urlscan.io logo urlscan.io
SecurityTrails logo

hero-mu.com Open in urlscan Pro
135.148.94.184  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hero-mu.com/
Effective URL: https://hero-mu.com/
Submission: On January 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 13 domains to perform 71 HTTP transactions. The main IP is 135.148.94.184, located in Weymouth, United States and belongs to OVH, FR. The main domain is hero-mu.com.
TLS certificate: Issued by R3 on January 13th 2024. Valid for: 3 months.
This is the only time hero-mu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

31    135.148.94.184 (Weymouth, United States)

ASN16276 (OVH, FR)
hero-mu.com
3    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
1    104.248.46.94 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: professor-falken.com
cdn3.professor-falken.com
1    146.75.116.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    162.159.129.233 (None, )

ASN13335 (CLOUDFLARENET, US)
discordapp.com
6    2606:4700:e4::ac40:a407 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
8    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
5    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80b::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
2    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
31 hero-mu.com
hero-mu.com
3 MB
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 75
1004 KB
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
ajax.googleapis.com — Cisco Umbrella Rank: 369
jnn-pa.googleapis.com — Cisco Umbrella Rank: 220
72 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
95 KB
7 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1448
ka-f.fontawesome.com — Cisco Umbrella Rank: 3140
303 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
static.doubleclick.net — Cisco Umbrella Rank: 263
1 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
48 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 231
5 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 93
34 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
20 KB
1 discordapp.com
discordapp.com — Cisco Umbrella Rank: 3088
1 imgur.com
i.imgur.com — Cisco Umbrella Rank: 7298
38 KB
1 professor-falken.com
cdn3.professor-falken.com
5 KB
71 13
Domain Requested by
31 hero-mu.com 1 redirects hero-mu.com
ajax.googleapis.com
8 www.youtube.com hero-mu.com
www.youtube.com
6 ka-f.fontawesome.com kit.fontawesome.com
hero-mu.com
5 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
4 jnn-pa.googleapis.com www.youtube.com
3 fonts.googleapis.com hero-mu.com
3 cdn.jsdelivr.net hero-mu.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 discordapp.com hero-mu.com
1 ajax.googleapis.com hero-mu.com
1 i.imgur.com hero-mu.com
1 cdn3.professor-falken.com hero-mu.com
1 kit.fontawesome.com hero-mu.com
71 18

This site contains links to these domains. Also see Links.

Domain
chat.whatsapp.com
facebook.com
instagram.com
discord.com
webenginecms.org
Subject Issuer Validity Valid
hero-mu.com
R3		 2024-01-13 -
2024-04-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-04 -
2025-01-03		 a year crt.sh
professor-falken.com
R3		 2024-01-02 -
2024-04-01		 3 months crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-13 -
2024-03-12		 a year crt.sh
discordapp.com
Cloudflare Inc ECC CA-3		 2023-10-20 -
2024-10-19		 a year crt.sh
ka-f.fontawesome.com
GTS CA 1P5		 2024-01-06 -
2024-04-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://hero-mu.com/
Frame ID: 47B81F2F77006A9FD671FAC2424578E0
Requests: 50 HTTP requests in this frame

Frame: https://www.youtube.com/embed/t4tqoE2_xec?si=GUzK7xBo28xdPTJR
Frame ID: BE2762F2434C2CF675FD4D46CD941DEF
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hero Mu season 18

Page URL History Show full URLs

  1. http://hero-mu.com/ HTTP 301
    https://hero-mu.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • dataTables.*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

71
Requests

99 %
HTTPS

78 %
IPv6

13
Domains

18
Subdomains

19
IPs

3
Countries

4777 kB
Transfer

7738 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hero-mu.com/ HTTP 301
    https://hero-mu.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

71 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hero-mu.com/
Redirect Chain
  • http://hero-mu.com/
  • https://hero-mu.com/
26 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hero-mu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.148.94.184 Weymouth, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
/ PHP/7.4.33
Resource Hash
e21fec51ed7f05fe07d327b133a9fc29d442229b8a3ecc84e546db13aad18522

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 14 Jan 2024 21:41:02 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
vary
Accept-Encoding
x-powered-by
PHP/7.4.33

Redirect headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
707
content-type
text/html
date
Sun, 14 Jan 2024 21:41:02 GMT
location
https://hero-mu.com/
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hero-mu.com/
Origin
https://hero-mu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:41:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3945060
x-jsd-version
5.0.2
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230030-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VV%2F%2FSMGAer8wze0YJFIqV1tP6y%2B6lrN6Jxwh%2BAmHGoOLDAi74y9SGl9wu2DwkT%2Bp4ay1qfD5g8PYaTWPS3Xu%2ByxZL0RqVKca55IRFKUN3vc2GoWxb%2FDduWJxNueitrAQwQX33Ndu4cf8sdL9aAA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
84590a758bcc047e-FRA
css
fonts.googleapis.com/ 		4 KB
652 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
60464b92964a4b0559ed134d29a828bb943283a891510cf0df67391b908835c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Jan 2024 21:41:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Jan 2024 21:41:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Jan 2024 21:41:02 GMT
css
fonts.googleapis.com/ 		765 B
801 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Cinzel
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0691650b6fae3618cd252ea160042e73cde9f05768985a840a8077df5de74d1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Jan 2024 21:41:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Jan 2024 20:13:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Jan 2024 21:41:02 GMT
css2
fonts.googleapis.com/ 		7 KB
791 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Jan 2024 21:41:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Jan 2024 21:27:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Jan 2024 21:41:02 GMT
style.css
hero-mu.com/templates/default/css/ 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hero-mu.com/templates/default/css/style.css
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.148.94.184 Weymouth, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
60bd154fd325fe193a623e70a3f4c7396ab11b2fa6f8e3f9f584c72b4b6423b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:41:02 GMT
content-encoding
br
last-modified
Fri, 06 Jan 2023 14:55:06 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4691
expires
Sun, 21 Jan 2024 21:41:02 GMT
profiles.css
hero-mu.com/templates/default/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hero-mu.com/templates/default/css/profiles.css
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.148.94.184 Weymouth, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
cb54455d7d4ad9f9954c26d5c10f1857ab8f28de011624dd4805d57a0bd8c68c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:41:02 GMT
content-encoding
br
last-modified
Wed, 04 Jan 2023 16:55:32 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1938
expires
Sun, 21 Jan 2024 21:41:02 GMT
castle-siege.css
hero-mu.com/templates/default/css/ 		3 KB
764 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hero-mu.com/templates/default/css/castle-siege.css
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.148.94.184 Weymouth, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
38ba9401befa10b11739d46496718d2d5087d98f29eba3f8424ca5e53b26c2dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:41:02 GMT
content-encoding
br
last-modified
Sun, 09 Jan 2022 07:53:20 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
725
expires
Sun, 21 Jan 2024 21:41:02 GMT
override.css
hero-mu.com/templates/default/css/ 		1 KB
539 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hero-mu.com/templates/default/css/override.css
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.148.94.184 Weymouth, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a453a64b846e3049cc9da0b2460074f04a824b70435ce9d56d831cb9f535e62d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:41:02 GMT
content-encoding
br
last-modified
Sat, 17 Sep 2022 17:36:06 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
484
expires
Sun, 21 Jan 2024 21:41:02 GMT
8b5cc27615.js
kit.fontawesome.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/8b5cc27615.js
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d45d6c36622762c0e4c388824088eb25fe9dbb849bc171ebca71093672b8b5f6

Request headers

Referer
https://hero-mu.com/
Origin
https://hero-mu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:41:03 GMT
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
84590a7599cb1e3e-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F6pUofE14QygqCInBIij
snowstorm.js
cdn3.professor-falken.com/recursos/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn3.professor-falken.com/recursos/js/snowstorm.js
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.248.46.94 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
professor-falken.com
Software
nginx /
Resource Hash
33bfd146a59a799c6c558cb217e0d705bb75f777f465a628228b93bda4e704d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 21:41:03 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Dec 2016 13:51:15 GMT
Server
nginx
ETag
W/"58612053-433b"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
tooltip.js
hero-mu.com/templates/default/js/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hero-mu.com/templates/default/js/tooltip.js
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.148.94.184 Weymouth, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
3ea6ec69d5f1ba97afe40f6cf91d4bdeb0ab1f277743738ceb0a15b963bd71f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:41:02 GMT
content-encoding
br
last-modified
Sat, 20 Mar 2021 19:33:00 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7017
expires
Sun, 21 Jan 2024 21:41:02 GMT
es.gif
hero-mu.com/img/flags/ 		360 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hero-mu.com/img/flags/es.gif
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.148.94.184 Weymouth, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
048a252135ee5da45dcd64a8afb068f30a0509106c7bd86ba76078db4b34581a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 14 Jan 2024 21:41:02 GMT
cache-control
public, max-age=604800
last-modified
Sun, 09 Jan 2022 07:53:20 GMT
accept-ranges
bytes
content-length
360
expires
Sun, 21 Jan 2024 21:41:02 GMT
us.gif
hero-mu.com/img/flags/ 		367 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hero-mu.com/img/flags/us.gif
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.148.94.184 Weymouth, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
b92f4eb6e7e071a728ae3fb103c1dfe56c0b0f1423171c94afd1709ea466fdab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 14 Jan 2024 21:41:02 GMT
cache-control
public, max-age=604800
last-modified
Sun, 09 Jan 2022 07:53:20 GMT
accept-ranges
bytes
content-length
367
expires
Sun, 21 Jan 2024 21:41:02 GMT
ph.gif
hero-mu.com/img/flags/ 		361 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hero-mu.com/img/flags/ph.gif
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.148.94.184 Weymouth, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
04c9cdc2e02400f8589ff6f33fbaa96d9557be56de3c9871c1334da9a660fcdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 14 Jan 2024 21:41:03 GMT
cache-control
public, max-age=604800
last-modified
Sun, 09 Jan 2022 07:53:20 GMT
accept-ranges
bytes
content-length
361
expires
Sun, 21 Jan 2024 21:41:03 GMT
br.gif
hero-mu.com/img/flags/ 		367 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hero-mu.com/img/flags/br.gif
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.148.94.184 Weymouth, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
c6d20cdd13d5407f6574795f45231467fca8a92def60a4514958bea57a140336

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 14 Jan 2024 21:41:03 GMT
cache-control
public, max-age=604800
last-modified
Sun, 09 Jan 2022 07:53:20 GMT
accept-ranges
bytes
content-length
367
expires
Sun, 21 Jan 2024 21:41:03 GMT
ro.gif
hero-mu.com/img/flags/ 		363 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hero-mu.com/img/flags/ro.gif
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
135.148.94.184 Weymouth, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
64b74ac8278da6e938c8165c439e928fb89f420bcf030641debae4b9ea5cd8fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:41:03 GMT
last-modified
Sun, 09 Jan 2022 07:53:20 GMT
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
363
expires
Sun, 21 Jan 2024 21:41:03 GMT
cn.gif
hero-mu.com/img/flags/ 		366 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hero-mu.com/img/flags/cn.gif
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
135.148.94.184 Weymouth, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
c2652b280087b6479b7703779da4be80b4c621edbf465e34f5e5314d8835a84c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 14 Jan 2024 21:41:03 GMT
cache-control
public, max-age=604800
last-modified
Sun, 09 Jan 2022 07:53:20 GMT
accept-ranges
bytes
content-length
366
expires
Sun, 21 Jan 2024 21:41:03 GMT
ru.gif
hero-mu.com/img/flags/ 		361 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hero-mu.com/img/flags/ru.gif
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
135.148.94.184 Weymouth, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
4306ff8241d011fc96dd02789600623ce20f7a2f4d412735fd1217e34e6b36ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 14 Jan 2024 21:41:03 GMT
cache-control
public, max-age=604800
last-modified
Sun, 09 Jan 2022 07:53:20 GMT
accept-ranges
bytes
content-length
361
expires
Sun, 21 Jan 2024 21:41:03 GMT
lt.gif
hero-mu.com/img/flags/ 		362 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hero-mu.com/img/flags/lt.gif
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
135.148.94.184 Weymouth, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
62efd95f6c5529d5b2876229ccf607d077a8b3f08155e12bababf5ae88d73b5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 14 Jan 2024 21:41:03 GMT
cache-control
public, max-age=604800
last-modified
Sun, 09 Jan 2022 07:53:20 GMT
accept-ranges
bytes
content-length
362
expires
Sun, 21 Jan 2024 21:41:03 GMT
logo.png
hero-mu.com/templates/default/img/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hero-mu.com/templates/default/img/logo.png
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
135.148.94.184 Weymouth, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
688ad007ecc12101aca5779c6d9a32dd21e1412a340518556acd5290350dda87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/png
date
Sun, 14 Jan 2024 21:41:03 GMT
cache-control
public, max-age=604800
last-modified
Mon, 08 Jan 2024 03:46:07 GMT
accept-ranges
bytes
content-length
1078405
expires
Sun, 21 Jan 2024 21:41:03 GMT
SXLM96f.png
i.imgur.com/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/SXLM96f.png
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
f7894d4e32df7987bf9ec20c06fc1a8528dae5233a842c9443e647b2e832f545
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:41:03 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
529656
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
38234
x-served-by
cache-iad-kjyo7100144-IAD, cache-fra-eddf8230081-FRA
last-modified
Mon, 08 Jan 2024 15:51:38 GMT
server
cat factory 1.0
x-timer
S1705268464.622739,VS0,VE2
etag
"11035c60ef2a3624b96b5e10e6cd93b1"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
5ucspJ8tEdv_ox9vwkzGWsUKT2a_Htwi39cCpeebCG2aKu_oV8IsvA==
x-cache-hits
12, 1
sidebar_banner_join.jpg
hero-mu.com/templates/default/img/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hero-mu.com/templates/default/img/sidebar_banner_join.jpg
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
135.148.94.184 Weymouth, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
c6fa6aeeafa3c2e2366d3dc8d32df0e8e451eb68bc39942fc853f42b071d76a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/jpeg
date
Sun, 14 Jan 2024 21:41:03 GMT
cache-control
public, max-age=604800
last-modified
Wed, 04 Jan 2023 16:07:38 GMT
accept-ranges
bytes
content-length
52205
expires
Sun, 21 Jan 2024 21:41:03 GMT
sidebar_banner_download.jpg
hero-mu.com/templates/default/img/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hero-mu.com/templates/default/img/sidebar_banner_download.jpg
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
135.148.94.184 Weymouth, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
c94027eb48adca31a4c5435091fbcdfa6ed96c93cf31b41f18265ded48217a73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/jpeg
date
Sun, 14 Jan 2024 21:41:03 GMT
cache-control
public, max-age=604800
last-modified
Sun, 24 Dec 2023 09:08:57 GMT
accept-ranges
bytes
content-length
55115
expires
Sun, 21 Jan 2024 21:41:03 GMT
guildmark.php
hero-mu.com/api/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hero-mu.com/api/guildmark.php?data=1111111111111111111111111114411111144111111111111111111111111111&size=270
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
135.148.94.184 Weymouth, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
/ PHP/7.4.33
Resource Hash
80cbbace377e6c43dc8c96a81f4d60ef503998f87094324ba9f0384b5b6e2ccc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sun, 21 Jan 2024 21:41:04 GMT
date
Sun, 14 Jan 2024 21:41:04 GMT
cache-control
public, max-age=604800
x-powered-by
PHP/7.4.33
content-length
1064
content-type
image/gif
ik.jpg
hero-mu.com/templates/default/img/character-avatars/ 		138 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hero-mu.com/templates/default/img/character-avatars/ik.jpg
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
135.148.94.184 Weymouth, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
dab6330e925a653df9bd838df059d5b77bbc3cb5353651b46f6da772472a70a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/jpeg
date
Sun, 14 Jan 2024 21:41:03 GMT
cache-control
public, max-age=604800
last-modified
Wed, 04 Jan 2023 22:43:10 GMT
accept-ranges
bytes
content-length
141695
expires
Sun, 21 Jan 2024 21:41:03 GMT
sl.jpg
hero-mu.com/templates/default/img/character-avatars/ 		132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hero-mu.com/templates/default/img/character-avatars/sl.jpg
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
135.148.94.184 Weymouth, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
0d8d7390f63e80f47adfc8b5c7bda3c95da922ec6184ff0f69098b158d3131d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/jpeg
date
Sun, 14 Jan 2024 21:41:03 GMT
cache-control
public, max-age=604800
last-modified
Wed, 04 Jan 2023 22:41:38 GMT
accept-ranges
bytes
content-length
134669
expires
Sun, 21 Jan 2024 21:41:03 GMT
gc.jpg
hero-mu.com/templates/default/img/character-avatars/ 		119 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hero-mu.com/templates/default/img/character-avatars/gc.jpg
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
135.148.94.184 Weymouth, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2e21bad4eb2df60d2240cc4874e38fd1625c265a222d05a7375b59369ddfb245

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/jpeg
date
Sun, 14 Jan 2024 21:41:03 GMT
cache-control
public, max-age=604800
last-modified
Wed, 04 Jan 2023 22:41:56 GMT
accept-ranges
bytes
content-length
122015
expires
Sun, 21 Jan 2024 21:41:03 GMT
avatar.jpg
hero-mu.com/templates/default/img/character-avatars/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hero-mu.com/templates/default/img/character-avatars/avatar.jpg
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
135.148.94.184 Weymouth, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
ff3b7d5406fa253de638706a48068c789cd6ae2eb25f3e78c1363359c93f876d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/jpeg
date
Sun, 14 Jan 2024 21:41:03 GMT
cache-control
public, max-age=604800
last-modified
Sun, 05 May 2019 00:36:50 GMT
accept-ranges
bytes
content-length
24315
expires
Sun, 21 Jan 2024 21:41:03 GMT
liw.jpg
hero-mu.com/templates/default/img/character-avatars/ 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hero-mu.com/templates/default/img/character-avatars/liw.jpg
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
135.148.94.184 Weymouth, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
0b356558f7c2f2dc05119b124925e3816e2f82933ff596655bfd34e967e087ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/jpeg
date
Sun, 14 Jan 2024 21:41:03 GMT
cache-control
public, max-age=604800
last-modified
Wed, 04 Jan 2023 22:42:28 GMT
accept-ranges
bytes
content-length
143196
expires
Sun, 21 Jan 2024 21:41:03 GMT
guildmark.php
hero-mu.com/api/ 		140 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hero-mu.com/api/guildmark.php?data=4411114444111144441111444444444444444444441111444411114444111144&size=30
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
135.148.94.184 Weymouth, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
/ PHP/7.4.33
Resource Hash
9f629f8bfd122da210f570cceb568ca8cc327db05759f8cdb61e5a9fc5dd5c42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sun, 21 Jan 2024 21:41:03 GMT
date
Sun, 14 Jan 2024 21:41:03 GMT
cache-control
public, max-age=604800
x-powered-by
PHP/7.4.33
content-length
140
content-type
image/gif
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 20:14:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5170
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 13 Jan 2025 20:14:53 GMT
datatables.min.js
hero-mu.com/templates/default/js/ 		91 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hero-mu.com/templates/default/js/datatables.min.js
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
135.148.94.184 Weymouth, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
3028993b7bf0fd324497881c22f9111f38e856604ec899004d99d4d5d9b395c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:41:03 GMT
content-encoding
br
last-modified
Sun, 17 Jul 2022 15:04:58 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
30907
expires
Sun, 21 Jan 2024 21:41:03 GMT
main.js
hero-mu.com/templates/default/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hero-mu.com/templates/default/js/main.js
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
135.148.94.184 Weymouth, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
8ba31e98a2d13c4b82044aa5b1f875ab837cdd11239bf217850da70a6e512967

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:41:03 GMT
content-encoding
br
last-modified
Wed, 04 Jan 2023 21:11:40 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1583
expires
Sun, 21 Jan 2024 21:41:03 GMT
popper.min.js
cdn.jsdelivr.net/npm/@popperjs/core@2.9.2/dist/umd/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@popperjs/core@2.9.2/dist/umd/popper.min.js
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a07c69f9061eb12e39a031358a4f567f30a002ad6182639ac84fd1bda2f6e65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hero-mu.com/
Origin
https://hero-mu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:41:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3960030
x-jsd-version
2.9.2
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230047-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"48a2-jut79x6Kl4uCoaGYAV8U1z0upZI"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2BEu2Y6i7AETtdE%2FRIuXfQM%2Bz8qQ9IVJ8rFg9cRp0Q07arwmvUy6O8Cf5f6TN85GZUwzIyknck%2BjOw%2FY6yt%2B6Amzma9VJqTi%2B4vT4kqcJTVg4U93zWcsje5qc6Jj8F41hzf%2BjZge%2BOtlZ9B5aBo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
84590a787f9f047e-FRA
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.min.js
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hero-mu.com/
Origin
https://hero-mu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:41:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3865409
x-jsd-version
5.0.2
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230068-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"eab9-PwlPAQv7DAIqUbYneNQ2HRytP9Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7wPKfikYi43iI37%2FTXdg68%2F7fHIwErjQ%2BW33jNEaZzT%2BG%2FTtN7osHkjoN8m2%2BUpQ5pCp54sl8aNT4oiTeyvBxocUq2QyMvmbHgChU%2F%2FWLYsrvsHCi9EMbYV1qpF0qV9Yvifve1G%2Ff%2FPC9XY%2FjA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
84590a78c9bebbe6-FRA
ws.jpg
hero-mu.com/templates/default/img/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hero-mu.com/templates/default/img/ws.jpg
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
135.148.94.184 Weymouth, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
c794efab7b1a0574eb2969a8f373938dcdb028e8c4c9a9224d4536f0dcca3a72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/jpeg
date
Sun, 14 Jan 2024 21:41:03 GMT
cache-control
public, max-age=604800
last-modified
Mon, 08 Jan 2024 03:50:57 GMT
accept-ranges
bytes
content-length
22033
expires
Sun, 21 Jan 2024 21:41:03 GMT
widget.png
discordapp.com/api/guilds/1109980191620616202/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://discordapp.com/api/guilds/1109980191620616202/widget.png?style=banner2
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
free.min.css
ka-f.fontawesome.com/releases/v6.5.1/css/ 		101 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.1/css/free.min.css?token=8b5cc27615
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/8b5cc27615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2bfe99e2e78f71c88eb00c49e1392a15531fb6486d0d0c2ea71937dda34deab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:41:03 GMT
via
1.1 9defe0d67603d45217a1199d0f877384.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
ZRH55-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 17:25:52 GMT
server
cloudflare
etag
W/"edc53d8d44037708e54122b9e30bb2a1"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BN%2BbXmOXE5KyMUnhlMkPR%2FKHMIfazj1iYltXOl6fUYdDFYmL%2Bw8ce97%2FJfddJjwD4%2FYvXVZKODv32iVbZtVjKSRXVhUf32gcOnXHT1KtuOG1p6Rk5lRQ7HPmxlyDgzzqnsNx61Av%2BT%2FhANj83WlPAxoZKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
84590a79ae1f198f-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
EONOdJmx5UR4QR_GLYsPj_0Drr9dz73gcK2hH0d4tiz67mwZdL_ZqA==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.5.1/css/ 		27 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.1/css/free-v4-shims.min.css?token=8b5cc27615
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/8b5cc27615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5031c11dd77875afefe4eeddfaa320af07fdccea327f7416a5ee8980674c9c76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:41:03 GMT
via
1.1 a1822b92cbf5d3516743d4786d5b6020.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
ZRH55-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 17:25:51 GMT
server
cloudflare
etag
W/"604d6da359831b0dc67e0f522f1ff94d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UI8lG3MiSU0RHYhf%2BYU%2B6ZpQeipwI33FjMEDxoCf9XidibShmH52mFtC9p4naADL9kLBzCBOPTpUTeQPkcP5YVcfiDrcwJcTSPdHqlTIxDKCjJigtaQ7OwmflMzSHh7tV8%2B17g%2Fu27j94KXDTIRn%2FPeUwA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
84590a79ae20198f-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
w_My6L1Ly0giw_Ro4_T1N3Qphd6N753fqTwjGCbG59AOvdqXX24fhw==
free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.5.1/css/ 		823 B
717 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.1/css/free-v5-font-face.min.css?token=8b5cc27615
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/8b5cc27615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f581083ac72ae169a698cd0cb7f02d8bb2e079844bfad68cc98df5b3c4692408

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:41:03 GMT
via
1.1 ca6974974a9175b71fb6a84145111ed2.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
ZRH55-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 17:25:51 GMT
server
cloudflare
etag
W/"496965a55b1faa4d5c41073ef276afc0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrG2PGat7iCQKk4A%2BhMyLeaNZpl9sWVQJKiWD1gV8Os30ZkuNiKdvbf5BGnuHgHj01EAz%2FFHWfSkJYii9oVe5aLNREKpkSD32Q34qbsd1xBwkgo0tndZo7COIEVBaNeV6PMsbr7y9VyZbYKFGS4fn7Ot6w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
84590a79ae21198f-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
9Y-cs_Pc_1vD4TBjbN9L-Ma4X8DACAPtYrvpM6lNHDAtrDCQkqYbxQ==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.5.1/css/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.1/css/free-v4-font-face.min.css?token=8b5cc27615
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/8b5cc27615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6530f32fa70a330cd76547497f20048ae081dcc897af26befc84600357ba06be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:41:03 GMT
via
1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS54-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 17:25:51 GMT
server
cloudflare
etag
W/"cc84affe95dbdd9726525f57d20b4ea6"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P89qCalAXoVVWl7efCx19tRmp1A9ijjAHB8xuzwgJYtH2U1ZdpCmqZBrIF%2B2ApKb43G8U5AZNmBIi8LyCwZGDqdlgNrM1O4%2FC6Mup5PVSBWeMLxlLYLKZTHrAqK7PfiWh80bFCGxkoFAcJwn95Cev287uw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
84590a79ae1e198f-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
lCR-tDux5yk2XEubIJO6FYJsnzgfJ0ykiZgiZRlonRRPe3a-j3Rr9Q==
background.jpg
hero-mu.com/templates/default/img/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hero-mu.com/templates/default/img/background.jpg
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/templates/default/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
135.148.94.184 Weymouth, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
744bd77a5731246ab8bca9163f727822cd00f01d2e537b9cd584c2a22b122eb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hero-mu.com/templates/default/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/jpeg
date
Sun, 14 Jan 2024 21:41:03 GMT
cache-control
public, max-age=604800
last-modified
Mon, 08 Jan 2024 03:46:42 GMT
accept-ranges
bytes
content-length
1392696
expires
Sun, 21 Jan 2024 21:41:03 GMT
t4tqoE2_xec
www.youtube.com/embed/ Frame BE27 		93 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/t4tqoE2_xec?si=GUzK7xBo28xdPTJR
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ecb890dda87073f1781b7b9eb92dd3717fc5b3a06cfa237ac1b96bd652a11b30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hero-mu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 21:41:03 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hero-mu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 16:39:21 GMT
x-content-type-options
nosniff
age
190902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 16:39:21 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hero-mu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 17:31:59 GMT
x-content-type-options
nosniff
age
187744
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 17:31:59 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hero-mu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:11:03 GMT
x-content-type-options
nosniff
age
149400
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jan 2025 04:11:03 GMT
servertime.php
hero-mu.com/api/ 		38 B
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hero-mu.com/api/servertime.php
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
135.148.94.184 Weymouth, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
/ PHP/7.4.33
Resource Hash
6aadf2273712cd95e614265b7ef70a2963d0763d6dbbe38c32ca8bedf709d9ec

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://hero-mu.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 21:41:03 GMT
content-encoding
br
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, must-revalidate
content-length
42
expires
Thu, 19 Nov 1981 08:52:00 GMT
castlesiege.php
hero-mu.com/api/ 		19 B
105 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hero-mu.com/api/castlesiege.php
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
135.148.94.184 Weymouth, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
/ PHP/7.4.33
Resource Hash
3d65a405ad2cf2231db39b04f73135ec6a7271baf70da4b6728a83590a76af26

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://hero-mu.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 21:41:03 GMT
content-encoding
br
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, must-revalidate
content-length
23
expires
Thu, 19 Nov 1981 08:52:00 GMT
free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v6.5.1/webfonts/ 		115 KB
115 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.1/webfonts/free-fa-brands-400.woff2
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58522c58cbb9b2231026ce7d65096807a3f97fffaf22cea6fb180590286fa53d

Request headers

Referer
https://hero-mu.com/
Origin
https://hero-mu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:41:03 GMT
via
1.1 25fe70cc18ad9b2503949e3460083640.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS54-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
117376
last-modified
Thu, 30 Nov 2023 17:53:29 GMT
server
cloudflare
etag
"7d46df6bf5bc9cd2a8992bb4f275ad45"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eyabs2id00tEG07vDwHJL5n3oEyHcCVdkU7qLrjbjMuhVcOa6%2FRDYz6i9X%2Bb%2FXBKY3L2FPYBWQ7l%2BK5PzU0fVNUlid2iX5FjPpp5hYqokplqoTBHU72eZ%2B102JqvtSO7lqPDDAF4%2BZ90czFZoCNPua4%2BUA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
84590a7a6eda198f-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
1g114C1RMn9gMjnNofrC4UWKtoMYIjM1vj7ejhxNMbpRKMjWssRnyA==
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.5.1/webfonts/ 		153 KB
154 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.1/webfonts/free-fa-solid-900.woff2
Requested by
Host: hero-mu.com
URL: https://hero-mu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a93f7f459e0dabc5d86e6b6e3936c07d2dd02b52369f26bb7e8c0005a5d26368

Request headers

Referer
https://hero-mu.com/
Origin
https://hero-mu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:41:03 GMT
via
1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS54-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
156504
last-modified
Thu, 30 Nov 2023 17:53:29 GMT
server
cloudflare
etag
"98ff5c340b38803d09d3f22fd9a00501"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R79z9MdPPvUAj0jX41keabtFzAZ4DpjfCuV5sf%2BE34YcoOOVaHV55Eeaxq1MS9%2BzUc%2Fzo5k4ZOyW7tyMysr60n2MuVqlmgjd6ybDn8TpetlVrl3Qm05OEsCYJDkZrS%2FYuVC6rzlBlabNw3U%2Bk1ct34BAEg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
84590a7a6edc198f-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
RQRRo4SpafVTPsTSdP9G77bpEVAYqNFzcZF4UCJCxs1DYec7qEd6RQ==
www-player.css
www.youtube.com/s/player/80b90bfd/ Frame BE27 		358 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/80b90bfd/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/t4tqoE2_xec?si=GUzK7xBo28xdPTJR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
681a187d0cb0a97d9b58ebe82409396f2d4cbb5f797c0de299e4e3f23f8c1724
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/t4tqoE2_xec?si=GUzK7xBo28xdPTJR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:51:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
17344
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47453
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 02:46:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 13 Jan 2025 16:51:59 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BE27 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/t4tqoE2_xec?si=GUzK7xBo28xdPTJR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 23:26:56 GMT
x-content-type-options
nosniff
age
252847
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Jan 2025 23:26:56 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BE27 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/t4tqoE2_xec?si=GUzK7xBo28xdPTJR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 20:17:31 GMT
x-content-type-options
nosniff
age
523412
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Jan 2025 20:17:31 GMT
embed.js
www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/ Frame BE27 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/t4tqoE2_xec?si=GUzK7xBo28xdPTJR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3401b7cf66d3054cd4e206cc8eb15fc6526750591846b9947baa655fc940d910
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/t4tqoE2_xec?si=GUzK7xBo28xdPTJR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 22:45:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
168921
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16447
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 02:46:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 11 Jan 2025 22:45:42 GMT
www-embed-player.js
www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/ Frame BE27 		323 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/t4tqoE2_xec?si=GUzK7xBo28xdPTJR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
899192d31cbdaa61c8bab2e4e28c1118b1a2404ea87bc3e4854a53bea37b94ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/t4tqoE2_xec?si=GUzK7xBo28xdPTJR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 20:22:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
4743
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98905
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 02:46:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 13 Jan 2025 20:22:00 GMT
base.js
www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/ Frame BE27 		2 MB
770 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/t4tqoE2_xec?si=GUzK7xBo28xdPTJR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45b41e9d926f671cea3deb26ad3ddb93ae28ba5eca5f299bea5a59b482fee3d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/t4tqoE2_xec?si=GUzK7xBo28xdPTJR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:59:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
135697
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
788283
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 02:46:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 12 Jan 2025 07:59:26 GMT
id
googleads.g.doubleclick.net/pagead/ Frame BE27
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/t4tqoE2_xec?si=GUzK7xBo28xdPTJR
Protocol
H2
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25a468e213defdd98cdf80d17bee2437c489adf3cc3004741eed53c1266466a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:41:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 14 Jan 2024 21:41:04 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame BE27 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:32:12 GMT
x-content-type-options
nosniff
age
532
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 14 Jan 2024 21:47:12 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 14 Jan 2024 21:41:04 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BE27 		86 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d3fdbcfa6323a30faea33af5d0de1e4c3f62af2abbcbea6c287a9fdecbc301b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sun, 14 Jan 2024 21:41:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40499
x-xss-protection
0
remote.js
www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/ Frame BE27 		117 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b6c8a53cb4841326e9fb05b33f3aaead9cc0eb705c4de88d717bb15da0d7993
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/t4tqoE2_xec?si=GUzK7xBo28xdPTJR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 20:38:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
176558
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33877
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 02:46:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 11 Jan 2025 20:38:26 GMT
Ds_pDKslpu-iWcXddHrDyyVH9ulM38tH3FG5TexbKIk.js
www.google.com/js/th/ Frame BE27 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/Ds_pDKslpu-iWcXddHrDyyVH9ulM38tH3FG5TexbKIk.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ecfe90cab25a6efa259c5dd747ac3cb2547f6e94cdfcb47dc51b94dec5b2889
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 11:27:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
123234
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19790
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 12 Jan 2025 11:27:10 GMT
sddefault.webp
i.ytimg.com/vi_webp/t4tqoE2_xec/ Frame BE27 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/t4tqoE2_xec/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/t4tqoE2_xec?si=GUzK7xBo28xdPTJR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99bb5c54a039ddff10390f122b917aa0d5306d54a989e858c1225ff7e6398805
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:41:04 GMT
x-content-type-options
nosniff
server
sffe
etag
"1704766217"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34614
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 14 Jan 2024 23:41:04 GMT
truncated
/ Frame BE27 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
XXh4HekOpZ1GITJDq_m7xvXqx3nrETxjW22fcg73MICceh3x47ccSsUlnqTzbjxeCgzTlE7u=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame BE27 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/XXh4HekOpZ1GITJDq_m7xvXqx3nrETxjW22fcg73MICceh3x47ccSsUlnqTzbjxeCgzTlE7u=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/t4tqoE2_xec?si=GUzK7xBo28xdPTJR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d26403e9937bb107089c0a7d28cfd592dd8bb462b650fa048427248ac942cc7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:41:04 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="channels4_profile.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4381
x-xss-protection
0
expires
Mon, 15 Jan 2024 21:41:04 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame BE27 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:41:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 14 Jan 2024 21:41:04 GMT
generate_204
www.youtube.com/ Frame BE27 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?sn9oVg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/t4tqoE2_xec?si=GUzK7xBo28xdPTJR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/t4tqoE2_xec?si=GUzK7xBo28xdPTJR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:41:04 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BE27 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
75aa7a592714fc5a4db87d10fc3253578d56ba8c817f4833cac11da300e578bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sun, 14 Jan 2024 21:41:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 14 Jan 2024 21:41:04 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
cast_sender.js
www.gstatic.com/eureka/clank/120/ Frame BE27 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/120/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 12:40:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32445
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 15:04:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Mon, 15 Jan 2024 12:40:19 GMT
log_event
www.youtube.com/youtubei/v1/ Frame BE27 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
X-Goog-Request-Time
1705268466638
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/t4tqoE2_xec?si=GUzK7xBo28xdPTJR
X-YouTube-Client-Version
1.20240109.00.00
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
Cgt2dXRDdHVPWlNJcyjvqZGtBjIKCgJERRIEEgAgXQ%3D%3D
X-YouTube-Ad-Signals
dt=1705268463965&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C630%2C350&vis=1&wgl=true&ca_type=image

Response headers

date
Sun, 14 Jan 2024 21:41:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Sun, 14 Jan 2024 21:41:06 GMT

Verdicts & Comments Add Verdict or Comment

218 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| FontAwesomeKitConfig string| baseUrl string| ColorTemplate object| rootElement object| snowStorm boolean| autoStart number| flakesMax number| flakesMaxActive number| animationInterval boolean| excludeMobile object| flakeBottom boolean| followMouse string| snowColor string| snowCharacter boolean| snowStick object| targetElement boolean| useMeltEffect boolean| useTwinkleEffect boolean| usePositionFixed boolean| freezeOnBlur number| flakeLeftOffset number| flakeRightOffset number| flakeWidth number| flakeHeight number| vMaxX number| vMaxY number| zIndex object| timers object| flakes boolean| disabled boolean| active number| meltFrameCount object| meltFrames object| events function| randomizeWind function| scrollHandler function| resizeHandler function| resizeHandlerAlt function| freeze function| resume function| toggleSnow function| show function| SnowFlake function| snow function| mouseMove function| createSnow function| timerInit function| init function| start object| config boolean| tt_Debug boolean| tt_Enabled boolean| TagsToTip function| Tip function| TagToTip function| UnTip object| tt_aElt object| tt_aV undefined| tt_sContent number| tt_scrlX number| tt_scrlY undefined| tt_musX undefined| tt_musY undefined| tt_over number| tt_x number| tt_y undefined| tt_w number| tt_h function| tt_Extension function| tt_SetTipPos function| tt_HideInit function| tt_Hide function| tt_GetElt function| tt_GetDivW function| tt_GetDivH function| tt_GetScrollX function| tt_GetScrollY function| tt_GetClientW function| tt_GetClientH function| tt_GetEvtX function| tt_GetEvtY function| tt_AddEvtFnc function| tt_RemEvtFnc object| tt_aExt object| tt_db boolean| tt_op boolean| tt_ie undefined| tt_ie56 boolean| tt_bBoxOld object| tt_body undefined| tt_ovr_ number| tt_flagOpa undefined| tt_maxPosX undefined| tt_maxPosY number| tt_iState undefined| tt_opa undefined| tt_bJmpVert undefined| tt_bJmpHorz undefined| tt_t2t undefined| tt_t2tDad undefined| tt_elDeHref object| tt_tShow object| tt_tHide object| tt_tDurt object| tt_tFade object| tt_tWaitMov boolean| tt_bWait string| tt_u function| tt_Init function| tt_MkCmdEnum function| tt_Browser function| tt_MkMainDiv function| tt_MkMainDivHtm function| tt_MkMainDivDom function| tt_GetMainDivRefs function| tt_ResetMainDiv function| tt_IsW3cBox function| tt_OpaSupport function| tt_SetOnloadFnc function| tt_HideSrcTags function| tt_HideSrcTagsRecurs function| tt_HideSrcTag function| tt_Tip function| tt_ReadCmds function| tt_AdaptConfig1 function| tt_AdaptConfig2 function| tt_MkTipContent function| tt_MkTipSubDivs function| tt_GetSubDivRefs function| tt_FormatTip function| tt_FixSize function| tt_DeAlt function| tt_OpDeHref function| tt_OpReHref function| tt_OverInit function| tt_ShowInit function| tt_Show function| tt_ShowIfrm function| tt_Move function| tt_Pos function| tt_PosDef function| tt_PosAlt function| tt_CalcPosDef function| tt_CalcPosAlt function| tt_Fade function| tt_SetTipOpa function| tt_OnScrl function| tt_OnCloseBtnOver function| tt_OnLClick function| tt_Int function| tt_SetOpa function| tt_MovDomNode function| tt_Err function| tt_ExtCmdEnum function| tt_ExtCallFncs number| ABOVE number| BGCOLOR number| BGIMG number| BORDERCOLOR number| BORDERSTYLE number| BORDERWIDTH number| CENTERMOUSE number| CLICKCLOSE number| CLICKSTICKY number| CLOSEBTN number| CLOSEBTNCOLORS number| CLOSEBTNTEXT number| COPYCONTENT number| DELAY number| DURATION number| FADEIN number| FADEOUT number| FADEINTERVAL number| FIX number| FOLLOWMOUSE number| FONTCOLOR number| FONTFACE number| FONTSIZE number| FONTWEIGHT number| HEIGHT number| JUMPHORZ number| JUMPVERT number| LEFT number| OFFSETX number| OFFSETY number| OPACITY number| PADDING number| SHADOW number| SHADOWCOLOR number| SHADOWWIDTH number| STICKY number| TEXTALIGN number| TITLE number| TITLEALIGN number| TITLEBGCOLOR number| TITLEFONTCOLOR number| TITLEFONTFACE number| TITLEFONTSIZE number| TITLEPADDING number| WIDTH function| lightBoxClose function| lightboxClick function| $ function| jQuery object| $jscomp function| $jscomp$lookupPolyfilledValue function| DataTable object| csTime object| serverTime function| rankingsFilterByClass function| rankingsFilterRemove object| Popper number| uidEvent object| bootstrap object| tooltipTriggerList undefined| tooltipList undefined| paypal_cr

5 Cookies

Domain/Path Name / Value
hero-mu.com/ Name: PHPSESSID
Value: 94632466726ef3b2bdc7a189122897d4
.youtube.com/ Name: YSC
Value: EkP3pnuufBM
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: vutCtuOZSIs
.discordapp.com/ Name: __cf_bm
Value: Jyk7vH91BHLvS3EKdxrcimidnC93vmfqJi3aqXFsrEw-1705268463-1-AVb7XL00B2r/1qIru3MZPe28GjFeLmH2SOV9Ui8qFC69mdfufaFd9s+wLHNZaVXjKxC/YzcjcNief2X2WdKsHF4=
.discordapp.com/ Name: _cfuvid
Value: pF731QtETpSu0cVihrIscVZPkl0swe.B0UGzW3BfsoY-1705268463890-0-604800000

1 Console Messages

Source Level URL
Text
network error URL: https://discordapp.com/api/guilds/1109980191620616202/widget.png?style=banner2
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
cdn3.professor-falken.com
discordapp.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hero-mu.com
i.imgur.com
i.ytimg.com
jnn-pa.googleapis.com
ka-f.fontawesome.com
kit.fontawesome.com
static.doubleclick.net
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.248.46.94
135.148.94.184
146.75.116.193
162.159.129.233
2606:4700:4400::ac40:93bc
2606:4700::6810:5914
2606:4700:e4::ac40:a407
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2016
2a00:1450:4001:811::2001
2a00:1450:4001:811::200a
2a00:1450:4001:81c::200a
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2006
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
048a252135ee5da45dcd64a8afb068f30a0509106c7bd86ba76078db4b34581a
04c9cdc2e02400f8589ff6f33fbaa96d9557be56de3c9871c1334da9a660fcdb
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0691650b6fae3618cd252ea160042e73cde9f05768985a840a8077df5de74d1c
0b356558f7c2f2dc05119b124925e3816e2f82933ff596655bfd34e967e087ae
0d8d7390f63e80f47adfc8b5c7bda3c95da922ec6184ff0f69098b158d3131d9
0ecfe90cab25a6efa259c5dd747ac3cb2547f6e94cdfcb47dc51b94dec5b2889
25a468e213defdd98cdf80d17bee2437c489adf3cc3004741eed53c1266466a9
2e21bad4eb2df60d2240cc4874e38fd1625c265a222d05a7375b59369ddfb245
3028993b7bf0fd324497881c22f9111f38e856604ec899004d99d4d5d9b395c9
33bfd146a59a799c6c558cb217e0d705bb75f777f465a628228b93bda4e704d0
3401b7cf66d3054cd4e206cc8eb15fc6526750591846b9947baa655fc940d910
38ba9401befa10b11739d46496718d2d5087d98f29eba3f8424ca5e53b26c2dc
3d65a405ad2cf2231db39b04f73135ec6a7271baf70da4b6728a83590a76af26
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ea6ec69d5f1ba97afe40f6cf91d4bdeb0ab1f277743738ceb0a15b963bd71f2
4306ff8241d011fc96dd02789600623ce20f7a2f4d412735fd1217e34e6b36ce
45b41e9d926f671cea3deb26ad3ddb93ae28ba5eca5f299bea5a59b482fee3d9
5031c11dd77875afefe4eeddfaa320af07fdccea327f7416a5ee8980674c9c76
58522c58cbb9b2231026ce7d65096807a3f97fffaf22cea6fb180590286fa53d
5a07c69f9061eb12e39a031358a4f567f30a002ad6182639ac84fd1bda2f6e65
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9
60464b92964a4b0559ed134d29a828bb943283a891510cf0df67391b908835c2
60bd154fd325fe193a623e70a3f4c7396ab11b2fa6f8e3f9f584c72b4b6423b3
62efd95f6c5529d5b2876229ccf607d077a8b3f08155e12bababf5ae88d73b5a
64b74ac8278da6e938c8165c439e928fb89f420bcf030641debae4b9ea5cd8fb
6530f32fa70a330cd76547497f20048ae081dcc897af26befc84600357ba06be
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
681a187d0cb0a97d9b58ebe82409396f2d4cbb5f797c0de299e4e3f23f8c1724
688ad007ecc12101aca5779c6d9a32dd21e1412a340518556acd5290350dda87
6aadf2273712cd95e614265b7ef70a2963d0763d6dbbe38c32ca8bedf709d9ec
6b6c8a53cb4841326e9fb05b33f3aaead9cc0eb705c4de88d717bb15da0d7993
744bd77a5731246ab8bca9163f727822cd00f01d2e537b9cd584c2a22b122eb1
75aa7a592714fc5a4db87d10fc3253578d56ba8c817f4833cac11da300e578bf
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
80cbbace377e6c43dc8c96a81f4d60ef503998f87094324ba9f0384b5b6e2ccc
899192d31cbdaa61c8bab2e4e28c1118b1a2404ea87bc3e4854a53bea37b94ed
8ba31e98a2d13c4b82044aa5b1f875ab837cdd11239bf217850da70a6e512967
99bb5c54a039ddff10390f122b917aa0d5306d54a989e858c1225ff7e6398805
9f629f8bfd122da210f570cceb568ca8cc327db05759f8cdb61e5a9fc5dd5c42
a453a64b846e3049cc9da0b2460074f04a824b70435ce9d56d831cb9f535e62d
a93f7f459e0dabc5d86e6b6e3936c07d2dd02b52369f26bb7e8c0005a5d26368
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b2bfe99e2e78f71c88eb00c49e1392a15531fb6486d0d0c2ea71937dda34deab
b92f4eb6e7e071a728ae3fb103c1dfe56c0b0f1423171c94afd1709ea466fdab
c2652b280087b6479b7703779da4be80b4c621edbf465e34f5e5314d8835a84c
c6d20cdd13d5407f6574795f45231467fca8a92def60a4514958bea57a140336
c6fa6aeeafa3c2e2366d3dc8d32df0e8e451eb68bc39942fc853f42b071d76a9
c794efab7b1a0574eb2969a8f373938dcdb028e8c4c9a9224d4536f0dcca3a72
c94027eb48adca31a4c5435091fbcdfa6ed96c93cf31b41f18265ded48217a73
cb54455d7d4ad9f9954c26d5c10f1857ab8f28de011624dd4805d57a0bd8c68c
d26403e9937bb107089c0a7d28cfd592dd8bb462b650fa048427248ac942cc7b
d3fdbcfa6323a30faea33af5d0de1e4c3f62af2abbcbea6c287a9fdecbc301b2
d45d6c36622762c0e4c388824088eb25fe9dbb849bc171ebca71093672b8b5f6
d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dab6330e925a653df9bd838df059d5b77bbc3cb5353651b46f6da772472a70a8
e21fec51ed7f05fe07d327b133a9fc29d442229b8a3ecc84e546db13aad18522
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecb890dda87073f1781b7b9eb92dd3717fc5b3a06cfa237ac1b96bd652a11b30
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f581083ac72ae169a698cd0cb7f02d8bb2e079844bfad68cc98df5b3c4692408
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7894d4e32df7987bf9ec20c06fc1a8528dae5233a842c9443e647b2e832f545
ff3b7d5406fa253de638706a48068c789cd6ae2eb25f3e78c1363359c93f876d