sale.watchmoney.site Open in urlscan Pro
52.76.101.124 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sale.watchmoney.site/
Submission: On April 12 via automatic, source certstream-suspicious (April 12th 2023, 3:10:10 am UTC) — Scanned from SG

Summary HTTP 99 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 16 domains to perform 99 HTTP transactions. The main IP is 52.76.101.124, located in Singapore and belongs to AMAZON-02, US. The main domain is sale.watchmoney.site.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on April 12th 2023. Valid for: 3 months.

This is the only time sale.watchmoney.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.76.101.124 52.76.101.124	16509 (AMAZON-02) (AMAZON-02)
2	2404:6800:400... 2404:6800:4003:c03::5f	15169 (GOOGLE) (GOOGLE)
18	2400:52e0:150... 2400:52e0:1500::944:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2a03:2880:f00... 2a03:2880:f00c:300:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2404:6800:400... 2404:6800:4003:c03::61	15169 (GOOGLE) (GOOGLE)
1	103.226.250.67 103.226.250.67	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
1	2404:6800:400... 2404:6800:4003:c03::64	15169 (GOOGLE) (GOOGLE)
12	2404:6800:400... 2404:6800:4003:c06::5e	15169 (GOOGLE) (GOOGLE)
2	3.0.225.157 3.0.225.157	16509 (AMAZON-02) (AMAZON-02)
19	2404:6800:400... 2404:6800:4003:c0f::5d	15169 (GOOGLE) (GOOGLE)
1 2	2404:6800:400... 2404:6800:4003:c11::9d	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c11::95	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4003:c06::5f	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c11::93	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c0f::77	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c00::84	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f10... 2a03:2880:f10c:381:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2404:6800:400... 2404:6800:4003:c11::5e	15169 (GOOGLE) (GOOGLE)
8	2404:6800:400... 2404:6800:4003:20::7	15169 (GOOGLE) (GOOGLE)
2	18.140.6.45 18.140.6.45	16509 (AMAZON-02) (AMAZON-02)
14	54.251.173.122 54.251.173.122	16509 (AMAZON-02) (AMAZON-02)
99	22

1 52.76.101.124 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-101-124.ap-southeast-1.compute.amazonaws.com

sale.watchmoney.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c03::5f (Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2400:52e0:1500::944:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)

w.ladicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00c:300:face:b00c:0:3 (Singapore)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c03::61 (Singapore)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.226.250.67 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)

img5.thuthuatphanmem.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c03::64 (Singapore)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2404:6800:4003:c06::5e (Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.0.225.157 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-0-225-157.ap-southeast-1.compute.amazonaws.com

a.ladipage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2404:6800:4003:c0f::5d (Singapore)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c11::9d (Singapore) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c11::95 (Singapore)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c06::5f (Singapore)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c11::93 (Singapore)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c0f::77 (Singapore)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c00::84 (Singapore)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f10c:381:face:b00c:0:25de (Singapore)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c11::5e (Singapore)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4003:20::7 (Singapore)

ASN15169 (GOOGLE, US)

rr2---sn-npoldn7e.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.140.6.45 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-6-45.ap-southeast-1.compute.amazonaws.com

g.ladicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 54.251.173.122 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-173-122.ap-southeast-1.compute.amazonaws.com

api.ladichat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	youtube.com img.youtube.com — Cisco Umbrella Rank: 3122 www.youtube.com — Cisco Umbrella Rank: 93	981 KB
20	ladicdn.com w.ladicdn.com — Cisco Umbrella Rank: 50731 g.ladicdn.com — Cisco Umbrella Rank: 218853	783 KB
14	ladichat.com api.ladichat.com — Cisco Umbrella Rank: 355344	15 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com	218 KB
8	googlevideo.com rr2---sn-npoldn7e.googlevideo.com — Cisco Umbrella Rank: 46345	2 MB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47 jnn-pa.googleapis.com — Cisco Umbrella Rank: 237	33 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	278 B
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 static.doubleclick.net — Cisco Umbrella Rank: 285	1 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 219	1 KB
2	ladipage.com a.ladipage.com — Cisco Umbrella Rank: 83374	632 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	136 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 107	67 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	15 KB
1	thuthuatphanmem.vn img5.thuthuatphanmem.vn	49 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	52 KB
1	watchmoney.site sale.watchmoney.site	34 KB
99	16

	Domain	Requested by
19	www.youtube.com	w.ladicdn.com www.youtube.com
18	w.ladicdn.com	sale.watchmoney.site w.ladicdn.com
14	api.ladichat.com	w.ladicdn.com
12	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
8	rr2---sn-npoldn7e.googlevideo.com	www.youtube.com
4	www.facebook.com	sale.watchmoney.site
4	jnn-pa.googleapis.com	www.youtube.com
2	g.ladicdn.com	w.ladicdn.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	yt3.ggpht.com	www.youtube.com sale.watchmoney.site
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	a.ladipage.com	w.ladicdn.com
2	connect.facebook.net	sale.watchmoney.site connect.facebook.net
2	fonts.googleapis.com	sale.watchmoney.site w.ladicdn.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	img.youtube.com	sale.watchmoney.site
1	img5.thuthuatphanmem.vn	sale.watchmoney.site
1	www.googletagmanager.com	sale.watchmoney.site
1	sale.watchmoney.site
99	21

This site contains no links.

Subject Issuer	Validity	Valid
sale.watchmoney.site ZeroSSL RSA Domain Secure Site CA	`2023-04-12` - `2023-07-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
w.ladicdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-10` - `2024-03-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-19` - `2023-04-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
img5.thuthuatphanmem.vn R3	`2023-04-10` - `2023-07-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
a.ladipage.com Amazon RSA 2048 M02	`2023-02-02` - `2023-07-16`	5 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-03-28` - `2023-06-06`	2 months	crt.sh
g.ladicdn.com ZeroSSL RSA Domain Secure Site CA	`2023-01-23` - `2023-04-23`	3 months	crt.sh
api.ladichat.com Amazon RSA 2048 M02	`2023-02-03` - `2023-08-21`	7 months	crt.sh

This page contains 3 frames:

Primary Page: https://sale.watchmoney.site/
Frame ID: 1561D4F2B228F67175ECE463AFFF1453
Requests: 36 HTTP requests in this frame

Frame: https://www.youtube.com/embed/rg2kuGYckqA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsale.watchmoney.site&widgetid=1
Frame ID: 33DA59D812A78F686D21C14FCCBBD256
Requests: 39 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i|Roboto:ital,wght@0,300;0,400;0,500;1,300;1,400;1,500&display=swap
Frame ID: 2EA34E88365FF26045D94182112C4780
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Apple Watch Series 7Artboard 26

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

99
Requests

99 %
HTTPS

76 %
IPv6

16
Domains

21
Subdomains

22
IPs

3
Countries

4118 kB
Transfer

7973 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

99 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
sale.watchmoney.site/ 183 KB
34 KB 92ms
8ms Document
text/html 52.76.101.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sale.watchmoney.site/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.101.124 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-101-124.ap-southeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 289228ffeba92bebcc15e8a05b7e469e58127d088785fb8681fa537f1469fc08

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 12 Apr 2023 03:10:04 GMT
server: openresty
statuscode: 200
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 20ms
9ms Stylesheet
text/css 2404:6800:4003:c03::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Oswald:bold,regular|Source%20Sans%20Pro:bold,regular&display=swap

Requested by

Host: sale.watchmoney.site
URL: https://sale.watchmoney.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b14858ee6e5201d870fc460a48d5d2d6bc0226eb452a17c355c783ccc3c26462

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sale.watchmoney.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Apr 2023 03:10:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 03:10:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Apr 2023 03:10:04 GMT

GET
H2 200 ladipagev3.min.js Show response
w.ladicdn.com/v2/source/ 339 KB
84 KB 18ms
3ms Script
text/javascript 2400:52e0:1500::944:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/v2/source/ladipagev3.min.js?v=1681203989371
Requested by: Host: sale.watchmoney.site
URL: https://sale.watchmoney.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::944:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-944 /
Resource Hash: b0a636a00075c2aaa6e1e599099fc0b0551ea6395b34d737fa2e8f1f2016ebbb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sale.watchmoney.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:10:04 GMT
content-encoding: br
cdn-edgestorageid: 858
perma-cache: MISS
cdn-cachedat: 04/11/2023 09:11:47
cdn-pullzone: 575124
server: BunnyCDN-SG1-944
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
access-control-max-age: 2592000
access-control-allow-credentials: true
cache-control: public, max-age=31919000
cdn-requestid: 213dc483dff30922e200f0269a003079
cdn-requestcountrycode: SG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 18ms
5ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: sale.watchmoney.site
URL: https://sale.watchmoney.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ec06672fe3c64b5f9a2734153c38dc3aac1a84dd0c656447e4f393339608db6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sale.watchmoney.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 12 Apr 2023 03:10:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27909
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: n4E5tsZxbRfBFIucrTETrl1oHX0dOXvNokerHLf0JjCwN4isERU6b2ZfTffstFlRvYRM3NL4zBhkBfjBDUWmYw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 548340344
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 136 KB
52 KB 21ms
12ms Script
application/javascript 2404:6800:4003:c03::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W9GFRLF

Requested by

Host: sale.watchmoney.site
URL: https://sale.watchmoney.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

58ef5c8c82e6aaf419892f1f15e19675f3741d22a4262ea73367ec17ca988bee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sale.watchmoney.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:10:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 53023
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 12 Apr 2023 03:10:04 GMT

GET
DATA 200
OK truncated
/ 166 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d4b274dcc8fe2600e7e38c0a2433c0ef722027f49fcc8e37ce52a972d856906

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 anh-nen-trang-tinh-khoi_013900337.jpg
img5.thuthuatphanmem.vn/uploads/2022/01/11/ 49 KB
49 KB 243ms
105ms Image
image/jpeg 103.226.250.67
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img5.thuthuatphanmem.vn/uploads/2022/01/11/anh-nen-trang-tinh-khoi_013900337.jpg
Requested by: Host: sale.watchmoney.site
URL: https://sale.watchmoney.site/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.226.250.67 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c5e0757e1e9c9b926277ae79f2840a18d1207143f218ad1b80e3fd51b6339aa6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sale.watchmoney.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:10:03 GMT
last-modified: Tue, 11 Jan 2022 06:39:01 GMT
server: Microsoft-IIS/10.0
etag: "41d63febb56d81:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 50100

GET
H2 200 daicam-20210524030031-20210622084244-20211116132306-20220607094623.png
w.ladicdn.com/s1150x400/5ea845b95da1a2557f302daa/ 13 KB
14 KB 4ms
3ms Image
image/png 2400:52e0:1500::944:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s1150x400/5ea845b95da1a2557f302daa/daicam-20210524030031-20210622084244-20211116132306-20220607094623.png
Requested by: Host: sale.watchmoney.site
URL: https://sale.watchmoney.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::944:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-944 /
Resource Hash: 1b93bbfa59b6cf8ed0a41f740601759375aa51d8cd02269416fb99da4a189ecd

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sale.watchmoney.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:10:04 GMT
cdn-edgestorageid: 979
perma-cache: HIT
cdn-storageserver: SG-561
cdn-cachedat: 04/11/2023 08:13:41
cdn-pullzone: 575124
content-length: 13675
last-modified: Tue, 11 Apr 2023 02:59:35 GMT
server: BunnyCDN-SG1-944
cdn-fileserver: 561
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: "6434cd17-356b"
content-type: image/png
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: ead9f55ca6f80cb32ebeaa53d1d7635b
accept-ranges: bytes
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 333-20220608063847.png
w.ladicdn.com/s1050x700/5ea845b95da1a2557f302daa/ 529 KB
531 KB 4ms
4ms Image
image/png 2400:52e0:1500::944:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s1050x700/5ea845b95da1a2557f302daa/333-20220608063847.png
Requested by: Host: sale.watchmoney.site
URL: https://sale.watchmoney.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::944:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-944 /
Resource Hash: 0b7096e14fd5e9a392c15ab77b84bcff6534c872d7d1693558e6b342de5070dd

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sale.watchmoney.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:10:04 GMT
cdn-edgestorageid: 749
perma-cache: HIT
cdn-storageserver: SG-561
cdn-cachedat: 04/10/2023 08:06:12
cdn-pullzone: 575124
content-length: 541280
last-modified: Wed, 08 Jun 2022 08:11:11 GMT
server: BunnyCDN-SG1-944
cdn-fileserver: 319
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: "62a0599f-84260"
content-type: image/png
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 848f757550cbcb223de4139322b1ff1f
accept-ranges: bytes
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/rg2kuGYckqA/ 31 KB
32 KB 34ms
11ms Image
image/jpeg 2404:6800:4003:c03::64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/rg2kuGYckqA/hqdefault.jpg

Requested by

Host: sale.watchmoney.site
URL: https://sale.watchmoney.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::64 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7e3e6339da64c05917fdb0ef6b1de47e3eedc375396c8aea6b09958cd9448a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sale.watchmoney.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:10:04 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32088
x-xss-protection: 0
server: sffe
etag: "1663763507"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 12 Apr 2023 05:10:04 GMT

GET
H2 200 sdk.js Show response
w.ladicdn.com/ladichat/ 763 B
952 B 4ms
3ms Script
text/javascript 2400:52e0:1500::944:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/ladichat/sdk.js
Requested by: Host: sale.watchmoney.site
URL: https://sale.watchmoney.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::944:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-944 /
Resource Hash: b64036116bf5824ee8150b1da696a6c8dfd4854d07901ceced4de34b9e48c4c7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sale.watchmoney.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:10:04 GMT
content-encoding: br
cdn-edgestorageid: 982
perma-cache: HIT
cdn-storageserver: SG-76
cdn-cachedat: 11/23/2022 09:38:19
cdn-pullzone: 575124
last-modified: Wed, 23 Nov 2022 09:37:41 GMT
server: BunnyCDN-SG1-944
cdn-fileserver: 345
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"637de9e5-2fb"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cache-control: public, max-age=31919000
cdn-requestid: 83432e50d74a69923a0d775cc4036262
cdn-requestcountrycode: SG
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 18ms
8ms Font
font/woff2 2404:6800:4003:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Oswald:bold,regular|Source%20Sans%20Pro:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sale.watchmoney.site
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 16:31:07 GMT
x-content-type-options: nosniff
age: 38337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 16:31:07 GMT

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v49/ 17 KB
18 KB 17ms
12ms Font
font/woff2 2404:6800:4003:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Oswald:bold,regular|Source%20Sans%20Pro:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sale.watchmoney.site
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:41:53 GMT
x-content-type-options: nosniff
age: 16091
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17908
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 22:41:53 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ 31 KB
31 KB 9ms
4ms Font
font/woff2 2404:6800:4003:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Oswald:bold,regular|Source%20Sans%20Pro:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sale.watchmoney.site
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:12:53 GMT
x-content-type-options: nosniff
age: 17831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31320
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:11:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 22:12:53 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 12ms
11ms Font
font/woff2 2404:6800:4003:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Oswald:bold,regular|Source%20Sans%20Pro:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sale.watchmoney.site
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:23:01 GMT
x-content-type-options: nosniff
age: 31623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 18:23:01 GMT

OPTIONS
H2 200 event
a.ladipage.com/ Frame 0
0 24ms
5ms Preflight
application/json 3.0.225.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a.ladipage.com/event

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.0.225.157 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-0-225-157.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,ladi_camp_form_submit,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_page_view
Access-Control-Request-Method: POST
Origin: https://sale.watchmoney.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 2592000
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 12 Apr 2023 03:10:04 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 ladipage.formdata.min.js Show response
w.ladicdn.com/v2/source/ 51 KB
15 KB 4ms
4ms Script
text/javascript 2400:52e0:1500::944:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/v2/source/ladipage.formdata.min.js?v=1681203989371
Requested by: Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipagev3.min.js?v=1681203989371
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::944:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-944 /
Resource Hash: 30faf99ee514786a4c5269c1da40e3fe9bdb09991017a343c774370388fe6b1e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sale.watchmoney.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:10:04 GMT
content-encoding: br
cdn-edgestorageid: 714
perma-cache: MISS
cdn-cachedat: 04/11/2023 09:11:58
cdn-pullzone: 575124
server: BunnyCDN-SG1-944
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
access-control-max-age: 2592000
access-control-allow-credentials: true
cache-control: public, max-age=31919000
cdn-requestid: 228c3759b50a1d855f6e719ef31dbc40
cdn-requestcountrycode: SG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 event Show response
a.ladipage.com/ 106 B
632 B 9ms
9ms XHR
text/plain 3.0.225.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a.ladipage.com/event

Requested by

Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipagev3.min.js?v=1681203989371

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.0.225.157 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-0-225-157.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

4fa02c92c32cd79f96f6032cd26baa89f69748297451280bde4851c486b4c843

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

LADI_CLIENT_ID: 4e92c9ff-a081-49d0-71d0-b95373e081d0
LADI_CAMP_ORIGIN_URL
LADI_FORM_SUBMIT: 0
LADI_CAMP_ID
LADI_CAMP_FORM_SUBMIT: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
LADI_CAMP_NAME
Content-Type: application/json
accept-language: zh-SG,zh;q=0.9
LADI_CAMP_TARGET_URL
LADI_CAMP_PAGE_VIEW: 0
Referer: https://sale.watchmoney.site/
LADI_PAGE_VIEW: 1
LADI_CAMP_TYPE

Response headers

date: Wed, 12 Apr 2023 03:10:04 GMT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
x-xss-protection: 0

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 27ms
16ms Script
text/javascript 2404:6800:4003:c0f::5d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipagev3.min.js?v=1681203989371

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::5d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d12edf79a333c20b2ffdc2abfa2168c88d6105e2073cce1bee3b962191ea38f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sale.watchmoney.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:10:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=zh-CN for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 12 Apr 2023 03:10:04 GMT

GET
H2 200 5007144169413038 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 350ms
350ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/5007144169413038?v=2.9.101&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aaf81382e35de4bd88243778b028f3f87b79f3d77d87b7e2b36697a21f0fd4d4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sale.watchmoney.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 12 Apr 2023 03:10:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 2ucNipDYJjVRA2NbnLS3c3U3+potWLJSD6cZAP2LIkp3mFrdaYWCEO6/pELOahyPs1AHkdBCErEOWncjSl0AGA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 548340344
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ladichat.min.js Show response
w.ladicdn.com/ladichat/ 322 KB
86 KB 1327ms
1327ms Script
text/javascript 2400:52e0:1500::944:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/ladichat/ladichat.min.js?ver=1681269004762
Requested by: Host: w.ladicdn.com
URL: https://w.ladicdn.com/ladichat/sdk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::944:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-944 /
Resource Hash: e44ee2b417453db96df4f31233e9cf12dd547b77a9632ef06d988c87e3523db1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sale.watchmoney.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:10:06 GMT
content-encoding: br
cdn-edgestorageid: 945
perma-cache: MISS
cdn-cachedat: 04/12/2023 03:10:06
cdn-pullzone: 575124
server: BunnyCDN-SG1-944
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: MISS
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
access-control-max-age: 2592000
access-control-allow-credentials: true
cache-control: public, max-age=31919000
cdn-requestid: 04207d524181fad0a7f3e097cabd5d67
cdn-requestcountrycode: SG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/7da8dd3e/www-widgetapi.vflset/ 184 KB
62 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c0f::5d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7da8dd3e/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::5d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9d5d388649117caf4229e65edbf884be9f45e78259fb042e60ad1c112612b9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sale.watchmoney.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 07:54:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 414932
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63230
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 00:15:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 06 Apr 2024 07:54:32 GMT

GET
H3 200 rg2kuGYckqA Show response
www.youtube.com/embed/ Frame 33DA 73 KB
30 KB 45ms
44ms Document
text/html 2404:6800:4003:c0f::5d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/rg2kuGYckqA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsale.watchmoney.site&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7da8dd3e/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aafaa14ae2a4060f0f207ca29ee6a1e81a39c929f89812cc615ef5183274c002

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sale.watchmoney.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 03:10:04 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/7da8dd3e/ Frame 33DA 400 KB
51 KB 6ms
5ms Stylesheet
text/css 2404:6800:4003:c0f::5d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7da8dd3e/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/rg2kuGYckqA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsale.watchmoney.site&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acf68dcce2368d3652430adeb6409f6027d23bbd6cdf47c3c797bb33fa6fe729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/embed/rg2kuGYckqA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsale.watchmoney.site&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 16:19:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 125438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52109
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 00:15:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 Apr 2024 16:19:26 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/7da8dd3e/www-embed-player.vflset/ Frame 33DA 348 KB
108 KB 10ms
8ms Script
text/javascript 2404:6800:4003:c0f::5d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7da8dd3e/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/rg2kuGYckqA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsale.watchmoney.site&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0a9ea0d24fcadbb338ce27ca4cf6af3c78fded0c118c0e522449d829ba4ffd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/embed/rg2kuGYckqA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsale.watchmoney.site&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 17:10:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35954
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110581
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 00:15:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 10 Apr 2024 17:10:50 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/7da8dd3e/player_ias.vflset/zh_CN/ Frame 33DA 2 MB
615 KB 13ms
12ms Script
text/javascript 2404:6800:4003:c0f::5d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7da8dd3e/player_ias.vflset/zh_CN/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/rg2kuGYckqA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsale.watchmoney.site&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5edb039d354ed6686d498cd18f4ef8c030366c3f0caa0d9952e29cf3d16bfd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/embed/rg2kuGYckqA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsale.watchmoney.site&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 05:35:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 509697
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 629804
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 00:15:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 05 Apr 2024 05:35:07 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/7da8dd3e/fetch-polyfill.vflset/ Frame 33DA 9 KB
3 KB 15ms
14ms Script
text/javascript 2404:6800:4003:c0f::5d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7da8dd3e/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/rg2kuGYckqA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsale.watchmoney.site&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/embed/rg2kuGYckqA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsale.watchmoney.site&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:22:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 474474
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 00:15:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 05 Apr 2024 15:22:10 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 33DA
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

6ms
5ms

XHR
application/json

2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/rg2kuGYckqA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsale.watchmoney.site&widgetid=1

Protocol

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

329f333e1d94eebeb8bd22c21ce92e085c01e7bf9a2b2eefdda5e476ece1334d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:10:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 12 Apr 2023 03:10:05 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 33DA 29 B
495 B 24ms
5ms Script
text/javascript 2404:6800:4003:c11::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7da8dd3e/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 02:57:38 GMT
x-content-type-options: nosniff
age: 747
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 12 Apr 2023 03:12:38 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 20ms
7ms Preflight
text/html 2404:6800:4003:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 12 Apr 2023 03:10:05 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 33DA 66 KB
30 KB 17ms
16ms XHR
application/json+protobuf 2404:6800:4003:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7da8dd3e/player_ias.vflset/zh_CN/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c041f7b237fddfc56e04f88b906708ea60946ff1b6ccea371cd0222827f97ab7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 12 Apr 2023 03:10:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31022
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/7da8dd3e/player_ias.vflset/zh_CN/ Frame 33DA 116 KB
36 KB 25ms
25ms Script
text/javascript 2404:6800:4003:c0f::5d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7da8dd3e/player_ias.vflset/zh_CN/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7da8dd3e/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88353bbdf6b5f3056cece460d1b09ca978541e61e21e6859193f5270377f0c68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/embed/rg2kuGYckqA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsale.watchmoney.site&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 16:15:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 125700
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36586
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 00:15:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 Apr 2024 16:15:05 GMT

GET
H2 200 E2xtljRepN-eFPlyfWIcviFlpiWi6Q6bMRPMqXz0nbk.js Show response
www.google.com/js/th/ Frame 33DA 36 KB
15 KB 33ms
4ms Script
text/javascript 2404:6800:4003:c11::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/E2xtljRepN-eFPlyfWIcviFlpiWi6Q6bMRPMqXz0nbk.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7da8dd3e/player_ias.vflset/zh_CN/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::93 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

136c6d96345ea4df9e14f9727d621cbe2165a625a2e90e9b3113cca97cf49db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 08:54:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14410
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Apr 2024 08:54:56 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/rg2kuGYckqA/ Frame 33DA 66 KB
67 KB 417ms
397ms Image
image/webp 2404:6800:4003:c0f::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/rg2kuGYckqA/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/rg2kuGYckqA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsale.watchmoney.site&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::77 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba46f2bce5b76c6b555cbe59cf604566de33a0d7b43e1e562111b3836cb429a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:10:05 GMT
x-content-type-options: nosniff
server: sffe
etag: "1663763507"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68016
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 12 Apr 2023 05:10:05 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/7da8dd3e/player_ias.vflset/zh_CN/ Frame 33DA 28 KB
9 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c0f::5d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7da8dd3e/player_ias.vflset/zh_CN/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7da8dd3e/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5a10c01704bd8ddd2e16eec56cf550a056e9469ccf1975f94810ce3c75a0831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/embed/rg2kuGYckqA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsale.watchmoney.site&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 17:03:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122773
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8916
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 00:15:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 Apr 2024 17:03:52 GMT

GET
DATA 200
OK truncated
/ Frame 33DA 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 0rVGXcbMuj1C1JV4pxZS06oA8BkXRndOGTnWy6sKfptNZfABg139ubwbrEVBnh_dbIg3mJmCIg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 33DA 380 B
690 B 22ms
9ms Image
image/jpeg 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/0rVGXcbMuj1C1JV4pxZS06oA8BkXRndOGTnWy6sKfptNZfABg139ubwbrEVBnh_dbIg3mJmCIg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/rg2kuGYckqA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsale.watchmoney.site&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c16f42dc3f7ffb8ff3fa45fdca2a33495069c0af45c8885ace5c7a3dc2761937

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:10:05 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="channels4_profile.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 380
x-xss-protection: 0
expires: Thu, 13 Apr 2023 03:10:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 33DA 15 KB
15 KB 7ms
6ms Font
font/woff2 2404:6800:4003:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/rg2kuGYckqA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsale.watchmoney.site&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:53:52 GMT
x-content-type-options: nosniff
age: 26173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 19:53:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 33DA 15 KB
15 KB 9ms
3ms Font
font/woff2 2404:6800:4003:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/rg2kuGYckqA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsale.watchmoney.site&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 14:08:18 GMT
x-content-type-options: nosniff
age: 478907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Apr 2024 14:08:18 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 20ms
5ms Image
text/plain 2a03:2880:f10c:381:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=5007144169413038&ev=PageView&dl=https%3A%2F%2Fsale.watchmoney.site%2F&rl=&if=false&ts=1681269005276&sw=1600&sh=1200&v=2.9.101&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1681269005275.838625800&it=1681269004727&coo=false&rqm=GET

Requested by

Host: sale.watchmoney.site
URL: https://sale.watchmoney.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sale.watchmoney.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 12 Apr 2023 03:10:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 20ms
5ms Image
text/plain 2a03:2880:f10c:381:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=5007144169413038&ev=ViewContent&dl=https%3A%2F%2Fsale.watchmoney.site%2F&rl=&if=false&ts=1681269005277&sw=1600&sh=1200&v=2.9.101&r=stable&ec=1&o=30&fbp=fb.1.1681269005275.838625800&it=1681269004727&coo=false&rqm=GET

Requested by

Host: sale.watchmoney.site
URL: https://sale.watchmoney.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sale.watchmoney.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 12 Apr 2023 03:10:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 20ms
6ms Image
text/plain 2a03:2880:f10c:381:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=5007144169413038&ev=ScrollDepth_25_percent&dl=https%3A%2F%2Fsale.watchmoney.site%2F&rl=&if=false&ts=1681269005278&sw=1600&sh=1200&v=2.9.101&r=stable&ec=2&o=30&fbp=fb.1.1681269005275.838625800&it=1681269004727&coo=false&rqm=GET

Requested by

Host: sale.watchmoney.site
URL: https://sale.watchmoney.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sale.watchmoney.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 12 Apr 2023 03:10:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame 33DA 63 KB
23 KB 116ms
116ms XHR
application/json 2404:6800:4003:c0f::5d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7da8dd3e/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

88233582577b6ad372226931d848feb6592b894f27d85403d63dd5999b542c67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/rg2kuGYckqA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsale.watchmoney.site&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230402.00.00
X-Goog-Visitor-Id: CgtrN2hpc25VdUVPSSiMwtihBg%3D%3D

Response headers

date: Wed, 12 Apr 2023 03:10:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23303
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 33DA 365 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: feffff684b98a26fcf2db8ee8f905591d3e4ceaf75d2be0e4ff14774f4a6482c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 6ms
5ms Preflight
text/html 2404:6800:4003:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 12 Apr 2023 03:10:05 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 33DA 90 B
134 B 9ms
8ms XHR
application/json+protobuf 2404:6800:4003:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7da8dd3e/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3c20a6eb530697ba0e5c2ca12d471e1dc8a478f773daa0548730bfe5237628a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 12 Apr 2023 03:10:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H3 204 generate_204
www.youtube.com/ Frame 33DA 0
10 B 4ms
4ms Image
text/plain 2404:6800:4003:c0f::5d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?JNiZeg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/rg2kuGYckqA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsale.watchmoney.site&widgetid=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c0f::5d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/embed/rg2kuGYckqA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsale.watchmoney.site&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:10:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 33DA 4 KB
2 KB 23ms
9ms Script
text/javascript 2404:6800:4003:c11::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7da8dd3e/player_ias.vflset/zh_CN/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:10:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 12 Apr 2023 03:10:05 GMT

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame 33DA 0
19 B 24ms
23ms XHR
text/html 2404:6800:4003:c0f::5d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=244&afmt=251&cpn=7XO_6GJdWL7ZOwIY&el=embedded&ns=yt&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24255165%2C24405914%2C24415864%2C24416291%2C24439361%2C24450367%2C24451437%2C24462371%2C24468691%2C24474986%2C24482081%2C24483087%2C24492795%2C24499792%2C24512912%2C24516157%2C39323074&cl=521319471&seq=1&docid=rg2kuGYckqA&ei=DSE2ZLC_EpOc3LUPq-2VsAM&event=streamingstats&plid=AAX5GvHWahNENqMM&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Frg2kuGYckqA%3Frel%3D0%26modestbranding%3D0%26playsinline%3D1%26controls%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fsale.watchmoney.site%26widgetid%3D1&cbr=Chrome&cbrver=111.0.5563.146&c=WEB_EMBEDDED_PLAYER&cver=1.20230402.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.010:B,0.224:B,0.224:B&cmt=0.010:0.000,0.224:0.000&afs=0.224:251::i&vfs=0.224:244:244::r&view=0.224:906:560&bwe=0.224:130000&bat=0.224:1:1&vis=0.224:0&bh=0.224:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7da8dd3e/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/rg2kuGYckqA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsale.watchmoney.site&widgetid=1
X-YouTube-Client-Version: 1.20230402.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtrN2hpc25VdUVPSSiMwtihBg%3D%3D
X-YouTube-Ad-Signals: dt=1681269005042&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C906%2C560&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 03:10:05 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK videoplayback Show response
rr2---sn-npoldn7e.googlevideo.com/ Frame 33DA 162 KB
163 KB 54ms
28ms Fetch
video/webm 2404:6800:4003:20::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-npoldn7e.googlevideo.com/videoplayback?expire=1681290605&ei=DSE2ZLC_EpOc3LUPq-2VsAM&ip=2001%3Adf1%3A800%3Aa004%3A1%3A%3A8&id=o-AHx_hHsCooho6ixbXUDZ_oIhTbrYyLQA_WcvwP57sIVy&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=ev&mm=31%2C26&mn=sn-npoldn7e%2Csn-oguelnl7&ms=au%2Conr&mv=m&mvi=2&pl=48&initcwndbps=776250&spc=99c5CbHK8UJLocHAFO1KWh3lJQmHaJBHp79w5TTAzA&vprv=1&mime=video%2Fwebm&ns=-A8q706fWFivJ9tT3PDYS_4M&gir=yes&clen=2681228&dur=63.663&lmt=1663808502034497&mt=1681268677&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=_gZRmMbPfOjArg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgTTHeBQ6AbwdZbKoqTzhY9lkrg5fTNZR0kqKN0pLmg9sCIDLYe9NLuPx19FzFUSNmp8BZhYraAxq2HGwyJZR08B3k&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgHQ8mgqWipkA-G6mSvuJCd1ThhN5JO9fEOAANxg73G08CICxy1trJ28n1xS-dgh3U18V6uPcu-AV9TYsXtGvvN4t4&alr=yes&cpn=7XO_6GJdWL7ZOwIY&cver=1.20230402.00.00&range=0-165770&rn=1&rbuf=0&pot=MmSJIFVLDxSIQ4kYDGUZD0IQFMu48wDWYuNLD-gPci1Dot-2m1V9OU84UDVYJStcbIB4fLZJM49Wp_C5nr0Bix5xOLGcE0Dt7xjFsbXIzsU9MzqL60Mm7hlkWgGjqDDUD1gIYKPk

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7da8dd3e/player_ias.vflset/zh_CN/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:20::7 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

faf9e1ba77a98dfcfc9b0c941edb1bbe37518e933802069692c1f0c826fc1092

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:10:05 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 165771
Last-Modified: Thu, 22 Sep 2022 01:01:42 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Wed, 12 Apr 2023 03:10:05 GMT

POST
H/1.1 200
OK videoplayback Show response
rr2---sn-npoldn7e.googlevideo.com/ Frame 33DA 64 KB
65 KB 59ms
34ms Fetch
audio/webm 2404:6800:4003:20::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-npoldn7e.googlevideo.com/videoplayback?expire=1681290605&ei=DSE2ZLC_EpOc3LUPq-2VsAM&ip=2001%3Adf1%3A800%3Aa004%3A1%3A%3A8&id=o-AHx_hHsCooho6ixbXUDZ_oIhTbrYyLQA_WcvwP57sIVy&itag=251&source=youtube&requiressl=yes&mh=ev&mm=31%2C26&mn=sn-npoldn7e%2Csn-oguelnl7&ms=au%2Conr&mv=m&mvi=2&pl=48&initcwndbps=776250&spc=99c5CbHK8UJLocHAFO1KWh3lJQmHaJBHp79w5TTAzA&vprv=1&mime=audio%2Fwebm&ns=-A8q706fWFivJ9tT3PDYS_4M&gir=yes&clen=1066784&dur=63.681&lmt=1663808514524676&mt=1681268677&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=_gZRmMbPfOjArg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANBWUXtK5mnr6c9ACc5hV3tLvkFXL5M5smgymRfwyx8OAiBRjOZXc1VvukKW922KswkKO66JyOsMQquizCoaQ88QXg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgHQ8mgqWipkA-G6mSvuJCd1ThhN5JO9fEOAANxg73G08CICxy1trJ28n1xS-dgh3U18V6uPcu-AV9TYsXtGvvN4t4&alr=yes&cpn=7XO_6GJdWL7ZOwIY&cver=1.20230402.00.00&range=0-65909&rn=2&rbuf=0&pot=MmSJIFVLDxSIQ4kYDGUZD0IQFMu48wDWYuNLD-gPci1Dot-2m1V9OU84UDVYJStcbIB4fLZJM49Wp_C5nr0Bix5xOLGcE0Dt7xjFsbXIzsU9MzqL60Mm7hlkWgGjqDDUD1gIYKPk

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7da8dd3e/player_ias.vflset/zh_CN/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:20::7 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

6f6b99cf0e9a4436a9bd0d706524a9c14e4ad8cced0271d5a19f4f1523fb9a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:10:05 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 65910
Last-Modified: Thu, 22 Sep 2022 01:01:54 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Wed, 12 Apr 2023 03:10:05 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/7da8dd3e/player_ias.vflset/zh_CN/ Frame 33DA 33 KB
9 KB 8ms
7ms Script
text/javascript 2404:6800:4003:c0f::5d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7da8dd3e/player_ias.vflset/zh_CN/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7da8dd3e/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bf3c4dca6aff8000ae0875f2bd9cfd47c6405882342dfe74f2725ae5b4d6c6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/embed/rg2kuGYckqA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsale.watchmoney.site&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 16:15:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 125678
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9116
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 00:15:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 Apr 2024 16:15:27 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame 33DA 7 KB
2 KB 200ms
199ms XHR
application/json 2404:6800:4003:c0f::5d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7da8dd3e/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

a5e7a8024b8cbf0b49628d67c38b11af5fd9be125668bf884270547bf480433d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/rg2kuGYckqA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsale.watchmoney.site&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230402.00.00
X-Goog-Visitor-Id: CgtrN2hpc25VdUVPSSiMwtihBg%3D%3D

Response headers

date: Wed, 12 Apr 2023 03:10:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2287
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/111/ Frame 33DA 50 KB
15 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c11::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/111/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 07:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71643
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14872
x-xss-protection: 0
last-modified: Mon, 16 Jan 2023 16:05:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 12 Apr 2023 07:16:02 GMT

POST
H3 200 videoplayback Show response
rr2---sn-npoldn7e.googlevideo.com/ Frame 33DA 161 KB
162 KB 11ms
3ms Fetch
video/webm 2404:6800:4003:20::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-npoldn7e.googlevideo.com/videoplayback?expire=1681290605&ei=DSE2ZLC_EpOc3LUPq-2VsAM&ip=2001%3Adf1%3A800%3Aa004%3A1%3A%3A8&id=o-AHx_hHsCooho6ixbXUDZ_oIhTbrYyLQA_WcvwP57sIVy&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=ev&mm=31%2C26&mn=sn-npoldn7e%2Csn-oguelnl7&ms=au%2Conr&mv=m&mvi=2&pl=48&initcwndbps=776250&spc=99c5CbHK8UJLocHAFO1KWh3lJQmHaJBHp79w5TTAzA&vprv=1&mime=video%2Fwebm&ns=-A8q706fWFivJ9tT3PDYS_4M&gir=yes&clen=2681228&dur=63.663&lmt=1663808502034497&mt=1681268677&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=_gZRmMbPfOjArg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgTTHeBQ6AbwdZbKoqTzhY9lkrg5fTNZR0kqKN0pLmg9sCIDLYe9NLuPx19FzFUSNmp8BZhYraAxq2HGwyJZR08B3k&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgHQ8mgqWipkA-G6mSvuJCd1ThhN5JO9fEOAANxg73G08CICxy1trJ28n1xS-dgh3U18V6uPcu-AV9TYsXtGvvN4t4&alr=yes&cpn=7XO_6GJdWL7ZOwIY&cver=1.20230402.00.00&range=165771-331125&rn=3&rbuf=2002&pot=MmSJIFVLDxSIQ4kYDGUZD0IQFMu48wDWYuNLD-gPci1Dot-2m1V9OU84UDVYJStcbIB4fLZJM49Wp_C5nr0Bix5xOLGcE0Dt7xjFsbXIzsU9MzqL60Mm7hlkWgGjqDDUD1gIYKPk

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7da8dd3e/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:20::7 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c4f2a359d2cb66351c40863350c4f52f6cf2c2b49e8b3d34c93da8cca1d18d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

client-protocol: quic
date: Wed, 12 Apr 2023 03:10:05 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 165355
last-modified: Thu, 22 Sep 2022 01:01:42 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 12 Apr 2023 03:10:05 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 33DA 28 B
50 B 14ms
12ms XHR
application/json 2404:6800:4003:c0f::5d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7da8dd3e/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
X-Goog-Request-Time: 1681269005589
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/rg2kuGYckqA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsale.watchmoney.site&widgetid=1
X-YouTube-Client-Version: 1.20230402.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtrN2hpc25VdUVPSSiMwtihBg%3D%3D
X-YouTube-Ad-Signals: dt=1681269004959&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C906%2C560&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 12 Apr 2023 03:10:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

POST
H3 200 videoplayback Show response
rr2---sn-npoldn7e.googlevideo.com/ Frame 33DA 65 KB
65 KB 4ms
3ms Fetch
audio/webm 2404:6800:4003:20::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-npoldn7e.googlevideo.com/videoplayback?expire=1681290605&ei=DSE2ZLC_EpOc3LUPq-2VsAM&ip=2001%3Adf1%3A800%3Aa004%3A1%3A%3A8&id=o-AHx_hHsCooho6ixbXUDZ_oIhTbrYyLQA_WcvwP57sIVy&itag=251&source=youtube&requiressl=yes&mh=ev&mm=31%2C26&mn=sn-npoldn7e%2Csn-oguelnl7&ms=au%2Conr&mv=m&mvi=2&pl=48&initcwndbps=776250&spc=99c5CbHK8UJLocHAFO1KWh3lJQmHaJBHp79w5TTAzA&vprv=1&mime=audio%2Fwebm&ns=-A8q706fWFivJ9tT3PDYS_4M&gir=yes&clen=1066784&dur=63.681&lmt=1663808514524676&mt=1681268677&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=_gZRmMbPfOjArg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANBWUXtK5mnr6c9ACc5hV3tLvkFXL5M5smgymRfwyx8OAiBRjOZXc1VvukKW922KswkKO66JyOsMQquizCoaQ88QXg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgHQ8mgqWipkA-G6mSvuJCd1ThhN5JO9fEOAANxg73G08CICxy1trJ28n1xS-dgh3U18V6uPcu-AV9TYsXtGvvN4t4&alr=yes&cpn=7XO_6GJdWL7ZOwIY&cver=1.20230402.00.00&range=65910-131961&rn=4&rbuf=3848&pot=MmSJIFVLDxSIQ4kYDGUZD0IQFMu48wDWYuNLD-gPci1Dot-2m1V9OU84UDVYJStcbIB4fLZJM49Wp_C5nr0Bix5xOLGcE0Dt7xjFsbXIzsU9MzqL60Mm7hlkWgGjqDDUD1gIYKPk

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7da8dd3e/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:20::7 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

7c4c4163b820a688c614cfb9b0da00188bfedf9bd12191b2e34702890816d071

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

client-protocol: quic
date: Wed, 12 Apr 2023 03:10:05 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66052
last-modified: Thu, 22 Sep 2022 01:01:54 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 12 Apr 2023 03:10:05 GMT

POST
H3 200 videoplayback Show response
rr2---sn-npoldn7e.googlevideo.com/ Frame 33DA 289 KB
289 KB 4ms
3ms Fetch
video/webm 2404:6800:4003:20::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-npoldn7e.googlevideo.com/videoplayback?expire=1681290605&ei=DSE2ZLC_EpOc3LUPq-2VsAM&ip=2001%3Adf1%3A800%3Aa004%3A1%3A%3A8&id=o-AHx_hHsCooho6ixbXUDZ_oIhTbrYyLQA_WcvwP57sIVy&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=ev&mm=31%2C26&mn=sn-npoldn7e%2Csn-oguelnl7&ms=au%2Conr&mv=m&mvi=2&pl=48&initcwndbps=776250&spc=99c5CbHK8UJLocHAFO1KWh3lJQmHaJBHp79w5TTAzA&vprv=1&mime=video%2Fwebm&ns=-A8q706fWFivJ9tT3PDYS_4M&gir=yes&clen=2681228&dur=63.663&lmt=1663808502034497&mt=1681268677&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=_gZRmMbPfOjArg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgTTHeBQ6AbwdZbKoqTzhY9lkrg5fTNZR0kqKN0pLmg9sCIDLYe9NLuPx19FzFUSNmp8BZhYraAxq2HGwyJZR08B3k&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgHQ8mgqWipkA-G6mSvuJCd1ThhN5JO9fEOAANxg73G08CICxy1trJ28n1xS-dgh3U18V6uPcu-AV9TYsXtGvvN4t4&alr=yes&cpn=7XO_6GJdWL7ZOwIY&cver=1.20230402.00.00&range=331126-627054&rn=5&rbuf=4004&pot=MmSJIFVLDxSIQ4kYDGUZD0IQFMu48wDWYuNLD-gPci1Dot-2m1V9OU84UDVYJStcbIB4fLZJM49Wp_C5nr0Bix5xOLGcE0Dt7xjFsbXIzsU9MzqL60Mm7hlkWgGjqDDUD1gIYKPk

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7da8dd3e/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:20::7 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

6729d9b105a8231cd49560dcd0c45bf1089687a83e4ba0065f3c8e0b7b86d732

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

client-protocol: quic
date: Wed, 12 Apr 2023 03:10:05 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295929
last-modified: Thu, 22 Sep 2022 01:01:42 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 12 Apr 2023 03:10:05 GMT

POST
H3 200 videoplayback Show response
rr2---sn-npoldn7e.googlevideo.com/ Frame 33DA 130 KB
130 KB 3ms
3ms Fetch
audio/webm 2404:6800:4003:20::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-npoldn7e.googlevideo.com/videoplayback?expire=1681290605&ei=DSE2ZLC_EpOc3LUPq-2VsAM&ip=2001%3Adf1%3A800%3Aa004%3A1%3A%3A8&id=o-AHx_hHsCooho6ixbXUDZ_oIhTbrYyLQA_WcvwP57sIVy&itag=251&source=youtube&requiressl=yes&mh=ev&mm=31%2C26&mn=sn-npoldn7e%2Csn-oguelnl7&ms=au%2Conr&mv=m&mvi=2&pl=48&initcwndbps=776250&spc=99c5CbHK8UJLocHAFO1KWh3lJQmHaJBHp79w5TTAzA&vprv=1&mime=audio%2Fwebm&ns=-A8q706fWFivJ9tT3PDYS_4M&gir=yes&clen=1066784&dur=63.681&lmt=1663808514524676&mt=1681268677&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=_gZRmMbPfOjArg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANBWUXtK5mnr6c9ACc5hV3tLvkFXL5M5smgymRfwyx8OAiBRjOZXc1VvukKW922KswkKO66JyOsMQquizCoaQ88QXg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgHQ8mgqWipkA-G6mSvuJCd1ThhN5JO9fEOAANxg73G08CICxy1trJ28n1xS-dgh3U18V6uPcu-AV9TYsXtGvvN4t4&alr=yes&cpn=7XO_6GJdWL7ZOwIY&cver=1.20230402.00.00&range=131962-264585&rn=6&rbuf=7727&pot=MmSJIFVLDxSIQ4kYDGUZD0IQFMu48wDWYuNLD-gPci1Dot-2m1V9OU84UDVYJStcbIB4fLZJM49Wp_C5nr0Bix5xOLGcE0Dt7xjFsbXIzsU9MzqL60Mm7hlkWgGjqDDUD1gIYKPk

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7da8dd3e/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:20::7 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

1cc612eac1b74ec0c91657b171af4557311cb2de1481371a4ae5611d02264a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

client-protocol: quic
date: Wed, 12 Apr 2023 03:10:05 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132624
last-modified: Thu, 22 Sep 2022 01:01:54 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 12 Apr 2023 03:10:05 GMT

GET
H3 204 playback Show response
www.youtube.com/api/stats/ Frame 33DA 0
17 B 9ms
8ms XHR
text/html 2404:6800:4003:c0f::5d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=7XO_6GJdWL7ZOwIY&ver=2&cmt=0.043&fmt=244&fs=0&rt=0.429&euri=https%3A%2F%2Fsale.watchmoney.site%2F&lact=600&cl=521319471&mos=1&volume=100&cbr=Chrome&cbrver=111.0.5563.146&c=WEB_EMBEDDED_PLAYER&cver=1.20230402.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&splay=1&hl=zh_CN&cr=SG&len=63.681&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24255165%2C24405914%2C24415864%2C24416291%2C24439361%2C24450367%2C24451437%2C24462371%2C24468691%2C24474986%2C24482081%2C24483087%2C24492795%2C24499792%2C24512912%2C24516157%2C39323074&rtn=11&afmt=251&size=906%3A560&inview=0.31&muted=1&docid=rg2kuGYckqA&ei=DSE2ZLC_EpOc3LUPq-2VsAM&plid=AAX5GvHWahNENqMM&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Frg2kuGYckqA%3Frel%3D0%26modestbranding%3D0%26playsinline%3D1%26controls%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fsale.watchmoney.site%26widgetid%3D1&of=1gUfgraRJ0bAs7VkYco9bg&vm=CAEQABgEOjJBTE03ZXZLYzlTcHFRY1FacG5ZTHZfMDNCV0tocnZhWGxaVXBINVUzbjQ3djBzb1FLUWJTQVBta0tETGxKQl96TFJ3cDhZT1ZuRGhUSWJvU2FxWW9LMUw4TlB0VVV1YWtfeGFIYjE3OHFJdTNUaHRxWXJ6SElBdWdGNFp1SGJKU1NnekxfaFloAQ

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7da8dd3e/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/rg2kuGYckqA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsale.watchmoney.site&widgetid=1
X-YouTube-Client-Version: 1.20230402.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtrN2hpc25VdUVPSSiMwtihBg%3D%3D
X-YouTube-Ad-Signals: dt=1681269005042&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C906%2C560&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 03:10:05 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking Show response
www.youtube.com/ Frame 33DA 0
17 B 6ms
6ms XHR
text/html 2404:6800:4003:c0f::5d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=rg2kuGYckqA&cpn=7XO_6GJdWL7ZOwIY&ei=DSE2ZLC_EpOc3LUPq-2VsAM&ptk=youtube_none&pltype=contentugc

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7da8dd3e/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/rg2kuGYckqA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsale.watchmoney.site&widgetid=1
X-YouTube-Client-Version: 1.20230402.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtrN2hpc25VdUVPSSiMwtihBg%3D%3D
X-YouTube-Ad-Signals: dt=1681269005042&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C906%2C560&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 03:10:05 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0rVGXcbMuj1C1JV4pxZS06oA8BkXRndOGTnWy6sKfptNZfABg139ubwbrEVBnh_dbIg3mJmCIg=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 33DA 434 B
505 B 10ms
9ms Image
image/jpeg 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/0rVGXcbMuj1C1JV4pxZS06oA8BkXRndOGTnWy6sKfptNZfABg139ubwbrEVBnh_dbIg3mJmCIg=s88-c-k-c0x00ffffff-no-rj

Requested by

Host: sale.watchmoney.site
URL: https://sale.watchmoney.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fc45837a2d481c36873ae973ae68c0293a982b74b3fc6e9ebd863717127ff740

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:10:05 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="channels4_profile.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 434
x-xss-protection: 0
expires: Thu, 13 Apr 2023 03:10:05 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 4ms
3ms Image
text/plain 2a03:2880:f10c:381:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=5007144169413038&ev=Microdata&dl=https%3A%2F%2Fsale.watchmoney.site%2F&rl=&if=false&ts=1681269005780&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Apple%20Watch%20Series%207%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22AWatch%20Series%207-ML-Duy%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fsale.watchmoney.site%22%2C%22og%3Atitle%22%3A%22Apple%20Watch%20Series%207%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fstatic.ladipage.net%2F5ea845b95da1a2557f302daa%2Flayer-1dinh-vi-20220213033142-20220607140026.png%22%2C%22og%3Adescription%22%3A%22AWatch%20Series%207-ML-Duy%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.101&r=stable&ec=3&o=30&fbp=fb.1.1681269005275.838625800&it=1681269004727&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: sale.watchmoney.site
URL: https://sale.watchmoney.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sale.watchmoney.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 12 Apr 2023 03:10:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 6430d9c33c29790013f57742-6430d9c43c29790013f57762.json Show response
g.ladicdn.com/ladichat-sdk/ 4 KB
2 KB 61ms
42ms XHR
application/json 18.140.6.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ladicdn.com/ladichat-sdk/6430d9c33c29790013f57742-6430d9c43c29790013f57762.json?v=1681269006143
Requested by: Host: w.ladicdn.com
URL: https://w.ladicdn.com/ladichat/ladichat.min.js?ver=1681269004762
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.140.6.45 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-6-45.ap-southeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 4a27d780c089f76149ee4a8336a29e9d15a06e1b4f146da18f6e46aa97ea3fa1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sale.watchmoney.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:10:06 GMT
content-encoding: gzip
last-modified: Wed, 12 Apr 2023 03:10:06 GMT
server: openresty
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
statuscode: 200

POST
H2 200 new-session Show response
api.ladichat.com/1.0/auth/ 680 B
2 KB 22ms
22ms XHR
application/json 54.251.173.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ladichat.com/1.0/auth/new-session

Requested by

Host: w.ladicdn.com
URL: https://w.ladicdn.com/ladichat/ladichat.min.js?ver=1681269004762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.251.173.122 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-251-173-122.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

da01a3622b3f53f58763e1584d8e965c1b780e82edb42cd2fe19ff6d8221637a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sale.watchmoney.site/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 12 Apr 2023 03:10:06 GMT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 2592000
access-control-allow-credentials: true
x-ratelimit-reset: 1681269007
x-ratelimit-limit: 10
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials, store-id, session-key
x-ratelimit-remaining: 9
x-xss-protection: 1; mode=block

OPTIONS
H2 200 new-session
api.ladichat.com/1.0/auth/ Frame 0
0 32ms
18ms Preflight
application/json 54.251.173.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ladichat.com/1.0/auth/new-session

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.251.173.122 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-251-173-122.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sale.watchmoney.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials, store-id, session-key
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 2592000
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 12 Apr 2023 03:10:06 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H2 200 my-info Show response
api.ladichat.com/1.0/auth/ 390 B
2 KB 16ms
16ms XHR
application/json 54.251.173.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ladichat.com/1.0/auth/my-info

Requested by

Host: w.ladicdn.com
URL: https://w.ladicdn.com/ladichat/ladichat.min.js?ver=1681269004762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.251.173.122 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-251-173-122.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

2364800d0efbc662857835ccb5bd22ab93c85efce2b966e9a570f25df6fc9d25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sale.watchmoney.site/
session-key: fa549bd9598602d62815925111a27e493654fd959322a422a71814a22cb21240811a6ea461fbc3d7738c8aff196f73bd0221ebf3e9d46dbefc6b977d6d3643c35d7cdbc0d29d35f062833612c5270332a593777bed6309959e3e878df60326de87470452f2eb9624b94cad34a5561b28a582a62dcff93214ad9f9977fcd67ec85e2f271382d426a7f4ee257ae5a908e3e637de29e17435afd119508882bdaa12f3274562af9110223966330ee69846c7018e9ca69f93b0af8b1596ce4405576f8a64da153704bf162809dfd25289a89381d346fd2e6e23c668d3b8f06a18ee077278f109dd91e0c6aae36cdedea7f8492c508d9e6fed2bbc65ed75150b0687392929d5ed7a71ffc447e955743fbd1c5398b44eb7004ace9abb498871fc6ea5c48f2b78b80c26beef08108e679c3a15d3
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 12 Apr 2023 03:10:06 GMT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 2592000
access-control-allow-credentials: true
x-ratelimit-reset: 1681269007
x-ratelimit-limit: 10
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials, store-id, session-key
x-ratelimit-remaining: 8
x-xss-protection: 1; mode=block

OPTIONS
H2 200 my-info
api.ladichat.com/1.0/auth/ Frame 0
0 6ms
5ms Preflight
application/json 54.251.173.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ladichat.com/1.0/auth/my-info

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.251.173.122 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-251-173-122.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,session-key
Access-Control-Request-Method: POST
Origin: https://sale.watchmoney.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials, store-id, session-key
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 2592000
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 12 Apr 2023 03:10:06 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 6430d9c33c29790013f57742-6430d9c43c29790013f57762.json Show response
g.ladicdn.com/ladichat-sdk/ 4 KB
2 KB 4ms
4ms XHR
text/plain 18.140.6.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ladicdn.com/ladichat-sdk/6430d9c33c29790013f57742-6430d9c43c29790013f57762.json?v=1681269006301
Requested by: Host: w.ladicdn.com
URL: https://w.ladicdn.com/ladichat/ladichat.min.js?ver=1681269004762
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.140.6.45 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-6-45.ap-southeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 4a27d780c089f76149ee4a8336a29e9d15a06e1b4f146da18f6e46aa97ea3fa1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sale.watchmoney.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:10:06 GMT
content-encoding: gzip
last-modified: Wed, 12 Apr 2023 03:10:06 GMT
server: openresty
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
statuscode: 200

POST
H2 200 get-config Show response
api.ladichat.com/1.0/store/ 4 KB
6 KB 12ms
11ms XHR
application/json 54.251.173.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ladichat.com/1.0/store/get-config

Requested by

Host: w.ladicdn.com
URL: https://w.ladicdn.com/ladichat/ladichat.min.js?ver=1681269004762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.251.173.122 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-251-173-122.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

aeb2cb3632d878cbb4f2310cea176f10b2278b00af716279bb6840a3902aa626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sale.watchmoney.site/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 12 Apr 2023 03:10:06 GMT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 2592000
access-control-allow-credentials: true
x-ratelimit-reset: 1681269007
x-ratelimit-limit: 10
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials, store-id, session-key
x-ratelimit-remaining: 9
x-xss-protection: 1; mode=block

OPTIONS
H2 200 get-config
api.ladichat.com/1.0/store/ Frame 0
0 7ms
7ms Preflight
application/json 54.251.173.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ladichat.com/1.0/store/get-config

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.251.173.122 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-251-173-122.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sale.watchmoney.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials, store-id, session-key
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 2592000
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 12 Apr 2023 03:10:06 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

OPTIONS
H2 200 show
api.ladichat.com/1.0/form/ Frame 0
0 5ms
4ms Preflight
application/json 54.251.173.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ladichat.com/1.0/form/show

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.251.173.122 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-251-173-122.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sale.watchmoney.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials, store-id, session-key
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 2592000
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 12 Apr 2023 03:10:06 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H2 200 show Show response
api.ladichat.com/1.0/form/ 1 KB
2 KB 9ms
9ms XHR
application/json 54.251.173.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ladichat.com/1.0/form/show

Requested by

Host: w.ladicdn.com
URL: https://w.ladicdn.com/ladichat/ladichat.min.js?ver=1681269004762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.251.173.122 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-251-173-122.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

830d224c929e02ee2b06f8489c6707810c34fc3afb8b5aad994f3b49e1b3a612

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sale.watchmoney.site/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 12 Apr 2023 03:10:06 GMT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 2592000
access-control-allow-credentials: true
x-ratelimit-reset: 1681269007
x-ratelimit-limit: 10
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials, store-id, session-key
x-ratelimit-remaining: 9
x-xss-protection: 1; mode=block

POST
H2 200 list-by-user Show response
api.ladichat.com/1.0/conversation/ 107 B
1 KB 7ms
7ms XHR
application/json 54.251.173.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ladichat.com/1.0/conversation/list-by-user

Requested by

Host: w.ladicdn.com
URL: https://w.ladicdn.com/ladichat/ladichat.min.js?ver=1681269004762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.251.173.122 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-251-173-122.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

02efa50c751c1329e6a7a12c107f4a8e5bce2ba330f7f827b304393f63fe9f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sale.watchmoney.site/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 12 Apr 2023 03:10:06 GMT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 2592000
access-control-allow-credentials: true
x-ratelimit-reset: 1681269007
x-ratelimit-limit: 10
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials, store-id, session-key
x-ratelimit-remaining: 9
x-xss-protection: 1; mode=block

OPTIONS
H2 200 list-by-user
api.ladichat.com/1.0/conversation/ Frame 0
0 5ms
5ms Preflight
application/json 54.251.173.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ladichat.com/1.0/conversation/list-by-user

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.251.173.122 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-251-173-122.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sale.watchmoney.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials, store-id, session-key
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 2592000
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 12 Apr 2023 03:10:06 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H2 200 user-unread Show response
api.ladichat.com/1.0/message/ 98 B
1 KB 10ms
10ms XHR
application/json 54.251.173.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ladichat.com/1.0/message/user-unread

Requested by

Host: w.ladicdn.com
URL: https://w.ladicdn.com/ladichat/ladichat.min.js?ver=1681269004762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.251.173.122 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-251-173-122.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

4e2d111483482c2bbe8659d0bd0f03e44868e2cc1996e7732e0809428f0d46a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sale.watchmoney.site/
session-key: fa549bd9598602d62815925111a27e493654fd959322a422a71814a22cb21240811a6ea461fbc3d7738c8aff196f73bd0221ebf3e9d46dbefc6b977d6d3643c35d7cdbc0d29d35f062833612c5270332a593777bed6309959e3e878df60326de87470452f2eb9624b94cad34a5561b28a582a62dcff93214ad9f9977fcd67ec85e2f271382d426a7f4ee257ae5a908e3e637de29e17435afd119508882bdaa12f3274562af9110223966330ee69846c7018e9ca69f93b0af8b1596ce4405576f8a64da153704bf162809dfd25289a89381d346fd2e6e23c668d3b8f06a18ee077278f109dd91e0c6aae36cdedea7f8492c508d9e6fed2bbc65ed75150b0687392929d5ed7a71ffc447e955743fbd1c5398b44eb7004ace9abb498871fc6ea5c48f2b78b80c26beef08108e679c3a15d3
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: application/json

Response headers

date: Wed, 12 Apr 2023 03:10:06 GMT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 2592000
access-control-allow-credentials: true
x-ratelimit-reset: 1681269007
x-ratelimit-limit: 10
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials, store-id, session-key
x-ratelimit-remaining: 8
x-xss-protection: 1; mode=block

OPTIONS
H2 200 user-unread
api.ladichat.com/1.0/message/ Frame 0
0 5ms
5ms Preflight
application/json 54.251.173.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ladichat.com/1.0/message/user-unread

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.251.173.122 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-251-173-122.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,session-key
Access-Control-Request-Method: POST
Origin: https://sale.watchmoney.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials, store-id, session-key
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 2592000
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 12 Apr 2023 03:10:06 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ Frame 2EA3 30 KB
1 KB 7ms
6ms Stylesheet
text/css 2404:6800:4003:c03::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i|Roboto:ital,wght@0,300;0,400;0,500;1,300;1,400;1,500&display=swap

Requested by

Host: w.ladicdn.com
URL: https://w.ladicdn.com/ladichat/ladichat.min.js?ver=1681269004762

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

34d0c39c6a448e733102327d0f72040de5cf870795a71d482d2671c752a9671d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sale.watchmoney.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Apr 2023 03:10:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 03:04:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Apr 2023 03:10:06 GMT

GET
H2 200 ldicon-colored-widgetchat.svg
w.ladicdn.com/ladiui/icons/ Frame 2EA3 3 KB
2 KB 4ms
3ms Image
image/svg+xml 2400:52e0:1500::944:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/ladiui/icons/ldicon-colored-widgetchat.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::944:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-944 /
Resource Hash: 0546223f4da11f099fbd87292d90364e9348524d5bbf74c392a83166ea820423

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sale.watchmoney.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:10:06 GMT
content-encoding: br
cdn-edgestorageid: 978
perma-cache: HIT
cdn-storageserver: SG-105
cdn-cachedat: 10/20/2022 03:46:27
cdn-pullzone: 575124
last-modified: Thu, 20 Oct 2022 02:38:44 GMT
server: BunnyCDN-SG1-944
cdn-fileserver: 425
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6350b4b4-a08"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 4afbc38dc4b1fa0457453ea5d904466e
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 app-style.css
w.ladicdn.com/ladichat/ Frame 2EA3 89 KB
19 KB 105ms
104ms Stylesheet
text/css 2400:52e0:1500::944:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/ladichat/app-style.css?ver=1681269006428
Requested by: Host: w.ladicdn.com
URL: https://w.ladicdn.com/ladichat/ladichat.min.js?ver=1681269004762
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::944:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-944 /
Resource Hash: 890134068e5c66914e7f4f2157cff69b0237929b11dded928c554f7c23637a01

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sale.watchmoney.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:10:06 GMT
content-encoding: br
cdn-edgestorageid: 944
perma-cache: MISS
cdn-cachedat: 04/12/2023 03:10:06
cdn-pullzone: 575124
server: BunnyCDN-SG1-944
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cdn-cache: MISS
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-credentials: true
cache-control: public, max-age=31919000
access-control-max-age: 2592000
cdn-requestid: 8c3078445914b4d41bf15d838e598b7c
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

OPTIONS
H2 200 list-by-user
api.ladichat.com/1.0/conversation/ Frame 0
0 20ms
16ms Preflight
application/json 54.251.173.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ladichat.com/1.0/conversation/list-by-user

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.251.173.122 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-251-173-122.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sale.watchmoney.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials, store-id, session-key
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 2592000
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 12 Apr 2023 03:10:06 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H2 200 list-by-user Show response
api.ladichat.com/1.0/conversation/ 107 B
1 KB 16ms
12ms XHR
application/json 54.251.173.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ladichat.com/1.0/conversation/list-by-user

Requested by

Host: w.ladicdn.com
URL: https://w.ladicdn.com/ladichat/ladichat.min.js?ver=1681269004762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.251.173.122 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-251-173-122.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

90347509f7754c5a3da069a85bba43c84ad2b29569feac02966de2280ac761ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sale.watchmoney.site/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 12 Apr 2023 03:10:06 GMT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 2592000
access-control-allow-credentials: true
x-ratelimit-reset: 1681269007
x-ratelimit-limit: 10
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials, store-id, session-key
x-ratelimit-remaining: 9
x-xss-protection: 1; mode=block

GET
H2 200 ldicon-colored-widgetchat.svg
w.ladicdn.com/ladiui/icons/ Frame 2EA3 3 KB
2 KB 11ms
9ms Image
image/svg+xml 2400:52e0:1500::944:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/ladiui/icons/ldicon-colored-widgetchat.svg
Requested by: Host: w.ladicdn.com
URL: https://w.ladicdn.com/ladichat/ladichat.min.js?ver=1681269004762
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::944:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-944 /
Resource Hash: 0546223f4da11f099fbd87292d90364e9348524d5bbf74c392a83166ea820423

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sale.watchmoney.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:10:06 GMT
content-encoding: br
cdn-edgestorageid: 978
perma-cache: HIT
cdn-storageserver: SG-105
cdn-cachedat: 10/20/2022 03:46:27
cdn-pullzone: 575124
last-modified: Thu, 20 Oct 2022 02:38:44 GMT
server: BunnyCDN-SG1-944
cdn-fileserver: 425
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6350b4b4-a08"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: bef7513f0c68ecbb5f92a924f5cf6562
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ldicon-brand-ladichat-white.svg
w.ladicdn.com/ladiui/icons/ 3 KB
2 KB 7ms
5ms Image
image/svg+xml 2400:52e0:1500::944:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/ladiui/icons/ldicon-brand-ladichat-white.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::944:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-944 /
Resource Hash: 7a57b26de6ff4811aee20f2e70b2e4be9a022dc85daafa005094dfc6c8350d88

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sale.watchmoney.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:10:06 GMT
content-encoding: br
cdn-edgestorageid: 784
perma-cache: HIT
cdn-storageserver: SG-105
cdn-cachedat: 11/10/2022 08:26:02
cdn-pullzone: 575124
last-modified: Fri, 21 Oct 2022 02:14:22 GMT
server: BunnyCDN-SG1-944
cdn-fileserver: 345
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6352007e-c11"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: e24ca9d9cc026bb753137becda98d057
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ldicon-powered-ladichat.svg
w.ladicdn.com/ladiui/icons/ 18 KB
8 KB 16ms
14ms Image
image/svg+xml 2400:52e0:1500::944:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/ladiui/icons/ldicon-powered-ladichat.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::944:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-944 /
Resource Hash: c624f0e01a1d053ac70e925fbea2f5c05e1acff2010e1fcaf340aa6fcb9dfc3f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sale.watchmoney.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:10:06 GMT
content-encoding: br
cdn-edgestorageid: 858
perma-cache: HIT
cdn-storageserver: SG-560
cdn-cachedat: 03/31/2023 09:37:28
cdn-pullzone: 575124
last-modified: Thu, 20 Oct 2022 02:38:44 GMT
server: BunnyCDN-SG1-944
cdn-fileserver: 425
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6350b4b4-4626"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 45c078212c60e80e690d7c738f58895e
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ldicon-brand-ladichat-white.svg
w.ladicdn.com/ladiui/icons/ Frame 2EA3 3 KB
2 KB 14ms
13ms Image
image/svg+xml 2400:52e0:1500::944:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/ladiui/icons/ldicon-brand-ladichat-white.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::944:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-944 /
Resource Hash: 7a57b26de6ff4811aee20f2e70b2e4be9a022dc85daafa005094dfc6c8350d88

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sale.watchmoney.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:10:06 GMT
content-encoding: br
cdn-edgestorageid: 784
perma-cache: HIT
cdn-storageserver: SG-105
cdn-cachedat: 11/10/2022 08:26:02
cdn-pullzone: 575124
last-modified: Fri, 21 Oct 2022 02:14:22 GMT
server: BunnyCDN-SG1-944
cdn-fileserver: 345
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6352007e-c11"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 92f6425ea379f5da4900743cd94ec6b1
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ldicon-powered-ladichat.svg
w.ladicdn.com/ladiui/icons/ Frame 2EA3 18 KB
8 KB 8ms
7ms Image
image/svg+xml 2400:52e0:1500::944:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/ladiui/icons/ldicon-powered-ladichat.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::944:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-944 /
Resource Hash: c624f0e01a1d053ac70e925fbea2f5c05e1acff2010e1fcaf340aa6fcb9dfc3f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sale.watchmoney.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:10:06 GMT
content-encoding: br
cdn-edgestorageid: 858
perma-cache: HIT
cdn-storageserver: SG-560
cdn-cachedat: 03/31/2023 09:37:28
cdn-pullzone: 575124
last-modified: Thu, 20 Oct 2022 02:38:44 GMT
server: BunnyCDN-SG1-944
cdn-fileserver: 425
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6350b4b4-4626"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 50e4abc29604246a5eee681437aa2a0b
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 icon-ldp-modal-close.svg
w.ladicdn.com/design-system/icons/ Frame 2EA3 721 B
1 KB 30ms
7ms Image
image/svg+xml 2400:52e0:1500::944:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/design-system/icons/icon-ldp-modal-close.svg
Requested by: Host: w.ladicdn.com
URL: https://w.ladicdn.com/ladichat/app-style.css?ver=1681269006428
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::944:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-944 /
Resource Hash: 2385eb48c8c8a0fd26013a07576d9f0f5884828077b2aa84f218085fcccaaab3

Request headers

Referer: https://w.ladicdn.com/ladichat/app-style.css?ver=1681269006428
Origin: https://sale.watchmoney.site
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:10:06 GMT
content-encoding: br
cdn-edgestorageid: 749
perma-cache: HIT
cdn-storageserver: SG-76
cdn-cachedat: 10/17/2022 02:10:33
cdn-pullzone: 575124
last-modified: Mon, 21 Mar 2022 06:57:40 GMT
server: BunnyCDN-SG1-944
cdn-fileserver: 105
cdn-requestpullcode: 200
cdn-proxyver: 1.02
etag: W/"623821e4-2d1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: b37cfb62f8504a3c609db1617ba85c9d
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ldicon-ladichat-call.svg
w.ladicdn.com/ladiui/icons/ Frame 2EA3 2 KB
2 KB 24ms
6ms Image
image/svg+xml 2400:52e0:1500::944:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/ladiui/icons/ldicon-ladichat-call.svg
Requested by: Host: w.ladicdn.com
URL: https://w.ladicdn.com/ladichat/app-style.css?ver=1681269006428
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::944:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-944 /
Resource Hash: 0a9a1d69af3853af5d3408d094d283c5765fc21d4ed56ffae680839442b78e84

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w.ladicdn.com/ladichat/app-style.css?ver=1681269006428
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:10:06 GMT
content-encoding: br
cdn-edgestorageid: 989
perma-cache: HIT
cdn-storageserver: SG-515
cdn-cachedat: 03/31/2023 09:37:28
cdn-pullzone: 575124
last-modified: Mon, 14 Nov 2022 04:40:46 GMT
server: BunnyCDN-SG1-944
cdn-fileserver: 319
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6371c6ce-8bf"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: d0dd5078c3aa7ba021ec24be115314fe
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ldicon-ladichat-zalo.svg
w.ladicdn.com/ladiui/icons/ Frame 2EA3 3 KB
2 KB 25ms
7ms Image
image/svg+xml 2400:52e0:1500::944:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/ladiui/icons/ldicon-ladichat-zalo.svg
Requested by: Host: w.ladicdn.com
URL: https://w.ladicdn.com/ladichat/app-style.css?ver=1681269006428
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::944:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-944 /
Resource Hash: 9b45d8976cdc5215d3934f0942dc93189d2f395134cc502ade26463d1eee9e55

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w.ladicdn.com/ladichat/app-style.css?ver=1681269006428
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:10:06 GMT
content-encoding: br
cdn-edgestorageid: 783
perma-cache: HIT
cdn-storageserver: SG-105
cdn-cachedat: 11/14/2022 04:40:44
cdn-pullzone: 575124
last-modified: Fri, 11 Nov 2022 04:45:42 GMT
server: BunnyCDN-SG1-944
cdn-fileserver: 425
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"636dd376-d7f"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 0a3b7b7e94bb1430a18abfa07c94151c
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ldicon-ladichat-facebook.svg
w.ladicdn.com/ladiui/icons/ Frame 2EA3 587 B
1 KB 27ms
9ms Image
image/svg+xml 2400:52e0:1500::944:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/ladiui/icons/ldicon-ladichat-facebook.svg
Requested by: Host: w.ladicdn.com
URL: https://w.ladicdn.com/ladichat/app-style.css?ver=1681269006428
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::944:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-944 /
Resource Hash: df9a9ae8ca9e836801584ab20f0a045f65f67d2282db4107d2f9c915526cccca

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w.ladicdn.com/ladichat/app-style.css?ver=1681269006428
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:10:06 GMT
content-encoding: br
cdn-edgestorageid: 977
perma-cache: HIT
cdn-storageserver: SG-76
cdn-cachedat: 03/30/2023 20:30:36
cdn-pullzone: 575124
last-modified: Wed, 16 Nov 2022 04:36:17 GMT
server: BunnyCDN-SG1-944
cdn-fileserver: 319
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"637468c1-24b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 3efde3c845c946275d07575b51142890
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ldicon-ladichat-messenger.svg
w.ladicdn.com/ladiui/icons/ Frame 2EA3 1 KB
1 KB 25ms
8ms Image
image/svg+xml 2400:52e0:1500::944:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/ladiui/icons/ldicon-ladichat-messenger.svg
Requested by: Host: w.ladicdn.com
URL: https://w.ladicdn.com/ladichat/app-style.css?ver=1681269006428
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::944:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-944 /
Resource Hash: 08e716ce3e2dc34384ec1b1af9aad5aaa3f36f22f143db4e8320169f36ca7e54

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w.ladicdn.com/ladichat/app-style.css?ver=1681269006428
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:10:06 GMT
content-encoding: br
cdn-edgestorageid: 989
perma-cache: HIT
cdn-storageserver: SG-560
cdn-cachedat: 04/09/2023 05:51:57
cdn-pullzone: 575124
last-modified: Fri, 11 Nov 2022 04:45:40 GMT
server: BunnyCDN-SG1-944
cdn-fileserver: 424
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"636dd374-4c0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: b445386a80a8c486104f1a1a33be0d10
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2EA3 16 KB
16 KB 29ms
23ms Font
font/woff2 2404:6800:4003:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i|Roboto:ital,wght@0,300;0,400;0,500;1,300;1,400;1,500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sale.watchmoney.site
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:27:09 GMT
x-content-type-options: nosniff
age: 31377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 18:27:09 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2EA3 15 KB
15 KB 22ms
17ms Font
font/woff2 2404:6800:4003:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i|Roboto:ital,wght@0,300;0,400;0,500;1,300;1,400;1,500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sale.watchmoney.site
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 21:53:25 GMT
x-content-type-options: nosniff
age: 19001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 21:53:25 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2EA3 12 KB
12 KB 32ms
26ms Font
font/woff2 2404:6800:4003:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i|Roboto:ital,wght@0,300;0,400;0,500;1,300;1,400;1,500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sale.watchmoney.site
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 05:22:03 GMT
x-content-type-options: nosniff
age: 596883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Apr 2024 05:22:03 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2EA3 12 KB
12 KB 22ms
18ms Font
font/woff2 2404:6800:4003:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i|Roboto:ital,wght@0,300;0,400;0,500;1,300;1,400;1,500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sale.watchmoney.site
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:29:20 GMT
x-content-type-options: nosniff
age: 27646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 19:29:20 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2EA3 5 KB
5 KB 7ms
6ms Font
font/woff2 2404:6800:4003:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i|Roboto:ital,wght@0,300;0,400;0,500;1,300;1,400;1,500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0948409a22b5979aa7e1ec20da9e61f12e7d403800b541ece053881bd2542b70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sale.watchmoney.site
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:53:50 GMT
x-content-type-options: nosniff
age: 26176
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5604
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 19:53:50 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2EA3 5 KB
5 KB 6ms
5ms Font
font/woff2 2404:6800:4003:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i|Roboto:ital,wght@0,300;0,400;0,500;1,300;1,400;1,500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sale.watchmoney.site
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 16:31:11 GMT
x-content-type-options: nosniff
age: 38335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5560
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 16:31:11 GMT

POST
H3 200 videoplayback Show response
rr2---sn-npoldn7e.googlevideo.com/ Frame 33DA 652 KB
652 KB 4ms
4ms Fetch
video/webm 2404:6800:4003:20::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-npoldn7e.googlevideo.com/videoplayback?expire=1681290605&ei=DSE2ZLC_EpOc3LUPq-2VsAM&ip=2001%3Adf1%3A800%3Aa004%3A1%3A%3A8&id=o-AHx_hHsCooho6ixbXUDZ_oIhTbrYyLQA_WcvwP57sIVy&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=ev&mm=31%2C26&mn=sn-npoldn7e%2Csn-oguelnl7&ms=au%2Conr&mv=m&mvi=2&pl=48&initcwndbps=776250&spc=99c5CbHK8UJLocHAFO1KWh3lJQmHaJBHp79w5TTAzA&vprv=1&mime=video%2Fwebm&ns=-A8q706fWFivJ9tT3PDYS_4M&gir=yes&clen=2681228&dur=63.663&lmt=1663808502034497&mt=1681268677&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=_gZRmMbPfOjArg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgTTHeBQ6AbwdZbKoqTzhY9lkrg5fTNZR0kqKN0pLmg9sCIDLYe9NLuPx19FzFUSNmp8BZhYraAxq2HGwyJZR08B3k&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgHQ8mgqWipkA-G6mSvuJCd1ThhN5JO9fEOAANxg73G08CICxy1trJ28n1xS-dgh3U18V6uPcu-AV9TYsXtGvvN4t4&alr=yes&cpn=7XO_6GJdWL7ZOwIY&cver=1.20230402.00.00&range=627055-1294677&rn=7&rbuf=9637&pot=MmSJIFVLDxSIQ4kYDGUZD0IQFMu48wDWYuNLD-gPci1Dot-2m1V9OU84UDVYJStcbIB4fLZJM49Wp_C5nr0Bix5xOLGcE0Dt7xjFsbXIzsU9MzqL60Mm7hlkWgGjqDDUD1gIYKPk

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7da8dd3e/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:20::7 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

f8a3ee573fb4425a507e9fe523535a1a9636eacd82b316910095879fb727ffb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

client-protocol: quic
date: Wed, 12 Apr 2023 03:10:06 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 667623
last-modified: Thu, 22 Sep 2022 01:01:42 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 12 Apr 2023 03:10:06 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 33DA 28 B
50 B 10ms
9ms XHR
application/json 2404:6800:4003:c0f::5d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7da8dd3e/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
X-Goog-Request-Time: 1681269007613
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/rg2kuGYckqA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsale.watchmoney.site&widgetid=1
X-YouTube-Client-Version: 1.20230402.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtrN2hpc25VdUVPSSiMwtihBg%3D%3D
X-YouTube-Ad-Signals: dt=1681269004959&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C906%2C560&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 12 Apr 2023 03:10:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

POST
H3 200 videoplayback Show response
rr2---sn-npoldn7e.googlevideo.com/ Frame 33DA 206 KB
206 KB 4ms
3ms Fetch
audio/webm 2404:6800:4003:20::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-npoldn7e.googlevideo.com/videoplayback?expire=1681290605&ei=DSE2ZLC_EpOc3LUPq-2VsAM&ip=2001%3Adf1%3A800%3Aa004%3A1%3A%3A8&id=o-AHx_hHsCooho6ixbXUDZ_oIhTbrYyLQA_WcvwP57sIVy&itag=251&source=youtube&requiressl=yes&mh=ev&mm=31%2C26&mn=sn-npoldn7e%2Csn-oguelnl7&ms=au%2Conr&mv=m&mvi=2&pl=48&initcwndbps=776250&spc=99c5CbHK8UJLocHAFO1KWh3lJQmHaJBHp79w5TTAzA&vprv=1&mime=audio%2Fwebm&ns=-A8q706fWFivJ9tT3PDYS_4M&gir=yes&clen=1066784&dur=63.681&lmt=1663808514524676&mt=1681268677&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=_gZRmMbPfOjArg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANBWUXtK5mnr6c9ACc5hV3tLvkFXL5M5smgymRfwyx8OAiBRjOZXc1VvukKW922KswkKO66JyOsMQquizCoaQ88QXg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgHQ8mgqWipkA-G6mSvuJCd1ThhN5JO9fEOAANxg73G08CICxy1trJ28n1xS-dgh3U18V6uPcu-AV9TYsXtGvvN4t4&alr=yes&cpn=7XO_6GJdWL7ZOwIY&cver=1.20230402.00.00&range=264586-475808&rn=8&rbuf=12306&pot=MmSJIFVLDxSIQ4kYDGUZD0IQFMu48wDWYuNLD-gPci1Dot-2m1V9OU84UDVYJStcbIB4fLZJM49Wp_C5nr0Bix5xOLGcE0Dt7xjFsbXIzsU9MzqL60Mm7hlkWgGjqDDUD1gIYKPk

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7da8dd3e/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:20::7 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

97202667ea0f4c259528e0fb702ee6b12f48a4c441084e47826b301434ac1064

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

client-protocol: quic
date: Wed, 12 Apr 2023 03:10:09 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 211223
last-modified: Thu, 22 Sep 2022 01:01:54 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21296
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 12 Apr 2023 03:10:09 GMT

POST
H3 204 atr Show response
www.youtube.com/api/stats/ Frame 33DA 0
20 B 10ms
10ms XHR
text/html 2404:6800:4003:c0f::5d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=7XO_6GJdWL7ZOwIY&ver=2&cmt=4.588&fmt=244&fs=0&rt=4.961&euri=https%3A%2F%2Fsale.watchmoney.site%2F&lact=5133&cl=521319471&mos=1&volume=100&cbr=Chrome&cbrver=111.0.5563.146&c=WEB_EMBEDDED_PLAYER&cver=1.20230402.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&splay=1&hl=zh_CN&cr=SG&len=64&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24255165%2C24405914%2C24415864%2C24416291%2C24439361%2C24450367%2C24451437%2C24462371%2C24468691%2C24474986%2C24482081%2C24483087%2C24492795%2C24499792%2C24512912%2C24516157%2C39323074&afmt=251&muted=1&docid=rg2kuGYckqA&ei=DSE2ZLC_EpOc3LUPq-2VsAM&plid=AAX5GvHWahNENqMM&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Frg2kuGYckqA%3Frel%3D0%26modestbranding%3D0%26playsinline%3D1%26controls%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fsale.watchmoney.site%26widgetid%3D1&of=1gUfgraRJ0bAs7VkYco9bg&vm=CAEQABgEOjJBTE03ZXZLYzlTcHFRY1FacG5ZTHZfMDNCV0tocnZhWGxaVXBINVUzbjQ3djBzb1FLUWJTQVBta0tETGxKQl96TFJ3cDhZT1ZuRGhUSWJvU2FxWW9LMUw4TlB0VVV1YWtfeGFIYjE3OHFJdTNUaHRxWXJ6SElBdWdGNFp1SGJKU1NnekxfaFloAQ

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7da8dd3e/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/rg2kuGYckqA?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fsale.watchmoney.site&widgetid=1
X-YouTube-Client-Version: 1.20230402.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtrN2hpc25VdUVPSSiMwtihBg%3D%3D
X-YouTube-Ad-Signals: dt=1681269005042&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C906%2C560&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 03:10:10 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sale.watchmoney.site/	1970-01-20 20:37:09	Name: LADI_DNS_CHECK Value: "2023-04-12 03:10:04.474216029 +0000 UTC m=+593461.534571348"
sale.watchmoney.site/	1970-01-20 20:37:09	Name: LADI_CLIENT_ID Value: 4e92c9ff-a081-49d0-71d0-b95373e081d0
sale.watchmoney.site/	1970-01-20 20:37:09	Name: LADI_FORM_SUBMIT Value: 0
sale.watchmoney.site/	1970-01-20 20:37:09	Name: LADI_PAGE_VIEW Value: 1
sale.watchmoney.site/	1970-01-20 11:02:35	Name: _timenow Value: 1681269004628
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: BXeMK-Gy8RE
.youtube.com/	1970-01-20 15:20:21	Name: VISITOR_INFO1_LIVE Value: k7hisnUuEOI
.watchmoney.site/	1970-01-20 13:10:45	Name: _gcl_au Value: 1.1.1637076675.1681269005
.watchmoney.site/	1970-01-20 13:10:45	Name: _fbp Value: fb.1.1681269005275.838625800
sale.watchmoney.site/	1969-12-31 23:59:59	Name: s_id_6430d9c33c29790013f57742 Value: 1681269006211
sale.watchmoney.site/	1970-01-20 11:44:21	Name: s_key_6430d9c33c29790013f57742 Value: fa549bd9598602d62815925111a27e493654fd959322a422a71814a22cb21240811a6ea461fbc3d7738c8aff196f73bd0221ebf3e9d46dbefc6b977d6d3643c35d7cdbc0d29d35f062833612c5270332a593777bed6309959e3e878df60326de87470452f2eb9624b94cad34a5561b28a582a62dcff93214ad9f9977fcd67ec85e2f271382d426a7f4ee257ae5a908e3e637de29e17435afd119508882bdaa12f3274562af9110223966330ee69846c7018e9ca69f93b0af8b1596ce4405576f8a64da153704bf162809dfd25289a89381d346fd2e6e23c668d3b8f06a18ee077278f109dd91e0c6aae36cdedea7f8492c508d9e6fed2bbc65ed75150b0687392929d5ed7a71ffc447e955743fbd1c5398b44eb7004ace9abb498871fc6ea5c48f2b78b80c26beef08108e679c3a15d3
api.ladichat.com/	1970-01-20 11:11:13	Name: AWSALBTGCORS Value: Xq8oN8yE++Old8L6TZAgfu8W5i/XNoRC3E/iH7CFqkbleFnveVnYeJp0wfOvG6AS7AAu/zeWq4WfX5g8HZArYibma98+UU232plkJVODtgwEjKHOpJ872WA0XG9ogok963ky0qrW26nSN5mPJu4Pdl0XtCgO0f2sp3GtdLVvH8ZKZI1LvAI=
api.ladichat.com/	1970-01-20 11:11:13	Name: AWSALBCORS Value: swEHP6rXYB2SA2kEjvZHEzBpIESCG8+7h+N8Vl1Z+zghUXzzbSWQEuenCylNAkzvzIOt7kz8RscfWBELccKMdTG90598ACnUo00eflhWFq6SHQxs57Zy/Y+4yVhf

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.youtube.com/s/player/7da8dd3e/www-widgetapi.vflset/www-widgetapi.js(Line 1115) Message: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ladipage.com
api.ladichat.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
g.ladicdn.com
googleads.g.doubleclick.net
i.ytimg.com
img.youtube.com
img5.thuthuatphanmem.vn
jnn-pa.googleapis.com
rr2---sn-npoldn7e.googlevideo.com
sale.watchmoney.site
static.doubleclick.net
w.ladicdn.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
103.226.250.67
18.140.6.45
2400:52e0:1500::944:1
2404:6800:4003:20::7
2404:6800:4003:c00::84
2404:6800:4003:c03::5f
2404:6800:4003:c03::61
2404:6800:4003:c03::64
2404:6800:4003:c06::5e
2404:6800:4003:c06::5f
2404:6800:4003:c0f::5d
2404:6800:4003:c0f::77
2404:6800:4003:c11::5e
2404:6800:4003:c11::93
2404:6800:4003:c11::95
2404:6800:4003:c11::9d
2a03:2880:f00c:300:face:b00c:0:3
2a03:2880:f10c:381:face:b00c:0:25de
3.0.225.157
52.76.101.124
54.251.173.122
02efa50c751c1329e6a7a12c107f4a8e5bce2ba330f7f827b304393f63fe9f1e
0546223f4da11f099fbd87292d90364e9348524d5bbf74c392a83166ea820423
08e716ce3e2dc34384ec1b1af9aad5aaa3f36f22f143db4e8320169f36ca7e54
0948409a22b5979aa7e1ec20da9e61f12e7d403800b541ece053881bd2542b70
0a9a1d69af3853af5d3408d094d283c5765fc21d4ed56ffae680839442b78e84
0b7096e14fd5e9a392c15ab77b84bcff6534c872d7d1693558e6b342de5070dd
0bf3c4dca6aff8000ae0875f2bd9cfd47c6405882342dfe74f2725ae5b4d6c6f
0ec06672fe3c64b5f9a2734153c38dc3aac1a84dd0c656447e4f393339608db6
136c6d96345ea4df9e14f9727d621cbe2165a625a2e90e9b3113cca97cf49db9
1b93bbfa59b6cf8ed0a41f740601759375aa51d8cd02269416fb99da4a189ecd
1cc612eac1b74ec0c91657b171af4557311cb2de1481371a4ae5611d02264a57
2364800d0efbc662857835ccb5bd22ab93c85efce2b966e9a570f25df6fc9d25
2385eb48c8c8a0fd26013a07576d9f0f5884828077b2aa84f218085fcccaaab3
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
289228ffeba92bebcc15e8a05b7e469e58127d088785fb8681fa537f1469fc08
30faf99ee514786a4c5269c1da40e3fe9bdb09991017a343c774370388fe6b1e
329f333e1d94eebeb8bd22c21ce92e085c01e7bf9a2b2eefdda5e476ece1334d
34d0c39c6a448e733102327d0f72040de5cf870795a71d482d2671c752a9671d
3c20a6eb530697ba0e5c2ca12d471e1dc8a478f773daa0548730bfe5237628a8
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a27d780c089f76149ee4a8336a29e9d15a06e1b4f146da18f6e46aa97ea3fa1
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
4d4b274dcc8fe2600e7e38c0a2433c0ef722027f49fcc8e37ce52a972d856906
4e2d111483482c2bbe8659d0bd0f03e44868e2cc1996e7732e0809428f0d46a4
4fa02c92c32cd79f96f6032cd26baa89f69748297451280bde4851c486b4c843
58ef5c8c82e6aaf419892f1f15e19675f3741d22a4262ea73367ec17ca988bee
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6729d9b105a8231cd49560dcd0c45bf1089687a83e4ba0065f3c8e0b7b86d732
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6f6b99cf0e9a4436a9bd0d706524a9c14e4ad8cced0271d5a19f4f1523fb9a4d
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
7a57b26de6ff4811aee20f2e70b2e4be9a022dc85daafa005094dfc6c8350d88
7c4c4163b820a688c614cfb9b0da00188bfedf9bd12191b2e34702890816d071
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
830d224c929e02ee2b06f8489c6707810c34fc3afb8b5aad994f3b49e1b3a612
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
88233582577b6ad372226931d848feb6592b894f27d85403d63dd5999b542c67
88353bbdf6b5f3056cece460d1b09ca978541e61e21e6859193f5270377f0c68
890134068e5c66914e7f4f2157cff69b0237929b11dded928c554f7c23637a01
90347509f7754c5a3da069a85bba43c84ad2b29569feac02966de2280ac761ff
97202667ea0f4c259528e0fb702ee6b12f48a4c441084e47826b301434ac1064
9b45d8976cdc5215d3934f0942dc93189d2f395134cc502ade26463d1eee9e55
a5e7a8024b8cbf0b49628d67c38b11af5fd9be125668bf884270547bf480433d
aaf81382e35de4bd88243778b028f3f87b79f3d77d87b7e2b36697a21f0fd4d4
aafaa14ae2a4060f0f207ca29ee6a1e81a39c929f89812cc615ef5183274c002
acf68dcce2368d3652430adeb6409f6027d23bbd6cdf47c3c797bb33fa6fe729
aeb2cb3632d878cbb4f2310cea176f10b2278b00af716279bb6840a3902aa626
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0a636a00075c2aaa6e1e599099fc0b0551ea6395b34d737fa2e8f1f2016ebbb
b14858ee6e5201d870fc460a48d5d2d6bc0226eb452a17c355c783ccc3c26462
b64036116bf5824ee8150b1da696a6c8dfd4854d07901ceced4de34b9e48c4c7
ba46f2bce5b76c6b555cbe59cf604566de33a0d7b43e1e562111b3836cb429a0
c041f7b237fddfc56e04f88b906708ea60946ff1b6ccea371cd0222827f97ab7
c16f42dc3f7ffb8ff3fa45fdca2a33495069c0af45c8885ace5c7a3dc2761937
c4f2a359d2cb66351c40863350c4f52f6cf2c2b49e8b3d34c93da8cca1d18d48
c5a10c01704bd8ddd2e16eec56cf550a056e9469ccf1975f94810ce3c75a0831
c5e0757e1e9c9b926277ae79f2840a18d1207143f218ad1b80e3fd51b6339aa6
c624f0e01a1d053ac70e925fbea2f5c05e1acff2010e1fcaf340aa6fcb9dfc3f
c9d5d388649117caf4229e65edbf884be9f45e78259fb042e60ad1c112612b9c
d12edf79a333c20b2ffdc2abfa2168c88d6105e2073cce1bee3b962191ea38f8
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
da01a3622b3f53f58763e1584d8e965c1b780e82edb42cd2fe19ff6d8221637a
df9a9ae8ca9e836801584ab20f0a045f65f67d2282db4107d2f9c915526cccca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44ee2b417453db96df4f31233e9cf12dd547b77a9632ef06d988c87e3523db1
e5edb039d354ed6686d498cd18f4ef8c030366c3f0caa0d9952e29cf3d16bfd3
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f0a9ea0d24fcadbb338ce27ca4cf6af3c78fded0c118c0e522449d829ba4ffd5
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7e3e6339da64c05917fdb0ef6b1de47e3eedc375396c8aea6b09958cd9448a9
f8a3ee573fb4425a507e9fe523535a1a9636eacd82b316910095879fb727ffb2
faf9e1ba77a98dfcfc9b0c941edb1bbe37518e933802069692c1f0c826fc1092
fc45837a2d481c36873ae973ae68c0293a982b74b3fc6e9ebd863717127ff740
feffff684b98a26fcf2db8ee8f905591d3e4ceaf75d2be0e4ff14774f4a6482c

sale.watchmoney.site Open in urlscan Pro 52.76.101.124 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

99 Requests

99 %HTTPS

76 %IPv6

16 Domains

21 Subdomains

22 IPs

3 Countries

4118 kBTransfer

7973 kBSize

13 Cookies

0 Outgoing links

Redirected requests

99 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

sale.watchmoney.site Open in urlscan Pro
52.76.101.124 Public Scan

Screenshot
Live screenshot

Full Image

99
Requests

99 %
HTTPS

76 %
IPv6

16
Domains

21
Subdomains

22
IPs

3
Countries

4118 kB
Transfer

7973 kB
Size

13
Cookies

99 HTTP transactions
3 data transactions