URL: https://nyfrm.perezmoney.com/
Submission: On June 30 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 37 HTTP transactions. The main IP is 2606:4700:3031::6815:1093, located in United States and belongs to CLOUDFLARENET, US. The main domain is nyfrm.perezmoney.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 21st 2021. Valid for: a year.
This is the only time nyfrm.perezmoney.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
15 perezmoney.com
nyfrm.perezmoney.com
2 MB
10 youtube.com
www.youtube.com — Cisco Umbrella Rank: 107
785 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
jnn-pa.googleapis.com — Cisco Umbrella Rank: 330
30 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
static.doubleclick.net — Cisco Umbrella Rank: 436
1 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
33 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 8
14 KB
1 googlevideo.com
redirector.googlevideo.com — Cisco Umbrella Rank: 729
1 KB
37 7
Domain Requested by
15 nyfrm.perezmoney.com nyfrm.perezmoney.com
10 www.youtube.com nyfrm.perezmoney.com
www.youtube.com
4 jnn-pa.googleapis.com www.youtube.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
1 www.google.com www.youtube.com
1 redirector.googlevideo.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 fonts.googleapis.com nyfrm.perezmoney.com
1 fonts.gstatic.com www.youtube.com
37 10

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-10-21 -
2022-10-20
a year crt.sh
*.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
www.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh

This page contains 2 frames:

Primary Page: https://nyfrm.perezmoney.com/
Frame ID: B9BDD3F8B145CBDD36EEC31812EDB921
Requests: 16 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Ie_pcLsdb5E
Frame ID: 4B98ACCFC4E70AA932918C0D6EE68DF7
Requests: 19 HTTP requests in this frame

Screenshot

Page Title

He breaks performance down into four distinct areas

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

97 %
HTTPS

100 %
IPv6

7
Domains

10
Subdomains

10
IPs

3
Countries

2904 kB
Transfer

5637 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

37 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
nyfrm.perezmoney.com/
14 KB
5 KB
Document
General
Full URL
https://nyfrm.perezmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:1093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
976b54a3f8d5aa7d97297ed07885c266795512967a7f7ea3058844277c963c45

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7235ce0f1dd5badb-MXP
content-encoding
br
content-type
text/html
date
Thu, 30 Jun 2022 09:16:45 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Thu, 30 Jun 2022 09:16:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxnLfe7XLS8xRvNv3uWL7ptCwDIugLUDBc8S4EbNydixiMQ2%2BtQLV5OULLqhdoN2s47EhBMiVx0XPrNn%2FLwW7XvXpWxvfJ7hO%2B793YdnQyPbv%2B%2BbRMKOwq4eAOwvEHFsWJu8Jg39wtxKwrgUdsEQy2MUeg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
themify-icons.css
nyfrm.perezmoney.com/assets/vendors/themify-icons/css/
16 KB
3 KB
Stylesheet
General
Full URL
https://nyfrm.perezmoney.com/assets/vendors/themify-icons/css/themify-icons.css
Requested by
Host: nyfrm.perezmoney.com
URL: https://nyfrm.perezmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:1093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ade79cd951e6e8d3026d62228e5028193f0a73c0c7ec5df14d4c102f5ee5f688

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nyfrm.perezmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 09:16:45 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 06 Jun 2022 23:02:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzI7nCBu0vZ8jaCU%2FKZizgPDJhJ3Qel0d5CZ4FsT%2Btn%2F3H96qDUjfLVNNuWfbw5V55p5oIEW4FtGZ8xXKdeLmPuhr3STnMnmbNnkXWfe3DpRkGzua3gqNu9Tk60xIhJc3J9IZYlwpU7FTY4mvNsLxy%2FNKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7235ce109801badb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.css
nyfrm.perezmoney.com/assets/css/
244 KB
31 KB
Stylesheet
General
Full URL
https://nyfrm.perezmoney.com/assets/css/style.css
Requested by
Host: nyfrm.perezmoney.com
URL: https://nyfrm.perezmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:1093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf847b74ef98d6df52ff4818364b30d4654c100e6158da53d74a09d9c62f56bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nyfrm.perezmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 09:16:45 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 27 Jun 2022 22:02:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2BtYO6wtzmVS5Sgi%2FKbP7ZYSmLD4ryU9BT6A1ElSDC747WE2RsU5mcsYFayIWDVO8%2Fsj9J8BLNITFdlQWCm%2BAAQQotjAhXQZKKQnlNCc6%2FGClkS%2B9nx3mUAu4wKd69c2LCFLVmXKfQ4GzqQHosUDnlMC8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7235ce109803badb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fabric-316777_1280.jpg
nyfrm.perezmoney.com/assets/imgs/
488 KB
489 KB
Image
General
Full URL
https://nyfrm.perezmoney.com/assets/imgs/fabric-316777_1280.jpg
Requested by
Host: nyfrm.perezmoney.com
URL: https://nyfrm.perezmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:1093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14f263f75441428840cb55f3ff7c7026fff719430ea77efc7c4eaca44964a856

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nyfrm.perezmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 09:16:45 GMT
cf-cache-status
MISS
last-modified
Mon, 27 Jun 2022 22:02:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2F55dMf3OMM1ZJJGehG66H56V2UGeeRSdhkdhAas%2BbR89QlChqUlxk3YQNjQPa%2BgTcbsAsk05nonpz1pHup0TEsah9lU7%2F01PWJxNxnV4TqNUO5mggyzzYh4vYezRzyCLJWrzeUERvZvzN2UaFpWG3D1KA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7235ce10d865badb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
499590
6207cd16459162.50805692.jpg
nyfrm.perezmoney.com/assets/imgs/
133 KB
133 KB
Image
General
Full URL
https://nyfrm.perezmoney.com/assets/imgs/6207cd16459162.50805692.jpg
Requested by
Host: nyfrm.perezmoney.com
URL: https://nyfrm.perezmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:1093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e50e200bc9f5dd6425a780b4965b8ba4f6d70be2a5305ee68d623711aa9886c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nyfrm.perezmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 09:16:45 GMT
cf-cache-status
MISS
last-modified
Mon, 27 Jun 2022 22:02:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2BArAQvFOjsLY0CxiZkkRgJJl6SJugBRPsdz3wA69E6%2BozvXZJimL8dFWW37dWJ2tv6zqdE8dIsa71BFYodccG6yIOZ7CYuzhKHS9f9%2F5BrcUVfVNZTe6MQlJtCUYygnv0fvXuptl54L2XtYMknxmL4p7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7235ce10d868badb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
136262
621015a79bc4e1.62293213.jpg
nyfrm.perezmoney.com/assets/imgs/
104 KB
104 KB
Image
General
Full URL
https://nyfrm.perezmoney.com/assets/imgs/621015a79bc4e1.62293213.jpg
Requested by
Host: nyfrm.perezmoney.com
URL: https://nyfrm.perezmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:1093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
712514cc2c7de5d1b0c7887e546fe0e77de134cee14224b6eb7778980ce4ef48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nyfrm.perezmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 09:16:45 GMT
cf-cache-status
MISS
last-modified
Mon, 27 Jun 2022 22:02:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i8uggSYoY6uL85G3szABwofdtX7yqVNggjTiTSu6yecgifeGiiyf4kz4o6p7vHNDAqYI%2Fztp3y7GF3A2HT5SWzXr6xLvObPx%2BRksqwpEKbdFvmYgvfEIwyml1%2BO1cCGKjxpbvHZykGBq015sZD6szS5xRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7235ce10e86bbadb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
106423
sewing-machine-262454_1920.jpg
nyfrm.perezmoney.com/assets/imgs/
361 KB
362 KB
Image
General
Full URL
https://nyfrm.perezmoney.com/assets/imgs/sewing-machine-262454_1920.jpg
Requested by
Host: nyfrm.perezmoney.com
URL: https://nyfrm.perezmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:1093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d85700172e5c8fdc6a0e5113d4e5b63521c6fac5d3251c73824736036a26fa08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nyfrm.perezmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 09:16:45 GMT
cf-cache-status
MISS
last-modified
Mon, 27 Jun 2022 22:02:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMOG%2F1nVS43MufF8ovKAP86D3eUkJQsMJQ9P6255QVilNuyvGsCmdBPjVfUtwb3w7LUxe%2Byp9gw3WHTaQ%2BMTWzWp1QQ4wERObfxo0%2BUvNN2gl1j5yC9antsAzrwL7GpRJwWifHaHeidTkMcDJyOX5iHtbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7235ce10e871badb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
369530
Beginners-guide-to-making-clothes-p19k9gk1k08k4w8gp1dgb9pkmo6hqocatu9vlig5ow.jpg
nyfrm.perezmoney.com/assets/imgs/
37 KB
38 KB
Image
General
Full URL
https://nyfrm.perezmoney.com/assets/imgs/Beginners-guide-to-making-clothes-p19k9gk1k08k4w8gp1dgb9pkmo6hqocatu9vlig5ow.jpg
Requested by
Host: nyfrm.perezmoney.com
URL: https://nyfrm.perezmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:1093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1029f265ffbed800123b01625645ea70e9070efeb6ef504cf7139b9b059af5ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nyfrm.perezmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 09:16:45 GMT
cf-cache-status
MISS
last-modified
Mon, 27 Jun 2022 22:02:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BGc885B8jXPpgTndGtmbXn13lx3OY24efY5bTnnw7i6PcASJPqHDCwuKaTshjd6Kzee5sbKUB7edlqEqSDk3%2B9sV6DZDS20p0oQgoiqdllFbOL%2BKFO%2BbWiWAApI7K2kZToFjM%2FxftSKIxTvJGRpvo0n23A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7235ce10e873badb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38178
yarn-1615520_1920.jpg
nyfrm.perezmoney.com/assets/imgs/
597 KB
598 KB
Image
General
Full URL
https://nyfrm.perezmoney.com/assets/imgs/yarn-1615520_1920.jpg
Requested by
Host: nyfrm.perezmoney.com
URL: https://nyfrm.perezmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:1093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84be5ba525368a7e0bcee758f5b67d58ec1aa8d3be2de2ca69db05cf41f13df1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nyfrm.perezmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 09:16:45 GMT
cf-cache-status
MISS
last-modified
Mon, 27 Jun 2022 22:02:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVamztbatr4%2FGfjMvOLxQD75awpegl86YoIRWvDxUuX%2BmRMLQqWGAl6tynirfOjp2O2aEmEuA4IEvsVtVGkyPdbcLhOcO8GuonUmPDvxLwnna%2FcwIjq8XUcDTkSA0K4WUHNcdh%2Fpew2mnau32oKnxUyosg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7235ce10e875badb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
611275
Ie_pcLsdb5E
www.youtube.com/embed/ Frame 4B98
65 KB
28 KB
Document
General
Full URL
https://www.youtube.com/embed/Ie_pcLsdb5E
Requested by
Host: nyfrm.perezmoney.com
URL: https://nyfrm.perezmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7575142ed3746cefd3db24a9af536c61ce4ed29ae5e7284bad388d301e679103
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nyfrm.perezmoney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Thu, 30 Jun 2022 09:16:45 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
jquery-3.4.1.js
nyfrm.perezmoney.com/assets/vendors/jquery/
274 KB
83 KB
Script
General
Full URL
https://nyfrm.perezmoney.com/assets/vendors/jquery/jquery-3.4.1.js
Requested by
Host: nyfrm.perezmoney.com
URL: https://nyfrm.perezmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:1093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nyfrm.perezmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 09:16:45 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 06 Jun 2022 23:02:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LcEl%2BRHkNtK5%2Bfs6jEuRkIV08zFeD0SascSjabQsDWmvH%2Bw56%2FgcQ3cg2VdJ6VI3UuyBLRcDw%2F2a%2F1%2FbPK%2BufxMmuayfK1Gtl319PVBXoRwIvM18BTUzFWtiFb%2FYCcRJnWAiqpJ1nzll41lJWiJ2iWNedQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7235ce10e879badb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bootstrap.bundle.js
nyfrm.perezmoney.com/assets/vendors/bootstrap/
218 KB
48 KB
Script
General
Full URL
https://nyfrm.perezmoney.com/assets/vendors/bootstrap/bootstrap.bundle.js
Requested by
Host: nyfrm.perezmoney.com
URL: https://nyfrm.perezmoney.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a55ade67aedf45a013ca01c5e93fa042d175348ef4d16f64cde022beee9abbd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nyfrm.perezmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 09:16:45 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 06 Jun 2022 23:02:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0iYkPxag6PwhgY1YthtCgEQ3IyEV5uD6ewl2sqea4hbLpEGM80KiqhRgQ8goZZCjSR7gf75Q8Ir8wVY44MKTNbus7poyr%2FV%2FH7jdJ3pufCsL8dgfFKZzMOEWZSY0d4vJt0q7Ze88kO%2FrgLeNxBuwv6VosQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7235ce10eb1a59dd-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bootstrap.affix.js
nyfrm.perezmoney.com/assets/vendors/bootstrap/
5 KB
2 KB
Script
General
Full URL
https://nyfrm.perezmoney.com/assets/vendors/bootstrap/bootstrap.affix.js
Requested by
Host: nyfrm.perezmoney.com
URL: https://nyfrm.perezmoney.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ee8ac8eff7b2c225d85963ee6160f0071297a3fdaf1532688c4fe01cfc0fb94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nyfrm.perezmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 09:16:45 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 06 Jun 2022 23:02:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ryEaumgLZDIqyRHFhrdiEXaRzDsDCJcrUcCFNswVbWgPbOF%2Fl7R4FzjqwJX0VDKw%2FI1Rxp5TNYyrE8Fu82UeAcYbmfXsK9WEkFptxB4RgTdox5soeV%2FoKiuM8dQEBO7u3xq%2B1pSTMQFqBM62mGQy0zRwVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7235ce10eb2059dd-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
creative-design.js
nyfrm.perezmoney.com/assets/js/
877 B
949 B
Script
General
Full URL
https://nyfrm.perezmoney.com/assets/js/creative-design.js
Requested by
Host: nyfrm.perezmoney.com
URL: https://nyfrm.perezmoney.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a1fbafd60afd8f91abcc59a51dfad355d621df1b2e762150f7cea92b3c1ccd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nyfrm.perezmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 09:16:45 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 06 Jun 2022 23:02:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BljJjXeUcuVPWYw6C9pfE5VLK1ZvL67abxd%2FirubKaQcmTYk0IatqCDloinIZIq5WnweNG0vAK6ECuAr%2F%2FdbeBg30QGh34uO%2BAuly%2BfosxjCuMnijCJkvC9DsJaiAg1bNX%2FbwdcSqqpJ7h8ruYUQNJnMMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7235ce10eb2259dd-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
www-player.css
www.youtube.com/s/player/bc3f94c3/ Frame 4B98
339 KB
47 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/bc3f94c3/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Ie_pcLsdb5E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd46e809f37664665b67394303719ba31f518c6c03b6bc3c7a401c1c952001af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/Ie_pcLsdb5E
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 16:49:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
59247
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47659
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 03:07:28 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 29 Jun 2023 16:49:18 GMT
www-embed-player.js
www.youtube.com/s/player/bc3f94c3/www-embed-player.vflset/ Frame 4B98
302 KB
93 KB
Script
General
Full URL
https://www.youtube.com/s/player/bc3f94c3/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Ie_pcLsdb5E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20a9c6a34056688558ad52cc6ccffb58e8e476db537c3489c9db8d2d8f351b1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/Ie_pcLsdb5E
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 16:49:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
59247
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95362
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 03:07:28 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 29 Jun 2023 16:49:18 GMT
base.js
www.youtube.com/s/player/bc3f94c3/player_ias.vflset/de_DE/ Frame 4B98
2 MB
557 KB
Script
General
Full URL
https://www.youtube.com/s/player/bc3f94c3/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Ie_pcLsdb5E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
101b43709a6f08deb3a8b355e8413916f5ee0d7ef4bf3b6d38cd4d76c7ccd4fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/Ie_pcLsdb5E
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 16:49:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
59247
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
569754
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 03:07:28 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 29 Jun 2023 16:49:18 GMT
fetch-polyfill.js
www.youtube.com/s/player/bc3f94c3/fetch-polyfill.vflset/ Frame 4B98
9 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/bc3f94c3/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Ie_pcLsdb5E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/Ie_pcLsdb5E
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 16:49:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
59247
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 03:07:28 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 29 Jun 2023 16:49:18 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4B98
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Ie_pcLsdb5E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:06:41 GMT
x-content-type-options
nosniff
age
144604
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Jun 2023 17:06:41 GMT
css2
fonts.googleapis.com/
731 B
878 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Quintessential&amp;family=Roboto:wght@100&amp;family=Rowdies:wght@300&amp;family=Suez+One&amp;family=Supermercado+One&amp;display=swap
Requested by
Host: nyfrm.perezmoney.com
URL: https://nyfrm.perezmoney.com/assets/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
897a21ac386946220fcc5132fd8ff29e2eb90c65a1b59d702f545ef414db355b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nyfrm.perezmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 09:16:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 30 Jun 2022 09:16:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Jun 2022 09:16:46 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 4B98
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Ie_pcLsdb5E
Protocol
H3
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6e5952c25767db86b1d33a99ce57cb08a405c92e856113bc8f6b1c7c5badddcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 09:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 30 Jun 2022 09:16:46 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 4B98
29 B
588 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/bc3f94c3/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 09:10:07 GMT
x-content-type-options
nosniff
age
399
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 30 Jun 2022 09:25:07 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Thu, 30 Jun 2022 09:16:46 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
initplayback
redirector.googlevideo.com/ Frame 4B98
491 B
1 KB
XHR
General
Full URL
https://redirector.googlevideo.com/initplayback?source=youtube&orc=1&oeis=1&ip=2001%3Aac8%3A20%3A3c00%3A1011%3Ac66f%3A65f1%3A175d&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=11000&oavd=11000&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odeak=1&odepv=1&osfc=1&pxtags=Cg4KAnR4EggyNDIwNjA1Mg&rxtags=Cg4KAnR4EggyNDIwNjA1MQ%2CCg4KAnR4EggyNDIwNjA1Mg%2CCg4KAnR4EggyNDIwNjUwMw%2CCg4KAnR4EggyNDIwNjUwNA&alr=yes&id=59177
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/bc3f94c3/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ClientMapServer /
Resource Hash
dae14922335ebc6736681077f3d5f5144eda1aeb3f1e5c0581459e891ba32e07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 09:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
317
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://www.youtube.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4B98
64 KB
29 KB
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/bc3f94c3/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b968c2459a5aa9293e7e6507eb21fcd0922d9e3073d9453325df19cc70dc2ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 30 Jun 2022 09:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
30141
x-xss-protection
0
remote.js
www.youtube.com/s/player/bc3f94c3/player_ias.vflset/de_DE/ Frame 4B98
119 KB
37 KB
Script
General
Full URL
https://www.youtube.com/s/player/bc3f94c3/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/bc3f94c3/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3956cbc027caad89757d106135050181433af5c2f6538701115103ad4f1f87ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/Ie_pcLsdb5E
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 16:50:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
59206
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37790
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 03:07:28 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 29 Jun 2023 16:50:00 GMT
embed.js
www.youtube.com/s/player/bc3f94c3/player_ias.vflset/de_DE/ Frame 4B98
27 KB
8 KB
Script
General
Full URL
https://www.youtube.com/s/player/bc3f94c3/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/bc3f94c3/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d86146e9966b7afde64ff385deda8a8351333a9b6f87ccd3dcf952015dae87e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/Ie_pcLsdb5E
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 16:57:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
58764
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8109
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 03:07:28 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 29 Jun 2023 16:57:22 GMT
620240d26bbff6.71274759.jpg
nyfrm.perezmoney.com/assets/imgs/
59 KB
60 KB
Image
General
Full URL
https://nyfrm.perezmoney.com/assets/imgs/620240d26bbff6.71274759.jpg
Requested by
Host: nyfrm.perezmoney.com
URL: https://nyfrm.perezmoney.com/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6511b8f6102c5f0479565b3c1ec5191ff9187ef734f399a9a22d8a23b0996b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nyfrm.perezmoney.com/assets/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 09:16:46 GMT
cf-cache-status
MISS
last-modified
Mon, 27 Jun 2022 22:02:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jdDaWdrXCy4FgzlnVJ407wLeCXvocOattchEIeqpHRpoa5ZGDducpcZDK6OiLK8kWxa8IyC%2FG3f4EZPgML8eICuGqAslRAXPQ8IycRJm%2FLRSH9ppz5oys79pUfZziCpps4U%2B38I2I%2FckgplLTXHBeiqKoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7235ce157ad159dd-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
60786
620240797d64f3.44147430.jpg
nyfrm.perezmoney.com/assets/imgs/
81 KB
82 KB
Image
General
Full URL
https://nyfrm.perezmoney.com/assets/imgs/620240797d64f3.44147430.jpg
Requested by
Host: nyfrm.perezmoney.com
URL: https://nyfrm.perezmoney.com/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e397938586106266ad549afc3d5d9bdcc333ed07284f855fe47e56ea0a1669ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nyfrm.perezmoney.com/assets/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 09:16:46 GMT
cf-cache-status
MISS
last-modified
Mon, 27 Jun 2022 22:02:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BWweVUSARS0gl1XEZhS%2FT6OdFlGlDe5cJ0S7vJX4qGijmXcgnuQBQkjgayaZcUAoAw%2FspLOuLh80Tx2M2Wp64OtDfWZxXn3mYIkaZQhT%2FL0SFKPvCgec2tmAx%2FUPrXAMzataIAcmQGRfUVBvPRIa%2FvMnhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7235ce157ad659dd-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
83256
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 4B98
4 KB
3 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/bc3f94c3/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 09:16:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 30 Jun 2022 09:16:48 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4B98
98 B
142 B
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/bc3f94c3/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
51b2ea8019f5d402cb1dce3d54ebd60ee70db97ab4a66c82daf3ed6964e80072
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 30 Jun 2022 09:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
118
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Thu, 30 Jun 2022 09:16:46 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
get
www.youtube.com/youtubei/v1/att/ Frame 4B98
19 KB
14 KB
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/att/get?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/bc3f94c3/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
2c1841b274b066a0080182c3413af6e77c870828456088664f886e98e6e0a659
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/Ie_pcLsdb5E
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20220628.00.01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-Goog-Visitor-Id
Cgt6Q2xBMmdTVHZVRSj90_WVBg%3D%3D
Content-Type
application/json

Response headers

date
Thu, 30 Jun 2022 09:16:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14043
x-xss-protection
0
expires
Thu, 30 Jun 2022 09:16:47 GMT
iJGTQv2FdKpczbKmCmcADXvJJkQivV5xufAsJBe2f-A.js
www.google.com/js/th/ Frame 4B98
36 KB
14 KB
Script
General
Full URL
https://www.google.com/js/th/iJGTQv2FdKpczbKmCmcADXvJJkQivV5xufAsJBe2f-A.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/bc3f94c3/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88919342fd8574aa5ccdb2a60a67000d7bc9264422bd5e71b9f02c2417b67fe0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 12:23:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
161609
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13993
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 16:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Jun 2023 12:23:18 GMT
generate_204
www.youtube.com/ Frame 4B98
0
9 B
Image
General
Full URL
https://www.youtube.com/generate_204?wedtSA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Ie_pcLsdb5E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/Ie_pcLsdb5E
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 09:16:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/103/ Frame 4B98
52 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/103/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b04181139e0ce3b79b3fa9095394070d16ab4a1b6bb8419c4d523c05712b3a95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:15:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82873
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15123
x-xss-protection
0
last-modified
Mon, 02 May 2022 15:04:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 30 Jun 2022 10:15:35 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 4B98
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/bc3f94c3/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/Ie_pcLsdb5E
X-YouTube-Client-Version
1.20220628.00.01
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
Cgt6Q2xBMmdTVHZVRSj90_WVBg%3D%3D
X-YouTube-Ad-Signals
dt=1656580606160&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C843%2C416&vis=1&wgl=true&ca_type=image

Response headers

date
Thu, 30 Jun 2022 09:16:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Thu, 30 Jun 2022 09:16:50 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| bootstrap

2 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: DVYNbNH23Eo
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: zClA2gSTvUE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
jnn-pa.googleapis.com
nyfrm.perezmoney.com
redirector.googlevideo.com
static.doubleclick.net
www.google.com
www.gstatic.com
www.youtube.com
2606:4700:3031::6815:1093
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:828::2004
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::200a
2a00:1450:401b:808::2006
0a1fbafd60afd8f91abcc59a51dfad355d621df1b2e762150f7cea92b3c1ccd2
101b43709a6f08deb3a8b355e8413916f5ee0d7ef4bf3b6d38cd4d76c7ccd4fc
1029f265ffbed800123b01625645ea70e9070efeb6ef504cf7139b9b059af5ab
14f263f75441428840cb55f3ff7c7026fff719430ea77efc7c4eaca44964a856
1e50e200bc9f5dd6425a780b4965b8ba4f6d70be2a5305ee68d623711aa9886c
1ee8ac8eff7b2c225d85963ee6160f0071297a3fdaf1532688c4fe01cfc0fb94
20a9c6a34056688558ad52cc6ccffb58e8e476db537c3489c9db8d2d8f351b1e
2c1841b274b066a0080182c3413af6e77c870828456088664f886e98e6e0a659
3956cbc027caad89757d106135050181433af5c2f6538701115103ad4f1f87ab
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
51b2ea8019f5d402cb1dce3d54ebd60ee70db97ab4a66c82daf3ed6964e80072
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
6e5952c25767db86b1d33a99ce57cb08a405c92e856113bc8f6b1c7c5badddcb
712514cc2c7de5d1b0c7887e546fe0e77de134cee14224b6eb7778980ce4ef48
7575142ed3746cefd3db24a9af536c61ce4ed29ae5e7284bad388d301e679103
84be5ba525368a7e0bcee758f5b67d58ec1aa8d3be2de2ca69db05cf41f13df1
88919342fd8574aa5ccdb2a60a67000d7bc9264422bd5e71b9f02c2417b67fe0
897a21ac386946220fcc5132fd8ff29e2eb90c65a1b59d702f545ef414db355b
976b54a3f8d5aa7d97297ed07885c266795512967a7f7ea3058844277c963c45
a55ade67aedf45a013ca01c5e93fa042d175348ef4d16f64cde022beee9abbd5
ade79cd951e6e8d3026d62228e5028193f0a73c0c7ec5df14d4c102f5ee5f688
b04181139e0ce3b79b3fa9095394070d16ab4a1b6bb8419c4d523c05712b3a95
b968c2459a5aa9293e7e6507eb21fcd0922d9e3073d9453325df19cc70dc2ebc
cd46e809f37664665b67394303719ba31f518c6c03b6bc3c7a401c1c952001af
cf847b74ef98d6df52ff4818364b30d4654c100e6158da53d74a09d9c62f56bd
d6511b8f6102c5f0479565b3c1ec5191ff9187ef734f399a9a22d8a23b0996b0
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d85700172e5c8fdc6a0e5113d4e5b63521c6fac5d3251c73824736036a26fa08
d86146e9966b7afde64ff385deda8a8351333a9b6f87ccd3dcf952015dae87e8
dae14922335ebc6736681077f3d5f5144eda1aeb3f1e5c0581459e891ba32e07
e397938586106266ad549afc3d5d9bdcc333ed07284f855fe47e56ea0a1669ab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9