0
last-modified: Thu, 05 May 2022 00:17:48 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 06 May 2023 02:33:33 GMT

GET
DATA 200
OK truncated
/ Frame 6045 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLSKt7b-FkbO7u4A5skskMWWk9uYsV6nKO4TCI6WIw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 6045 3 KB
3 KB 30ms
8ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLSKt7b-FkbO7u4A5skskMWWk9uYsV6nKO4TCI6WIw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EPhWR4d3FJQ?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e89810a1382ffd141ae97c41f21c02bbdc97004d79c2b3bb786b79e6f31d9d45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 12:24:04 GMT
x-content-type-options: nosniff
age: 4348
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3009
x-xss-protection: 0
server: fife
etag: "v10d"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 08 Feb 2022 07:35:39 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/EPhWR4d3FJQ/ Frame 6045 20 KB
21 KB 30ms
7ms Image
image/webp 2a00:1450:4001:82a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/EPhWR4d3FJQ/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EPhWR4d3FJQ?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34f7079d86a94f457c81aa4afcedefeeca2f4b01727db07ef7c223ea32c4710d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:22:48 GMT
x-content-type-options: nosniff
age: 824
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20790
x-xss-protection: 0
server: sffe
etag: "1559233958"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 09 May 2022 15:22:48 GMT

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ 43 B
291 B 131ms
97ms XHR
image/gif 2a02:26f0:1700:11::b856:678c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://events.api.secureserver.net/t/1/tl/event?cts=1652103392069&dh=dreamhardest.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.41%20Safari%2F537.36&vci=624783992&cv=2.0.0&z=665086973&vg=2212f8de-60f9-5487-982f-b0e918f99649&vtg=2212f8de-60f9-5487-982f-b0e918f99649&dp=%2F&ap=wpaas&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%229bd32de3-8be1-1100-8b6f-d2f5c5cbf609.secureserver.net%22%2C%22pod%22%3A%22A2NLWPPOD07%22%2C%22storage%22%3A%22a2cephmah002pod07_data08%22%2C%22xid%22%3A%2244658471%22%2C%22wp%22%3A%225.9.3%22%2C%22php%22%3A%227.4.28%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22wp-block-editor%22%2C%22theme%22%3A%22go%22%2C%22nextgen%22%3A%220%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22219%22%2C%22wp_alloptions_bytes%22%3A%2262423%22%7D&hit_id=6a120a4e-4ded-5c25-8172-98a5481347c5&ht=pageview

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:1700:11::b856:678c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dreamhardest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
date: Mon, 09 May 2022 13:36:32 GMT
x-frame-options: DENY
content-type: image/gif
access-control-allow-origin: https://dreamhardest.com
cache-control: private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 43
x-xss-protection: 1; mode=block

GET
H3 204 generate_204
www.youtube.com/ Frame 6045 0
9 B 8ms
7ms Image
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?PCxArg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EPhWR4d3FJQ?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:36:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 6045 4 KB
3 KB 53ms
29ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a4d8b401/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 09 May 2022 13:36:32 GMT

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ 43 B
291 B 98ms
97ms XHR
image/gif 2a02:26f0:1700:11::b856:678c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://events.api.secureserver.net/t/1/tl/event?cts=1652103392611&dh=dreamhardest.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.41%20Safari%2F537.36&vci=624783992&cv=2.0.0&z=1898739208&vg=2212f8de-60f9-5487-982f-b0e918f99649&vtg=2212f8de-60f9-5487-982f-b0e918f99649&dp=%2F&ap=wpaas&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%229bd32de3-8be1-1100-8b6f-d2f5c5cbf609.secureserver.net%22%2C%22pod%22%3A%22A2NLWPPOD07%22%2C%22storage%22%3A%22a2cephmah002pod07_data08%22%2C%22xid%22%3A%2244658471%22%2C%22wp%22%3A%225.9.3%22%2C%22php%22%3A%227.4.28%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22wp-block-editor%22%2C%22theme%22%3A%22go%22%2C%22nextgen%22%3A%220%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22219%22%2C%22wp_alloptions_bytes%22%3A%2262423%22%7D&hit_id=efba62f3-2929-5540-bf5f-1f22c2366fcb&ht=perf&tce=1652103391287&tcs=1652103390837&tdc=1652103392522&tdclee=1652103392081&tdcles=1652103392079&tdi=1652103392079&tdl=1652103391527&tdle=1652103390837&tdls=1652103390829&tfs=1652103390829&tns=1652103363960&trqs=1652103391288&tre=1652103391525&trps=1652103391525&tles=1652103392522&tlee=0&nt=navigate&nav_type=hard

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:1700:11::b856:678c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dreamhardest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
date: Mon, 09 May 2022 13:36:32 GMT
x-frame-options: DENY
content-type: image/gif
access-control-allow-origin: https://dreamhardest.com
cache-control: private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 43
x-xss-protection: 1; mode=block

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/101/ Frame 6045 52 KB
15 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/101/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f69d70bf8ce1e473f3659ee6c746035ae11ebbe9383c1857783e300458667e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 16:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15395
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 19:36:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 09 May 2022 16:33:32 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 15ms
14ms Preflight
text/html 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 09 May 2022 13:36:32 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 6045 98 B
142 B 19ms
18ms XHR
application/json+protobuf 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a4d8b401/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

64aec2421e19ca19971c554c89452c2658c0e94558696088af5a9abbb9fbbf62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 09 May 2022 13:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 6045 28 B
54 B 22ms
21ms XHR
application/json 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a4d8b401/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/EPhWR4d3FJQ?feature=oembed
X-YouTube-Client-Version: 1.20220504.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtiTzFVSTRaWTNQQSjgseSTBg%3D%3D
X-YouTube-Ad-Signals: dt=1652103392201&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C672%2C504&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 09 May 2022 13:36:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 09 May 2022 13:36:34 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dreamhardest.com/	1970-01-20 11:40:39	Name: _tccl_visitor Value: 2212f8de-60f9-5487-982f-b0e918f99649
.dreamhardest.com/	1970-01-20 02:55:05	Name: _tccl_visit Value: 2212f8de-60f9-5487-982f-b0e918f99649
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 2VHMakUKQeo
.youtube.com/	1970-01-20 07:14:15	Name: VISITOR_INFO1_LIVE Value: bO1UI4ZY3PA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buycok.com
dreamhardest.com
events.api.secureserver.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
img1.wsimg.com
img6.wsimg.com
jnn-pa.googleapis.com
secureservercdn.net
static.doubleclick.net
www.bainksy.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
15.197.142.173
198.71.233.148
23.36.163.225
2a00:1450:4001:810::2003
2a00:1450:4001:812::2004
2a00:1450:4001:812::200a
2a00:1450:4001:813::2001
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2016
2a00:1450:4001:82f::2006
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a02:26f0:1700:11::b856:678c
2a02:fe80:1010::16
3.33.152.147
0a1e5e964ff9c7d7c163ca04fe10c66d1e9ef4f2c066b4e6cabd68aa4112234b
0b125629b135235aea4609c07048a5a7671a9058910b632db5d69a0d09339ed4
16f714e98044267aaad771732a32531b80dae3e3845f28c1246d207dcc525704
1e1ba2064786d6e54c78441ac44dd7f3970f9ed531aee22fd1fea7cf9ed10466
25d38bba023b7c5e1f2d3d22cf8997ecb264065bb06dacf8095f24073b4b3c1d
318c13098c5c83978a92f07d6a3f2b78f26e06a3c91a8ed848de56fb6fff3124
33738eb2d3cb0337345f46f3a148fe213cead6ae56fd20543d048b9b76b053fc
34f7079d86a94f457c81aa4afcedefeeca2f4b01727db07ef7c223ea32c4710d
370ea5cdd7d6d49f54c076d73f34688f599384f1be7fdca5e6b70f07d53160fc
3d3ec73d8be9ac7eeaaf328a7c3d0eebea099118746687e05e4b0d868ea37738
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
422ae86efcba1de408df4e7153afb113a5e570f9d320dabb47000e27051ef756
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4d27b7e7536cf4a9e5afd3860a6afe2f0caef8e67385b74086ad6f9555b6d963
4ddabd815aad50661305ed88d7822af14173a0f41854d693513913de15ad0336
55d15f890793c78faf3b151fa9aabf889a9f84eef287a0d86a4db9e7f57ee984
64aec2421e19ca19971c554c89452c2658c0e94558696088af5a9abbb9fbbf62
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6cb0efedc1729d965016a35584cb00b03aa46e1a5e170f4b3ce092c7c3e99ec7
6e74c12390bdb48bf5b0bb295ceed4f68add11467d2472d983a42e3023ecf312
6f69d70bf8ce1e473f3659ee6c746035ae11ebbe9383c1857783e300458667e0
6f6fb4a5ed73890ce881e4b94a3e971684a44fdead6c1c2a45b31e96ab32de4a
89def1eb06aa50e66c7e447032b90620b2766f16430c1a05d78e6b5f44c8fd40
8bfaa57ec1b84e15bfa912734784996eaac035c20b34f09fd213711d6960431f
a23cebd6557cde503d7b46952ccffa39e50828f2da5c0f79bd5c6800170eb9eb
a2c1967d4bc375b190863aabb8bb22a2da4ec5461f8dfd8add4987e3687a26ed
ab9ae28f2c8555e43de63ff61df6c4be167086b88a5330050427962d10a14c1f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
ba2b65836b472334c8abe1133ccdd57f61ccc6ae8c64dfad891735b080475611
cc2df4bc1cc39ab3e4a277f38227c02704b9b66ee9bd5f9ce247a334a8b4e4d3
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e89810a1382ffd141ae97c41f21c02bbdc97004d79c2b3bb786b79e6f31d9d45
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f6a518bb7526e585f4e2d0a8e5ca9ef6416b60493031117f894c13b733c27d30
f95ac54eb764bc396d3e382ad1e8565db64342c1fddcf202971d8e9c6171866a

dreamhardest.com Open in urlscan Pro 198.71.233.148 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

93 %HTTPS

75 %IPv6

13 Domains

17 Subdomains

15 IPs

2 Countries

1347 kBTransfer

3906 kBSize

4 Cookies

5 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

dreamhardest.com Open in urlscan Pro
198.71.233.148 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

93 %
HTTPS

75 %
IPv6

13
Domains

17
Subdomains

15
IPs

2
Countries

1347 kB
Transfer

3906 kB
Size

4
Cookies

41 HTTP transactions
1 data transactions