www.bonusmonster.net Open in urlscan Pro
67.227.207.91 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/hBnyOe2su2?amp=1
Effective URL:
https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
Submission: On August 04 via api (August 4th 2021, 8:14:54 am UTC) from BE

Summary HTTP 70 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 18 domains to perform 70 HTTP transactions. The main IP is 67.227.207.91, located in United States and belongs to LIQUIDWEB, US. The main domain is www.bonusmonster.net.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 16th 2019. Valid for: 2 years.

This is the only time www.bonusmonster.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1 1	142.4.2.77 142.4.2.77	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	212.102.102.5 212.102.102.5	205450 (HOSTMEDIA-AS) (HOSTMEDIA-AS)
2	35.227.247.224 35.227.247.224	15169 (GOOGLE) (GOOGLE)
1 16	67.227.207.91 67.227.207.91	32244 (LIQUIDWEB) (LIQUIDWEB)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	13.224.96.120 13.224.96.120	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
3	13.226.145.90 13.226.145.90	16509 (AMAZON-02) (AMAZON-02)
16	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2016	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:44::b	15169 (GOOGLE) (GOOGLE)
1	52.89.139.96 52.89.139.96	16509 (AMAZON-02) (AMAZON-02)
70	21

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.4.2.77 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: fundariety.com

fundariety.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.102.102.5 (Ingija, Serbia)

ASN205450 (HOSTMEDIA-AS, RS)

jostlepulpstick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.247.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.247.227.35.bc.googleusercontent.com

www.sastrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 67.227.207.91 (United States) 1 redirects

ASN32244 (LIQUIDWEB, US)
PTR: host1.yoursiteby.me

www.bonusmonster.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-120.zrh50.r.cloudfront.net

assets.pcrl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.226.145.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-90.dus51.r.cloudfront.net

system.picreel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:44::b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r5---sn-4g5edne7.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.89.139.96 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-139-96.us-west-2.compute.amazonaws.com

app.picreel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	youtube.com www.youtube.com	725 KB
16	bonusmonster.net 1 redirects www.bonusmonster.net	393 KB
9	googlevideo.com r5---sn-4g5edne7.googlevideo.com	3 MB
4	picreel.com system.picreel.com app.picreel.com	24 KB
4	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net	2 KB
4	gstatic.com fonts.gstatic.com	83 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com	17 KB
2	facebook.net connect.facebook.net	69 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	33 KB
2	sastrk.com www.sastrk.com	997 B
1	ytimg.com i.ytimg.com	98 KB
1	ggpht.com yt3.ggpht.com	2 KB
1	google.com www.google.com	13 KB
1	pcrl.co assets.pcrl.co	2 KB
1	jostlepulpstick.com jostlepulpstick.com	449 B
1	fundariety.com 1 redirects fundariety.com	470 B
1	t.co t.co	657 B
0	facebook.com Failed www.facebook.com Failed
70	18

	Domain	Requested by
21	www.youtube.com	www.bonusmonster.net www.youtube.com
16	www.bonusmonster.net	1 redirects www.bonusmonster.net
9	r5---sn-4g5edne7.googlevideo.com	www.youtube.com
4	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
3	system.picreel.com	assets.pcrl.co system.picreel.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	ssl.google-analytics.com	1 redirects www.bonusmonster.net
2	connect.facebook.net	www.bonusmonster.net connect.facebook.net
2	www.sastrk.com	jostlepulpstick.com
1	app.picreel.com	system.picreel.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	stats.g.doubleclick.net	www.bonusmonster.net
1	assets.pcrl.co	www.bonusmonster.net
1	ajax.googleapis.com	www.bonusmonster.net
1	fonts.googleapis.com	www.bonusmonster.net
1	jostlepulpstick.com	t.co
1	fundariety.com	1 redirects
1	t.co
0	www.facebook.com Failed	connect.facebook.net
70	22

This site contains links to these domains. Also see Links.

Domain
www.gambleaware.co.uk
www.gamcare.org.uk
www.picreel.com

Subject Issuer	Validity	Valid
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
jostlepulpstick.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-12` - `2022-07-12`	a year	crt.sh
sastrk.com Go Daddy Secure Certificate Authority - G2	`2021-07-12` - `2022-02-24`	7 months	crt.sh
bonusmonster.net Go Daddy Secure Certificate Authority - G2	`2019-10-16` - `2021-10-16`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
assets.pcrl.co Amazon	`2021-06-11` - `2022-07-10`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
system.picreel.com Amazon	`2020-12-27` - `2022-01-25`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-07-27` - `2021-10-05`	2 months	crt.sh
*.picreel.com Amazon	`2020-12-27` - `2022-01-25`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
Frame ID: 8A6EDB332A3BE23811CD64D3834BFC42
Requests: 34 HTTP requests in this frame

Frame: https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
Frame ID: 1E3B85B3865BEB0FD3896B4B8D25976F
Requests: 35 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
Frame ID: 117E948A02F767FA8C17B0C059757D08
Requests: 1 HTTP requests in this frame

Frame: https://app.picreel.com/api/get_template?source_url=https%253A%252F%252Fwww.bonusmonster.net%252F1%252F%253Ft%253Dss12-58_690209%2526email%253D&source_host=https%253A%252F%252Fwww.bonusmonster.net&templateId=&userAgent=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F89.0.4389.72%2520Safari%252F537.36&referrer=&screenWight=1600&screenHeight=1200&pv=&pp=&sv=&sp=&nv=&np=&rb=&ret=&utm_source=Picreel&utm_medium=display&utm_campaign=Picreel
Frame ID: 5772114977D986FDFEE1909DA995A482
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t.co/hBnyOe2su2?amp=1 Page URL
http://fundariety.com/0308.html?od=1sylshort610933929f819_vl_intervl_0zc4.gl83M.Yzzzyr148la11hv111... HTTP 302
https://jostlepulpstick.com/17629c6366aa6448000/0308_0zc610933929f530/yl0zc%7CM21unJj=%7Cgooc3%7Cwwwwx%7... Page URL
https://www.sastrk.com/3LPDKC/9F3647/?uid=135&sub1=690209&sub2=1174162716 Page URL
https://www.sastrk.com/metarefresh?t=aHR0cDovL3d3dy5ib251c21vbnN0ZXIubmV0LzEvP3Q9c3MxMi01OF82OTAyMD... Page URL
http://www.bonusmonster.net/1/?t=ss12-58_690209&email= HTTP 301
https://www.bonusmonster.net/1/?t=ss12-58_690209&email= Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

70
Requests

99 %
HTTPS

62 %
IPv6

18
Domains

22
Subdomains

21
IPs

5
Countries

4676 kB
Transfer

6920 kB
Size

11
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.gambleaware.co.uk/
Title: www.gambleaware.co.uk

Search URL Search Domain Scan URL

URL: http://www.gamcare.org.uk/
Title: www.gamcare.org.uk

Search URL Search Domain Scan URL

URL: http://www.picreel.com/?utm_source=https%3A%2F%2Fwww.bonusmonster.net&utm_medium=popup&utm_campaign=copyright
Title: Picreel

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/hBnyOe2su2?amp=1 Page URL
http://fundariety.com/0308.html?od=1sylshort610933929f819_vl_intervl_0zc4.gl83M.Yzzzyr148la11hv111_x11272.gooc3d3d3d3gyNzA4MGlk0t59rh HTTP 302
https://jostlepulpstick.com/17629c6366aa6448000/0308_0zc610933929f530/yl0zc%7CM21unJj=%7Cgooc3%7Cwwwwx%7C27080id%7C48595%7Czzzyr148la%7CY%7CM21unJj=%7CPC%7C1cvig5b/p3yfp2uipaD2ZGN5ZmZ5ZwyzBQR5K3MfK2yhqTIlqzksZUcwAN== Page URL
https://www.sastrk.com/3LPDKC/9F3647/?uid=135&sub1=690209&sub2=1174162716 Page URL
https://www.sastrk.com/metarefresh?t=aHR0cDovL3d3dy5ib251c21vbnN0ZXIubmV0LzEvP3Q9c3MxMi01OF82OTAyMDkmZW1haWw9 Page URL
http://www.bonusmonster.net/1/?t=ss12-58_690209&email= HTTP 301
https://www.bonusmonster.net/1/?t=ss12-58_690209&email= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://fundariety.com/0308.html?od=1sylshort610933929f819_vl_intervl_0zc4.gl83M.Yzzzyr148la11hv111_x11272.gooc3d3d3d3gyNzA4MGlk0t59rh HTTP 302
https://jostlepulpstick.com/17629c6366aa6448000/0308_0zc610933929f530/yl0zc%7CM21unJj=%7Cgooc3%7Cwwwwx%7C27080id%7C48595%7Czzzyr148la%7CY%7CM21unJj=%7CPC%7C1cvig5b/p3yfp2uipaD2ZGN5ZmZ5ZwyzBQR5K3MfK2yhqTIlqzksZUcwAN==

Request Chain 27

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=993178522&utmhn=www.bonusmonster.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=BonusMonster.net&utmhid=1129270963&utmr=-&utmp=%2F1%2F%3Ft%3Dss12-58_690209%26email%3D&utmht=1628064876881&utmac=UA-3280977-2&utmcc=__utma%3D201038141.642550039.1628064877.1628064877.1628064877.1%3B%2B__utmz%3D201038141.1628064877.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=892449446&utmredir=1&utmu=qDAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3280977-2&cid=642550039.1628064877&jid=892449446&_v=5.7.2&z=993178522

Request Chain 38

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 52

https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=true&app_id=421820311166136&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b39fa04cabd28%26domain%3Dwww.bonusmonster.net%26origin%3Dhttps%253A%252F%252Fwww.bonusmonster.net%252Ff471a288c009fc%26relation%3Dparent.parent&container_width=485&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FNoDepositBonusNewsletter%2F&locale=en_US&sdk=joey&show_facepile=false&small_header=false&tabs= HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D421820311166136%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3b39fa04cabd28%2526domain%253Dwww.bonusmonster.net%2526origin%253Dhttps%25253A%25252F%25252Fwww.bonusmonster.net%25252Ff471a288c009fc%2526relation%253Dparent.parent%26container_width%3D485%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FNoDepositBonusNewsletter%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs HTTP 302
https://www.facebook.com/w/ HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F HTTP 302
https://www.facebook.com/w/ HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F HTTP 302
https://www.facebook.com/w/ HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F HTTP 302
https://www.facebook.com/w/ HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F HTTP 302
https://www.facebook.com/w/ HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F HTTP 302
https://www.facebook.com/w/ HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F HTTP 302
https://www.facebook.com/w/ HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F HTTP 302
https://www.facebook.com/w/ HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F HTTP 302
https://www.facebook.com/w/ HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F

70 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 hBnyOe2su2 Show response
t.co/ 593 B
657 B 160ms
126ms Document
text/html 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/hBnyOe2su2?amp=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

1c10ef15858cc766b03de36600d7bc53d0010b403c17954d229028094874100a

Security Headers

Name	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

:method: GET
:authority: t.co
:scheme: https
:path: /hBnyOe2su2?amp=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 08:14:31 GMT
vary: Origin
server: tsa_o
expires: Wed, 04 Aug 2021 08:19:32 GMT
set-cookie: muc=e374bac0-9c04-4ef1-ae5e-12623c3ad94a; Max-Age=63072000; Expires=Fri, 04 Aug 2023 08:14:32 GMT; Domain=t.co; Secure; SameSite=None
content-type: text/html; charset=utf-8
cache-control: private,max-age=300
content-length: 290
referrer-policy: unsafe-url
content-encoding: gzip
x-xss-protection: 0
content-security-policy: referrer always;
strict-transport-security: max-age=0
x-connection-hash: 407aab56f36c0c0940e12b5a4f5e0073b2f2efb06c6989716fd3a6a87248ac90

GET
H/1.1

200
OK

Cookie set p3yfp2uipaD2ZGN5ZmZ5ZwyzBQR5K3MfK2yhqTIlqzksZUcwAN==
jostlepulpstick.com/17629c6366aa6448000/0308_0zc610933929f530/yl0zc%7CM21unJj=%7Cgooc3%7Cwwwwx%7C27080id%7C48595%7Czzzyr148la%7CY%7CM21unJj=%7CPC%7C1cvig5b/
Redirect Chain

http://fundariety.com/0308.html?od=1sylshort610933929f819_vl_intervl_0zc4.gl83M.Yzzzyr148la11hv111_x11272.gooc3d3d3d3gyNzA4MGlk0t59rh
https://jostlepulpstick.com/17629c6366aa6448000/0308_0zc610933929f530/yl0zc%7CM21unJj=%7Cgooc3%7Cwwwwx%7C27080id%7C48595%7Czzzyr148la%7CY%7CM21unJj=%7CPC%7C1cvig5b/p3yfp2uipaD2ZGN5ZmZ5ZwyzBQR5K3MfK...

136 B
449 B

1299ms
372ms

Document
text/html

212.102.102.5
HOSTMEDIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jostlepulpstick.com/17629c6366aa6448000/0308_0zc610933929f530/yl0zc%7CM21unJj=%7Cgooc3%7Cwwwwx%7C27080id%7C48595%7Czzzyr148la%7CY%7CM21unJj=%7CPC%7C1cvig5b/p3yfp2uipaD2ZGN5ZmZ5ZwyzBQR5K3MfK2yhqTIlqzksZUcwAN==
Requested by: Host: t.co
URL: https://t.co/hBnyOe2su2?amp=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.102.102.5 Ingija, Serbia, ASN205450 (HOSTMEDIA-AS, RS),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Host: jostlepulpstick.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://t.co/hBnyOe2su2?amp=1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://t.co/hBnyOe2su2?amp=1

Response headers

Date: Wed, 04 Aug 2021 08:14:35 GMT
Server: Apache
Set-Cookie: uid10589=1174162716-20210804041435-e352a6c2a0413a8ca5271bd452e18d5b-; domain=; expires=Fri, 03-Sep-2021 08:14:35 GMT; path=/; SameSite=None; Secure
Content-Length: 136
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Wed, 04 Aug 2021 08:14:33 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By: PHP/5.4.16
Location: https://jostlepulpstick.com/17629c6366aa6448000/0308_0zc610933929f530/yl0zc|M21unJj=|gooc3|wwwwx|27080id|48595|zzzyr148la|Y|M21unJj=|PC|1cvig5b/p3yfp2uipaD2ZGN5ZmZ5ZwyzBQR5K3MfK2yhqTIlqzksZUcwAN==
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 /
www.sastrk.com/3LPDKC/9F3647/ 321 B
669 B 127ms
110ms Document
text/html 35.227.247.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sastrk.com/3LPDKC/9F3647/?uid=135&sub1=690209&sub2=1174162716
Requested by: Host: jostlepulpstick.com
URL: https://jostlepulpstick.com/17629c6366aa6448000/0308_0zc610933929f530/yl0zc%7CM21unJj=%7Cgooc3%7Cwwwwx%7C27080id%7C48595%7Czzzyr148la%7CY%7CM21unJj=%7CPC%7C1cvig5b/p3yfp2uipaD2ZGN5ZmZ5ZwyzBQR5K3MfK2yhqTIlqzksZUcwAN==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.247.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.247.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: www.sastrk.com
:scheme: https
:path: /3LPDKC/9F3647/?uid=135&sub1=690209&sub2=1174162716
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://jostlepulpstick.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://jostlepulpstick.com/

Response headers

server: nginx
date: Wed, 04 Aug 2021 08:14:35 GMT
content-type: text/html; charset=utf-8
content-length: 321
set-cookie: uniqueClick_9F3647=940d30f2-2cf1-4642-8e03-0f1d8689a01c:1628064875; Path=/; Expires=Fri, 03 Sep 2021 08:14:35 GMT; Secure; SameSite=None transaction_id=bcf5cc222f864f7b874b2632591df28b; Path=/; Expires=Tue, 02 Nov 2021 08:14:35 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: deb21a28-e200-4c70-adff-297a832d9f38
via: 1.1 google
alt-svc: clear

GET
H2 200 metarefresh
www.sastrk.com/ 266 B
328 B 104ms
103ms Document
text/html 35.227.247.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sastrk.com/metarefresh?t=aHR0cDovL3d3dy5ib251c21vbnN0ZXIubmV0LzEvP3Q9c3MxMi01OF82OTAyMDkmZW1haWw9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.247.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.247.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: www.sastrk.com
:scheme: https
:path: /metarefresh?t=aHR0cDovL3d3dy5ib251c21vbnN0ZXIubmV0LzEvP3Q9c3MxMi01OF82OTAyMDkmZW1haWw9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.sastrk.com/3LPDKC/9F3647/?uid=135&sub1=690209&sub2=1174162716
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uniqueClick_9F3647=940d30f2-2cf1-4642-8e03-0f1d8689a01c:1628064875; transaction_id=bcf5cc222f864f7b874b2632591df28b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sastrk.com/3LPDKC/9F3647/?uid=135&sub1=690209&sub2=1174162716

Response headers

server: nginx
date: Wed, 04 Aug 2021 08:14:35 GMT
content-type: text/html; charset=utf-8
content-length: 266
via: 1.1 google
alt-svc: clear

GET
H2

200

Primary Request / Show response
www.bonusmonster.net/1/
Redirect Chain

http://www.bonusmonster.net/1/?t=ss12-58_690209&email=
https://www.bonusmonster.net/1/?t=ss12-58_690209&email=

28 KB
29 KB

412ms
174ms

Document
text/html

67.227.207.91
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.227.207.91 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host1.yoursiteby.me
Software: Microsoft-IIS/10.0 /
Resource Hash: 703a4ac3fd0df5fd515833f3fff3cac67422afa01efa98849a8a70529aeb7f56

Request headers

:method: GET
:authority: www.bonusmonster.net
:scheme: https
:path: /1/?t=ss12-58_690209&email=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sastrk.com/metarefresh?t=aHR0cDovL3d3dy5ib251c21vbnN0ZXIubmV0LzEvP3Q9c3MxMi01OF82OTAyMDkmZW1haWw9

Response headers

cache-control: private
content-type: text/html
server: Microsoft-IIS/10.0
set-cookie: country%5Fcode=%28null%29%2CINVALID%5FLICENSE%5FKEY; expires=Thu, 04-Aug-2022 08:14:36 GMT; path=/ ASPSESSIONIDCERCQCCR=MDGKOGLAJGKAOOOBMEDEICFO; secure; path=/
date: Wed, 04 Aug 2021 08:14:35 GMT
content-length: 29051

Redirect headers

Content-Type: text/html; charset=UTF-8
Location: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
Server: Microsoft-IIS/10.0
Date: Wed, 04 Aug 2021 08:14:35 GMT
Content-Length: 182

GET
H2 200 bootstrap.min.css
www.bonusmonster.net/1/css/ 118 KB
119 KB 120ms
118ms Stylesheet
text/css 67.227.207.91
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonusmonster.net/1/css/bootstrap.min.css
Requested by: Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.227.207.91 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host1.yoursiteby.me
Software: Microsoft-IIS/10.0 /
Resource Hash: eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Request headers

:path: /1/css/bootstrap.min.css
pragma: no-cache
cookie: country%5Fcode=%28null%29%2CINVALID%5FLICENSE%5FKEY; ASPSESSIONIDCERCQCCR=MDGKOGLAJGKAOOOBMEDEICFO
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.bonusmonster.net
referer: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 08:14:35 GMT
last-modified: Mon, 21 Mar 2016 13:31:18 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "097e5f27583d11:0"
content-length: 121260
content-type: text/css

GET
H3-29 200 css
fonts.googleapis.com/ 3 KB
459 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,300,100,900

Requested by

Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

acc944d1374ce996570a31e6757dba039ee2c656a3ebaee9ebf00609568cc8f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bonusmonster.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 04 Aug 2021 08:14:36 GMT
server: ESF
date: Wed, 04 Aug 2021 08:14:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Aug 2021 08:14:36 GMT

GET
H2 200 docs.css
www.bonusmonster.net/1/css/ 10 KB
10 KB 325ms
323ms Stylesheet
text/css 67.227.207.91
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonusmonster.net/1/css/docs.css
Requested by: Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.227.207.91 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host1.yoursiteby.me
Software: Microsoft-IIS/10.0 /
Resource Hash: 493a0a1f9cdf59c4f1513fcd3b9ca89ad53d2a324b87970ae0380115f347bdd1

Request headers

:path: /1/css/docs.css
pragma: no-cache
cookie: country%5Fcode=%28null%29%2CINVALID%5FLICENSE%5FKEY; ASPSESSIONIDCERCQCCR=MDGKOGLAJGKAOOOBMEDEICFO
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.bonusmonster.net
referer: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 08:14:35 GMT
last-modified: Mon, 21 Mar 2016 13:31:18 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "097e5f27583d11:0"
content-length: 9940
content-type: text/css

GET
H2 200 global.css
www.bonusmonster.net/_inc/css/ 17 KB
3 KB 117ms
116ms Stylesheet
text/css 67.227.207.91
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonusmonster.net/_inc/css/global.css
Requested by: Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.227.207.91 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host1.yoursiteby.me
Software: Microsoft-IIS/10.0 /
Resource Hash: aa01a4fdf020f433814c36cba525594cf1a14694672d6d016a221c875151e9b6

Request headers

:path: /_inc/css/global.css
pragma: no-cache
cookie: country%5Fcode=%28null%29%2CINVALID%5FLICENSE%5FKEY; ASPSESSIONIDCERCQCCR=MDGKOGLAJGKAOOOBMEDEICFO
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.bonusmonster.net
referer: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 08:14:35 GMT
content-encoding: gzip
last-modified: Thu, 12 Jan 2017 17:31:30 GMT
server: Microsoft-IIS/10.0
etag: "05ceb5f96cd21:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 3209

GET
H2 200 logo-bmonster.png
www.bonusmonster.net/1/images/ 30 KB
30 KB 338ms
336ms Image
image/png 67.227.207.91
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonusmonster.net/1/images/logo-bmonster.png
Requested by: Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.227.207.91 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host1.yoursiteby.me
Software: Microsoft-IIS/10.0 /
Resource Hash: 80dd70706dda21fd61f0f307061ced148acff5754433abe0b46ba5c0f611f56b

Request headers

:path: /1/images/logo-bmonster.png
pragma: no-cache
cookie: country%5Fcode=%28null%29%2CINVALID%5FLICENSE%5FKEY; ASPSESSIONIDCERCQCCR=MDGKOGLAJGKAOOOBMEDEICFO
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.bonusmonster.net
referer: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 08:14:35 GMT
last-modified: Wed, 25 Apr 2018 17:38:22 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "03bb334bcdcd31:0"
content-length: 31106
content-type: image/png

GET
H2 200 all-logos.png
www.bonusmonster.net/1/images/ 24 KB
24 KB 339ms
338ms Image
image/png 67.227.207.91
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonusmonster.net/1/images/all-logos.png
Requested by: Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.227.207.91 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host1.yoursiteby.me
Software: Microsoft-IIS/10.0 /
Resource Hash: f255fe4742c1ef8931c9e6686b091aff09f2522bacff1c069376ec5aae853792

Request headers

:path: /1/images/all-logos.png
pragma: no-cache
cookie: country%5Fcode=%28null%29%2CINVALID%5FLICENSE%5FKEY; ASPSESSIONIDCERCQCCR=MDGKOGLAJGKAOOOBMEDEICFO
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.bonusmonster.net
referer: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 08:14:35 GMT
last-modified: Mon, 21 Mar 2016 13:31:16 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "06ab4f17583d11:0"
content-length: 24575
content-type: image/png

GET
H2 200 section-bullet1.png
www.bonusmonster.net/1/images/ 3 KB
3 KB 340ms
338ms Image
image/png 67.227.207.91
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonusmonster.net/1/images/section-bullet1.png
Requested by: Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.227.207.91 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host1.yoursiteby.me
Software: Microsoft-IIS/10.0 /
Resource Hash: f35704d0bd4b1f7c1da4844418ea46091f70cefb86d050a6aac350d9605779d1

Request headers

:path: /1/images/section-bullet1.png
pragma: no-cache
cookie: country%5Fcode=%28null%29%2CINVALID%5FLICENSE%5FKEY; ASPSESSIONIDCERCQCCR=MDGKOGLAJGKAOOOBMEDEICFO
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.bonusmonster.net
referer: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 08:14:35 GMT
last-modified: Mon, 21 Mar 2016 13:31:18 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "097e5f27583d11:0"
content-length: 3458
content-type: image/png

GET
H2 200 section-bullet2.png
www.bonusmonster.net/1/images/ 4 KB
4 KB 340ms
339ms Image
image/png 67.227.207.91
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonusmonster.net/1/images/section-bullet2.png
Requested by: Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.227.207.91 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host1.yoursiteby.me
Software: Microsoft-IIS/10.0 /
Resource Hash: a9d0832ebd7dc54e2ddf831ff23de969788279857cb659172929889389c4291c

Request headers

:path: /1/images/section-bullet2.png
pragma: no-cache
cookie: country%5Fcode=%28null%29%2CINVALID%5FLICENSE%5FKEY; ASPSESSIONIDCERCQCCR=MDGKOGLAJGKAOOOBMEDEICFO
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.bonusmonster.net
referer: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 08:14:35 GMT
last-modified: Mon, 21 Mar 2016 13:31:18 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "097e5f27583d11:0"
content-length: 3661
content-type: image/png

GET
H2 200 section-bullet3.png
www.bonusmonster.net/1/images/ 4 KB
4 KB 340ms
339ms Image
image/png 67.227.207.91
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonusmonster.net/1/images/section-bullet3.png
Requested by: Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.227.207.91 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host1.yoursiteby.me
Software: Microsoft-IIS/10.0 /
Resource Hash: 7195c7c88d7ec9eef6c013593d20ec2dba28a76bff85cdaa465a4e1cdd82184b

Request headers

:path: /1/images/section-bullet3.png
pragma: no-cache
cookie: country%5Fcode=%28null%29%2CINVALID%5FLICENSE%5FKEY; ASPSESSIONIDCERCQCCR=MDGKOGLAJGKAOOOBMEDEICFO
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.bonusmonster.net
referer: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 08:14:35 GMT
last-modified: Mon, 21 Mar 2016 13:31:18 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "097e5f27583d11:0"
content-length: 3613
content-type: image/png

GET
H2 200 social-icons.png
www.bonusmonster.net/1/images/ 12 KB
12 KB 340ms
340ms Image
image/png 67.227.207.91
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonusmonster.net/1/images/social-icons.png
Requested by: Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.227.207.91 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host1.yoursiteby.me
Software: Microsoft-IIS/10.0 /
Resource Hash: 12b4f4c131c2f2f4b969f2baf134b6967abb6a2c48f52b4d88bad971a44dbe90

Request headers

:path: /1/images/social-icons.png
pragma: no-cache
cookie: country%5Fcode=%28null%29%2CINVALID%5FLICENSE%5FKEY; ASPSESSIONIDCERCQCCR=MDGKOGLAJGKAOOOBMEDEICFO
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.bonusmonster.net
referer: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 08:14:35 GMT
last-modified: Mon, 21 Mar 2016 13:31:16 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "06ab4f17583d11:0"
content-length: 12169
content-type: image/png

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bonusmonster.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:59:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Aug 2022 07:59:33 GMT

GET
H2 200 bootstrap.js Show response
www.bonusmonster.net/1/js/ 70 KB
70 KB 239ms
238ms Script
application/javascript 67.227.207.91
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonusmonster.net/1/js/bootstrap.js
Requested by: Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.227.207.91 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host1.yoursiteby.me
Software: Microsoft-IIS/10.0 /
Resource Hash: d7a630f49eaf1053345cc546dee3d6baa9f8ca4a221b83bc52b8f456fc3b6284

Request headers

:path: /1/js/bootstrap.js
pragma: no-cache
cookie: country%5Fcode=%28null%29%2CINVALID%5FLICENSE%5FKEY; ASPSESSIONIDCERCQCCR=MDGKOGLAJGKAOOOBMEDEICFO
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bonusmonster.net
referer: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 08:14:35 GMT
last-modified: Sat, 05 Nov 2016 19:34:16 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "06c31989b37d21:0"
content-length: 71925
content-type: application/javascript

GET
H2 200 tubular.js Show response
www.bonusmonster.net/1/js/ 6 KB
6 KB 331ms
330ms Script
application/javascript 67.227.207.91
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonusmonster.net/1/js/tubular.js
Requested by: Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.227.207.91 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host1.yoursiteby.me
Software: Microsoft-IIS/10.0 /
Resource Hash: dbc538691560b1e1a012b22e7a6b9fef88b07b02537d90bb243889e8f7173615

Request headers

:path: /1/js/tubular.js
pragma: no-cache
cookie: country%5Fcode=%28null%29%2CINVALID%5FLICENSE%5FKEY; ASPSESSIONIDCERCQCCR=MDGKOGLAJGKAOOOBMEDEICFO
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bonusmonster.net
referer: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 08:14:35 GMT
last-modified: Fri, 11 Nov 2016 01:21:22 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "09585e9b93bd21:0"
content-length: 6200
content-type: application/javascript

GET
H2 200 global.js Show response
www.bonusmonster.net/_inc/js/ 20 KB
7 KB 331ms
330ms Script
application/javascript 67.227.207.91
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonusmonster.net/_inc/js/global.js
Requested by: Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.227.207.91 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host1.yoursiteby.me
Software: Microsoft-IIS/10.0 /
Resource Hash: d6d06879a7bc8fd55bf92e4c3884a5a9c1c8ec5dbcae2c1b02f59f4143a145e9

Request headers

:path: /_inc/js/global.js
pragma: no-cache
cookie: country%5Fcode=%28null%29%2CINVALID%5FLICENSE%5FKEY; ASPSESSIONIDCERCQCCR=MDGKOGLAJGKAOOOBMEDEICFO
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bonusmonster.net
referer: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 08:14:35 GMT
content-encoding: gzip
last-modified: Thu, 07 Apr 2016 17:53:20 GMT
server: Microsoft-IIS/10.0
etag: "028f65ef690d11:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 7333

GET
H/1.1 200
OK jstracker.min.js Show response
assets.pcrl.co/js/ 3 KB
2 KB 114ms
30ms Script
application/javascript 13.224.96.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pcrl.co/js/jstracker.min.js?geo=1
Requested by: Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-120.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: adf33148613cb07d00c1da3473cf3d7ce89a94c3e2075a065772bcb852f65b71

Request headers

Referer: https://www.bonusmonster.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ILWpFNHKyzE1o_od3IQyxMI3qjjCp8cy
Content-Encoding: gzip
ETag: "3b9aad01eeeb35815f6d1641a4650d6c"
Age: 8042
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1356
Last-Modified: Thu, 16 May 2019 15:18:55 GMT
Server: AmazonS3
Date: Wed, 04 Aug 2021 06:02:19 GMT
Content-Type: application/javascript
Via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
Cache-Control: max-age=21600, must-revalidate
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: mDEMyhphNf7fla1dLkdD1nnHhSVK2rsTcYzm7QY5EJRy8HTqgNdlEw==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 60ms
20ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3361be936265f9edb5c76b6edb13485321869fb6a7e978cd0829d1aec1afc72a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.bonusmonster.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 6ftli03k1adSPB5X077Gog==
cross-origin-resource-policy: cross-origin
expires: Wed, 04 Aug 2021 08:18:30 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: TZPTjtZAaJBA1yk5tUhkezjuYwmKtoOLDqGvnYSecIXOSZE2T50aOxvT5xe9R6bn7e41/Z5xIXWxXerPkRyOxA==
x-fb-trip-id: 720026100
x-fb-content-md5: d9cf4a7348c31211b1e6651ffc0f4c3b
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Wed, 04 Aug 2021 08:14:36 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "29d1237fc82961ff2e5d863f20c180c7"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 bg.jpg
www.bonusmonster.net/1/images/ 71 KB
71 KB 119ms
119ms Image
image/jpeg 67.227.207.91
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonusmonster.net/1/images/bg.jpg
Requested by: Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/css/docs.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.227.207.91 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host1.yoursiteby.me
Software: Microsoft-IIS/10.0 /
Resource Hash: a5af8eb61164cca569568bb63bb183a5caf9e575b5c708c8df98850ac9395ab4

Request headers

:path: /1/images/bg.jpg
pragma: no-cache
cookie: country%5Fcode=%28null%29%2CINVALID%5FLICENSE%5FKEY; ASPSESSIONIDCERCQCCR=MDGKOGLAJGKAOOOBMEDEICFO
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.bonusmonster.net
referer: https://www.bonusmonster.net/1/css/docs.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bonusmonster.net/1/css/docs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 08:14:35 GMT
last-modified: Mon, 21 Mar 2016 13:31:16 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "06ab4f17583d11:0"
content-length: 72488
content-type: image/jpeg

GET
H2 200 form-btn.png
www.bonusmonster.net/1/images/ 1 KB
1 KB 122ms
121ms Image
image/png 67.227.207.91
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bonusmonster.net/1/images/form-btn.png
Requested by: Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/css/docs.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.227.207.91 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host1.yoursiteby.me
Software: Microsoft-IIS/10.0 /
Resource Hash: fcc3c91f6e26d1f05dd92f6cf293b0ca557d14a98fe2d7e765812e4184949c5d

Request headers

:path: /1/images/form-btn.png
pragma: no-cache
cookie: country%5Fcode=%28null%29%2CINVALID%5FLICENSE%5FKEY; ASPSESSIONIDCERCQCCR=MDGKOGLAJGKAOOOBMEDEICFO
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.bonusmonster.net
referer: https://www.bonusmonster.net/1/css/docs.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bonusmonster.net/1/css/docs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 08:14:35 GMT
last-modified: Mon, 21 Mar 2016 13:31:18 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "097e5f27583d11:0"
content-length: 1312
content-type: image/png

GET
H3-29 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 22 KB
22 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,300,100,900

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.bonusmonster.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 08:34:22 GMT
x-content-type-options: nosniff
age: 85214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 08:34:22 GMT

GET
H3-29 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 22 KB
22 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,300,100,900

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.bonusmonster.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 04:01:05 GMT
x-content-type-options: nosniff
age: 101611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22572
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:30 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 04:01:05 GMT

GET
H3-29 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 23 KB
23 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,300,100,900

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.bonusmonster.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 00:16:41 GMT
x-content-type-options: nosniff
age: 115075
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 00:16:41 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bonusmonster.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 4901
date: Wed, 04 Aug 2021 06:52:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Wed, 04 Aug 2021 08:52:55 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 229 KB
67 KB 34ms
17ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=503c3e614ece0c2a5260d8b284aa0cc1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0f1cea50c3c09c442f4d6039e75f384db00aa1680907a61c0f484fc651a680a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.bonusmonster.net
Referer: https://www.bonusmonster.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 3y86QbqmJf7pGeLLra3FBw==
cross-origin-resource-policy: cross-origin
expires: Thu, 04 Aug 2022 06:31:29 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 68104
x-fb-rlafr: 0
x-fb-debug: EDtRKPhzh599ObO0IHW+dKlDZyxxK4PhATDuvH3oWJwqlsEuVGK/evfUErQzq6h7Rp1cG+7uB+J0dHu2NEJYOQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-content-md5: 5743da9a282a121366dc73f4070ac233
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 04 Aug 2021 08:14:36 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "30ffdf39544f555d3ded08729642147a"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=993178522&utmhn=www.bonusmonster.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3280977-2&cid=642550039.1628064877&jid=892449446&_v=5.7.2&z=993178522

35 B
451 B

42ms
14ms

Image
image/gif

2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3280977-2&cid=642550039.1628064877&jid=892449446&_v=5.7.2&z=993178522

Requested by

Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690209&email=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bonusmonster.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 04 Aug 2021 08:14:36 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 04 Aug 2021 08:14:36 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3280977-2&cid=642550039.1628064877&jid=892449446&_v=5.7.2&z=993178522
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 367
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
1 KB 48ms
28ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/js/tubular.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

68a626d145a6a176a36643c588a57e475b7e00d21fdcd4857f3a4bb63cc20158

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bonusmonster.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 08:14:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
accept-ch-lifetime: 2592000
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
expires: Wed, 04 Aug 2021 08:14:36 GMT

GET
H/1.1 200
OK blocked_sites.js Show response
system.picreel.com/js/ 281 B
808 B 81ms
13ms Script
application/javascript 13.226.145.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://system.picreel.com/js/blocked_sites.js
Requested by: Host: assets.pcrl.co
URL: https://assets.pcrl.co/js/jstracker.min.js?geo=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-90.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c65aa2b99ceeb0595c8d26af4d026a062fbfae7402667ccd7fa626e43c4f5cbc

Request headers

Referer: https://www.bonusmonster.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: tBnfWhrOfFymnPiDm.89fw0yzvTPUS4E
Via: 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
Last-Modified: Tue, 14 May 2019 05:28:18 GMT
Server: AmazonS3
Age: 16888
ETag: "cfe5c6de5d18b2265cc2f986399af585"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Date: Wed, 04 Aug 2021 03:39:21 GMT
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
Content-Length: 281
X-Amz-Cf-Id: eREj6jdgA7tfT2ioeHfFrF3HDAibgdQjknrVvJ256hKDfdlhTl-yjQ==

GET
H3-29 200 www-widgetapi.js Show response
www.youtube.com/s/player/2840754e/www-widgetapi.vflset/ 126 KB
42 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2840754e/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c6ea3761fe60f9fc525b54b15862f4b6c1c17c68732b54b24075f03c820667c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bonusmonster.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 06:31:29 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 02 Aug 2021 00:18:20 GMT
server: sffe
age: 6187
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42959
x-xss-protection: 0
expires: Thu, 04 Aug 2022 06:31:29 GMT

GET
H3-29 200 0FPhCyj8h34 Show response
www.youtube.com/embed/ Frame 1E3B 55 KB
23 KB 56ms
55ms Document
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2840754e/www-widgetapi.vflset/www-widgetapi.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

be2bc6d26da90852302240de26878a19e70a27994f150a4f2b3ec70cf2ba8faa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bonusmonster.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=P7coHiJ6Ugo; VISITOR_INFO1_LIVE=Kjq5xcMZToo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.bonusmonster.net/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 04 Aug 2021 08:14:37 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
accept-ch-lifetime: 2592000
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+893; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK jstracker.content.min.js Show response
system.picreel.com/js/ 95 KB
22 KB 17ms
17ms Script
application/javascript 13.226.145.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://system.picreel.com/js/jstracker.content.min.js?geo=1
Requested by: Host: assets.pcrl.co
URL: https://assets.pcrl.co/js/jstracker.min.js?geo=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-90.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6da4b97d617f094ca9c057fa82bd86df862538195ff38fdd30ad08d212afc358

Request headers

Referer: https://www.bonusmonster.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cN8jAqOq5_9FbLW50PQYPNUEyDvkCmki
Content-Encoding: gzip
ETag: "94862a47a33a6d45257cbc7ab4af004d"
Age: 6150
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 22000
Last-Modified: Wed, 16 Sep 2020 12:57:14 GMT
Server: AmazonS3
Date: Wed, 04 Aug 2021 06:32:57 GMT
Content-Type: application/javascript
Via: 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
Cache-Control: max-age=21600, must-revalidate
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: gGr2QIH1XSXQ22xASifWLvrq1_DWi7b6pCwADnE8au6BrVN_JdLSxQ==

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/2840754e/ Frame 1E3B 327 KB
45 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2840754e/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d64bea7d525ed5fb9b6c89ad17257f77862c2b95f98efb6e8ea9ca711e411cfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 14:40:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 02 Aug 2021 00:18:20 GMT
server: sffe
age: 149651
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46052
x-xss-protection: 0
expires: Tue, 02 Aug 2022 14:40:26 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/2840754e/www-embed-player.vflset/ Frame 1E3B 193 KB
64 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2840754e/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4e215cf2ce2e74a7f2715df662aa866de5e44949c4976a3338cc777ee89c270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 08:11:05 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 02 Aug 2021 00:18:20 GMT
server: sffe
age: 212
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65301
x-xss-protection: 0
expires: Thu, 04 Aug 2022 08:11:05 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/2840754e/player_ias.vflset/en_US/ Frame 1E3B 2 MB
492 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2840754e/player_ias.vflset/en_US/base.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8b0010d017514a0e1ec3fceba8fda76bb99b120fe8f2c09dae640b35b142b24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 14:42:54 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 02 Aug 2021 00:18:20 GMT
server: sffe
age: 149503
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 504007
x-xss-protection: 0
expires: Tue, 02 Aug 2022 14:42:54 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/2840754e/fetch-polyfill.vflset/ Frame 1E3B 8 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2840754e/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:04:32 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 02 Aug 2021 00:18:20 GMT
server: sffe
age: 4205
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Thu, 04 Aug 2022 07:04:32 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1E3B 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 21:27:21 GMT
x-content-type-options: nosniff
age: 125236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 21:27:21 GMT

GET
H3-29

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 1E3B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
161 B

40ms
27ms

XHR
application/json

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36e7ee19710edcc59a662c8b1e036ee73c6f5b056860f662b1881610c3fd76e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 08:14:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 04 Aug 2021 08:14:37 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 1E3B 29 B
523 B 25ms
6ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2840754e/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 08:10:38 GMT
x-content-type-options: nosniff
age: 239
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-media
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Aug 2021 08:25:38 GMT

GET
H2 200 15Ie8MSBp4IN3jcelD60kGm05ThBDTbI2ej_yOJ3Q94.js Show response
www.google.com/js/th/ Frame 1E3B 35 KB
13 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/15Ie8MSBp4IN3jcelD60kGm05ThBDTbI2ej_yOJ3Q94.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2840754e/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7921ef0c481a7820dde371e943eb49069b4e538410d36c8d9e8ffc8e27743de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 18:00:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13461
x-xss-protection: 0
last-modified: Mon, 19 Jul 2021 15:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Aug 2022 18:00:09 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/2840754e/player_ias.vflset/en_US/ Frame 1E3B 25 KB
25 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2840754e/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2840754e/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ec97f831ae0ec07f6e1d4b8a02dcb7b55c2342182e668bd995beb10e46a4f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 04:38:18 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 Aug 2021 00:18:20 GMT
server: sffe
age: 12979
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25246
x-xss-protection: 0
expires: Thu, 04 Aug 2022 04:38:18 GMT

GET
DATA 200
OK truncated
/ Frame 1E3B 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLRNj08vhWD-xuPw3UTORwO5peEmoFsVSpbEfw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 1E3B 1 KB
2 KB 168ms
148ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLRNj08vhWD-xuPw3UTORwO5peEmoFsVSpbEfw=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7a1dc190619b7a0a0a690508e410b0b85b9f9349d1ed2dc1f72b11b83be6af0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 08:14:37 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1141
x-xss-protection: 0
expires: Thu, 05 Aug 2021 08:14:37 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/0FPhCyj8h34/ Frame 1E3B 97 KB
98 KB 39ms
18ms Image
image/webp 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/0FPhCyj8h34/maxresdefault.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb351929e2fdc2c39cd893e089e7f8fbe3dd605a37fd2c13bccb5e94e84f9ad8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 08:14:37 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "0"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99582
x-xss-protection: 0
expires: Wed, 04 Aug 2021 10:14:37 GMT

POST
H3-29 200 player Show response
www.youtube.com/youtubei/v1/ Frame 1E3B 53 KB
17 KB 74ms
74ms XHR
application/json 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2840754e/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dd0781e6bb34c8674680e3519f19964afacc2bb38c263ea1f0f354d497b049c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210801.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Visitor-Id: CgtLanE1eGNNWlRvbyjtmKmIBg%3D%3D
Content-Type: application/json

Response headers

date: Wed, 04 Aug 2021 08:14:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17745
x-xss-protection: 0
expires: Wed, 04 Aug 2021 08:14:37 GMT

GET
H3-29 204 generate_204
www.youtube.com/ Frame 1E3B 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?GuaYfw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 08:14:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3-29 204 qoe
www.youtube.com/api/stats/ Frame 1E3B 0
19 B 14ms
14ms Ping
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=244&afmt=250&cpn=SaCVq6jT3c3EY8ht&ei=bUwKYf6BEsaR8gPS9oLIDQ&el=embedded&docid=0FPhCyj8h34&ns=yt&fexp=23940237%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24036236%2C24045411%2C24047387%2C24053866%2C24058812%2C24060921%2C24074015%2C24082773&cl=387635908&seq=1&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210801.0.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.010:S,0.101:S,0.101:S&cmt=0.010:0.000,0.101:0.000&ctmp=cc:t.90;useVodTrack&afs=0.101:250::i&vfs=0.101:244:247::r&view=0.101:2134:1200&bwe=0.101:130000&bat=0.101:1:1&vis=0.101:0&bh=0.101:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2840754e/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 04 Aug 2021 08:14:37 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r5---sn-4g5edne7.googlevideo.com/ Frame 1E3B 170 KB
172 KB 80ms
66ms XHR
video/webm 2a00:1450:4001:44::b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5edne7.googlevideo.com/videoplayback?expire=1628086477&ei=bUwKYf6BEsaR8gPS9oLIDQ&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-AJfaWuMKJtF0SEY9s2HU50Mc2jUiAhC9llttn0P0unTd&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=56&mm=31%2C29&mn=sn-4g5edne7%2Csn-4g5e6nsr&ms=au%2Crdu&mv=m&mvi=5&pl=48&initcwndbps=591250&vprv=1&mime=video%2Fwebm&ns=pFanmRzzpEF48BKMzhXeob4G&gir=yes&clen=2371855&dur=35.000&lmt=1605225497660584&mt=1628064546&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=qZdfMzUyeWUGXw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgFvManEpuL_ZJGq2BB4ArhaZ-BVNGg_C4I-TyDafYV0oCIQChRWENJ1eXFm5l-rnNSl15E25x8jToX9soT33RTgB6Gw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAKPsl4Gr5aYpFBdAtt1q9pU9XISoQ9C7VfIKnPSiJwkbAiAr5gd7j53mNDlSL_O0BYfQkynPKioaPrLgLFNaEvbYPw%3D%3D&alr=yes&cpn=SaCVq6jT3c3EY8ht&cver=1.20210801.0.0&range=0-174579&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2840754e/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:44::b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0553a94fa76b0842ce9496223c522f2991cdf7f6e4ed4b310240aa37fcba30ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 04 Aug 2021 08:14:37 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 174580
Last-Modified: Thu, 12 Nov 2020 23:58:17 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Wed, 04 Aug 2021 08:14:37 GMT

GET
H/1.1 200
OK videoplayback Show response
r5---sn-4g5edne7.googlevideo.com/ Frame 1E3B 16 KB
17 KB 86ms
74ms XHR
audio/webm 2a00:1450:4001:44::b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5edne7.googlevideo.com/videoplayback?expire=1628086477&ei=bUwKYf6BEsaR8gPS9oLIDQ&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-AJfaWuMKJtF0SEY9s2HU50Mc2jUiAhC9llttn0P0unTd&itag=250&source=youtube&requiressl=yes&mh=56&mm=31%2C29&mn=sn-4g5edne7%2Csn-4g5e6nsr&ms=au%2Crdu&mv=m&mvi=5&pl=48&initcwndbps=591250&vprv=1&mime=audio%2Fwebm&ns=pFanmRzzpEF48BKMzhXeob4G&gir=yes&clen=16130&dur=35.021&lmt=1605224105748250&mt=1628064546&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=qZdfMzUyeWUGXw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAKopGoCi2qWJPI3S4ilHFkhocHK_-dvIg6qPqv25ofy0AiEA6O9RD9pbDasWf028Rum215Rfxz5EqSlVhg12dyBOu5Q%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAKPsl4Gr5aYpFBdAtt1q9pU9XISoQ9C7VfIKnPSiJwkbAiAr5gd7j53mNDlSL_O0BYfQkynPKioaPrLgLFNaEvbYPw%3D%3D&alr=yes&cpn=SaCVq6jT3c3EY8ht&cver=1.20210801.0.0&range=0-16129&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2840754e/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:44::b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

041d64b0cc04518a1fe281fa28afff165d9a867ce8abebbdb7f9d6dc175e7e62

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 04 Aug 2021 08:14:37 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 16130
Last-Modified: Thu, 12 Nov 2020 23:35:05 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Wed, 04 Aug 2021 08:14:37 GMT

GET
H3-29 200 endscreen.js Show response
www.youtube.com/s/player/2840754e/player_ias.vflset/en_US/ Frame 1E3B 26 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2840754e/player_ias.vflset/en_US/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2840754e/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d88efbcac3e561b2df14c42fcd4ff81697ed0bcde211fffaaf90a87f3effbcbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 14:58:31 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 02 Aug 2021 00:18:20 GMT
server: sffe
age: 148566
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7196
x-xss-protection: 0
expires: Tue, 02 Aug 2022 14:58:31 GMT

POST
H3-29 200 next Show response
www.youtube.com/youtubei/v1/ Frame 1E3B 64 KB
5 KB 208ms
207ms XHR
application/json 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2840754e/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f5fdfe8949ed43812276e30df8ffc914b777caee106c2e988d4379ba7618885e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210801.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Visitor-Id: CgtLanE1eGNNWlRvbyjtmKmIBg%3D%3D
Content-Type: application/json

Response headers

date: Wed, 04 Aug 2021 08:14:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5266
x-xss-protection: 0
expires: Wed, 04 Aug 2021 08:14:37 GMT

GET

/
www.facebook.com/login/ Frame 117E
Redirect Chain

https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=true&app_id=421820311166136&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b3...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D421820311166136%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....
https://www.facebook.com/w/
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
https://www.facebook.com/w/
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
https://www.facebook.com/w/
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
https://www.facebook.com/w/
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
https://www.facebook.com/w/
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
https://www.facebook.com/w/
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
https://www.facebook.com/w/
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
https://www.facebook.com/w/
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
https://www.facebook.com/w/
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F

0
0

GET
H/1.1 200
OK cd.min.js Show response
system.picreel.com/js/ 947 B
1 KB 15ms
15ms Script
application/javascript 13.226.145.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://system.picreel.com/js/cd.min.js
Requested by: Host: system.picreel.com
URL: https://system.picreel.com/js/jstracker.content.min.js?geo=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-90.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 19307946d5d21a01e4fe16453f2e51b9d7d6226458d5f7de2af9a8bfb127f05d

Request headers

Referer: https://www.bonusmonster.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: n_c1cIpGEJcZhJ9hIDMWj._AdYJJJMpt
Content-Encoding: gzip
ETag: "6db0367a3eaf0edafdc6fd27eeb4cc14"
Age: 7585
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 447
Last-Modified: Tue, 14 May 2019 05:30:06 GMT
Server: AmazonS3
Date: Wed, 04 Aug 2021 06:08:16 GMT
Content-Type: application/javascript
Via: 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
Cache-Control: max-age=21600, must-revalidate
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: gyDC_Ki4pmrjgXMC__h4TiFNt7Wabmw5yjQTaXvtjtBaV9A_Inkd1A==

GET
H/1.1 200
OK get_template Show response
app.picreel.com/api/ Frame 5772 0
251 B 963ms
338ms Document
text/html 52.89.139.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.picreel.com/api/get_template?source_url=https%253A%252F%252Fwww.bonusmonster.net%252F1%252F%253Ft%253Dss12-58_690209%2526email%253D&source_host=https%253A%252F%252Fwww.bonusmonster.net&templateId=&userAgent=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F89.0.4389.72%2520Safari%252F537.36&referrer=&screenWight=1600&screenHeight=1200&pv=&pp=&sv=&sp=&nv=&np=&rb=&ret=&utm_source=Picreel&utm_medium=display&utm_campaign=Picreel
Requested by: Host: system.picreel.com
URL: https://system.picreel.com/js/jstracker.content.min.js?geo=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.89.139.96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-89-139-96.us-west-2.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) / PHP/5.5.9-1ubuntu4.21
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: app.picreel.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.bonusmonster.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.bonusmonster.net/

Response headers

Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 04 Aug 2021 08:15:54 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.21
Content-Length: 20
Connection: keep-alive

GET
H3-29 200 videoplayback Show response
r5---sn-4g5edne7.googlevideo.com/ Frame 1E3B 170 KB
170 KB 13ms
6ms XHR
video/webm 2a00:1450:4001:44::b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2840754e/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:44::b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

ad8a13febe45815a055d0ec33cf0e9469fd66a6812a3266a301504cfdae45a9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 08:14:37 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 174245
client-protocol: quic
last-modified: Thu, 12 Nov 2020 23:58:17 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Wed, 04 Aug 2021 08:14:37 GMT

GET
H3-29 200 videoplayback Show response
r5---sn-4g5edne7.googlevideo.com/ Frame 1E3B 335 B
361 B 46ms
46ms XHR
video/webm 2a00:1450:4001:44::b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5edne7.googlevideo.com/videoplayback?expire=1628086477&ei=bUwKYf6BEsaR8gPS9oLIDQ&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-AJfaWuMKJtF0SEY9s2HU50Mc2jUiAhC9llttn0P0unTd&itag=247&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=56&mm=31%2C29&mn=sn-4g5edne7%2Csn-4g5e6nsr&ms=au%2Crdu&mv=m&mvi=5&pl=48&initcwndbps=591250&vprv=1&mime=video%2Fwebm&ns=pFanmRzzpEF48BKMzhXeob4G&gir=yes&clen=4285326&dur=35.000&lmt=1605225497684328&mt=1628064546&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=qZdfMzUyeWUGXw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgEhXfrlhb1d23zElfqDR3aYvKlcy0vVDs_S6PBaxwrKYCIGfuvAKtfJ31p33zBa5GkugWA6JFDC6qR2fmet0D_1NY&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAKPsl4Gr5aYpFBdAtt1q9pU9XISoQ9C7VfIKnPSiJwkbAiAr5gd7j53mNDlSL_O0BYfQkynPKioaPrLgLFNaEvbYPw%3D%3D&alr=yes&cpn=SaCVq6jT3c3EY8ht&cver=1.20210801.0.0&range=0-334&rn=4&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2840754e/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:44::b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

586c271a80aa5bc8bb492857cf13c5a25982d6ab418ddd2b1a16f30d19db0d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 08:14:37 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 335
client-protocol: quic
last-modified: Thu, 12 Nov 2020 23:58:17 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Wed, 04 Aug 2021 08:14:37 GMT

GET
H3-29 200 videoplayback Show response
r5---sn-4g5edne7.googlevideo.com/ Frame 1E3B 5 KB
5 KB 6ms
6ms XHR
video/webm 2a00:1450:4001:44::b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2840754e/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:44::b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

7be21c49aaa8ea66511ea9f790739f65954b1f6e45949207123f2faf63816806

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 08:14:37 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4855
client-protocol: quic
last-modified: Thu, 12 Nov 2020 23:58:17 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Wed, 04 Aug 2021 08:14:37 GMT

GET
H3-29 200 videoplayback Show response
r5---sn-4g5edne7.googlevideo.com/ Frame 1E3B 370 KB
370 KB 6ms
6ms XHR
video/webm 2a00:1450:4001:44::b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2840754e/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:44::b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

06c9f121ebf10be85f9eff11e3dee1c8abc830eca2cab4f33577b58df4ea222f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 08:14:37 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379003
client-protocol: quic
last-modified: Thu, 12 Nov 2020 23:58:17 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Wed, 04 Aug 2021 08:14:37 GMT

GET
H3-29 200 videoplayback Show response
r5---sn-4g5edne7.googlevideo.com/ Frame 1E3B 425 KB
425 KB 6ms
6ms XHR
video/webm 2a00:1450:4001:44::b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2840754e/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:44::b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

fdcc7428fea8a512aa0a0215b5cc03c1e83708f7f886a7ab65e7b34e6f308c48

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 08:14:37 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 435613
client-protocol: quic
last-modified: Thu, 12 Nov 2020 23:58:17 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Wed, 04 Aug 2021 08:14:37 GMT

POST
H3-29 204 qoe
www.youtube.com/api/stats/ Frame 1E3B 0
19 B 14ms
14ms Ping
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=247&afmt=250&cpn=SaCVq6jT3c3EY8ht&ei=bUwKYf6BEsaR8gPS9oLIDQ&el=embedded&docid=0FPhCyj8h34&ns=yt&fexp=23940237%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24036236%2C24045411%2C24047387%2C24053866%2C24058812%2C24060921%2C24074015%2C24082773&cl=387635908&seq=2&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210801.0.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&cat=itdrm&user_intent=0.011&vfs=0.283:247:247:244:r&view=0.283:2134:1200&vps=0.283:S,0.283:S&bwm=0.283:1184761:0.311&bwe=0.283:1183087&bat=0.283:1:1&cmt=0.283:0.023&bh=0.283:0.000&df=0.283:0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2840754e/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 04 Aug 2021 08:14:37 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 videoplayback Show response
r5---sn-4g5edne7.googlevideo.com/ Frame 1E3B 2 MB
2 MB 49ms
49ms XHR
video/webm 2a00:1450:4001:44::b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5edne7.googlevideo.com/videoplayback?expire=1628086477&ei=bUwKYf6BEsaR8gPS9oLIDQ&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-AJfaWuMKJtF0SEY9s2HU50Mc2jUiAhC9llttn0P0unTd&itag=247&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=56&mm=31%2C29&mn=sn-4g5edne7%2Csn-4g5e6nsr&ms=au%2Crdu&mv=m&mvi=5&pl=48&initcwndbps=591250&vprv=1&mime=video%2Fwebm&ns=pFanmRzzpEF48BKMzhXeob4G&gir=yes&clen=4285326&dur=35.000&lmt=1605225497684328&mt=1628064546&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=qZdfMzUyeWUGXw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgEhXfrlhb1d23zElfqDR3aYvKlcy0vVDs_S6PBaxwrKYCIGfuvAKtfJ31p33zBa5GkugWA6JFDC6qR2fmet0D_1NY&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAKPsl4Gr5aYpFBdAtt1q9pU9XISoQ9C7VfIKnPSiJwkbAiAr5gd7j53mNDlSL_O0BYfQkynPKioaPrLgLFNaEvbYPw%3D%3D&alr=yes&cpn=SaCVq6jT3c3EY8ht&cver=1.20210801.0.0&range=2183334-3914188&rn=8&rbuf=15000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2840754e/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:44::b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

e0b6c39f3fc851bb5d109bb6d3cf30324e9bce93ded41ade5b317de5864934d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 08:14:37 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1730855
client-protocol: quic
last-modified: Thu, 12 Nov 2020 23:58:17 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Wed, 04 Aug 2021 08:14:37 GMT

GET
H3-29 204 playback
www.youtube.com/api/stats/ Frame 1E3B 0
17 B 17ms
16ms Image
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=SaCVq6jT3c3EY8ht&docid=0FPhCyj8h34&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F0FPhCyj8h34%3Fcontrols%3D0%26showinfo%3D0%26modestbranding%3D1%26wmode%3Dtransparent%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fwww.bonusmonster.net%26widgetid%3D1&cmt=0.052&ei=bUwKYf6BEsaR8gPS9oLIDQ&fmt=247&fs=0&rt=0.314&of=-_xhI4eL4MjOL53E0nwGhA&euri=https%3A%2F%2Fwww.bonusmonster.net%2F&lact=99&cl=387635908&mos=1&vm=CAEQABgEOjJBS1JhaHdCWVFaSmJ0VHhfNy1mdkdUNU04VktQZE4zTWxnVWdOSmJDbkVOTXg1LUQ3d2JKQUh3MUlTLUFLZkF4dEZpNzQxdmlpYW9EN2tzQUYwWHExN1Zsc1BCOU42R3JyUjVRZjBSb3Y4YU5pWVlTVGJHMmJzYTBxSjZDdVE&volume=100&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210801.0.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&splay=1&hl=en_US&cr=DE&len=35.021&fexp=23940237%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24036236%2C24045411%2C24047387%2C24053866%2C24058812%2C24060921%2C24074015%2C24082773&rtn=7&afmt=250&size=2134%3A1200&inview=0&muted=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Aug 2021 08:14:37 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 ptracking
www.youtube.com/ Frame 1E3B 0
19 B 15ms
14ms Image
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=0FPhCyj8h34&cpn=SaCVq6jT3c3EY8ht&ei=bUwKYf6BEsaR8gPS9oLIDQ&ptk=youtube_none&pltype=contentugc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Aug 2021 08:14:37 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 1E3B 28 B
299 B 24ms
24ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2840754e/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
X-YouTube-Client-Version: 1.20210801.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtLanE1eGNNWlRvbyjtmKmIBg%3D%3D
X-YouTube-Ad-Signals: dt=1628064877116&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2134%2C1200&vis=1&wgl=true&ca_type=image&bid=ANyPxKo_sNfL40iMplwexUXyfCFUM9BMOcK0Mh5Y85rHgyB8ClFmeHupGxPxZ16xGy0ohOs0HzW2wa64Djpv_B26Xro6Eieu4g

Response headers

date: Wed, 04 Aug 2021 08:14:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 04 Aug 2021 08:14:39 GMT

POST
H2 204 atr Show response
www.youtube.com/api/stats/ Frame 1E3B 0
191 B 17ms
17ms XHR
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=SaCVq6jT3c3EY8ht&docid=0FPhCyj8h34&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F0FPhCyj8h34%3Fcontrols%3D0%26showinfo%3D0%26modestbranding%3D1%26wmode%3Dtransparent%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fwww.bonusmonster.net%26widgetid%3D1&cmt=4.569&ei=bUwKYf6BEsaR8gPS9oLIDQ&fmt=247&fs=0&rt=4.829&of=-_xhI4eL4MjOL53E0nwGhA&euri=https%3A%2F%2Fwww.bonusmonster.net%2F&lact=4614&cl=387635908&mos=1&vm=CAEQABgEOjJBS1JhaHdCWVFaSmJ0VHhfNy1mdkdUNU04VktQZE4zTWxnVWdOSmJDbkVOTXg1LUQ3d2JKQUh3MUlTLUFLZkF4dEZpNzQxdmlpYW9EN2tzQUYwWHExN1Zsc1BCOU42R3JyUjVRZjBSb3Y4YU5pWVlTVGJHMmJzYTBxSjZDdVE&volume=100&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210801.0.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&splay=1&hl=en_US&cr=DE&len=35&fexp=23940237%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24036236%2C24045411%2C24047387%2C24053866%2C24058812%2C24060921%2C24074015%2C24082773&afmt=250&muted=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2840754e/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
X-YouTube-Client-Version: 1.20210801.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-YouTube-Ad-Signals: dt=1628064877172&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2134%2C1200&vis=1&wgl=true&ca_type=image&bid=ANyPxKo_sNfL40iMplwexUXyfCFUM9BMOcK0Mh5Y85rHgyB8ClFmeHupGxPxZ16xGy0ohOs0HzW2wa64Djpv_B26Xro6Eieu4g

Response headers

pragma: no-cache
date: Wed, 04 Aug 2021 08:14:42 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 1E3B 28 B
197 B 18ms
18ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2840754e/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
X-YouTube-Client-Version: 1.20210801.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtLanE1eGNNWlRvbyjtmKmIBg%3D%3D
X-YouTube-Ad-Signals: dt=1628064877172&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2134%2C1200&vis=1&wgl=true&ca_type=image&bid=ANyPxKo_sNfL40iMplwexUXyfCFUM9BMOcK0Mh5Y85rHgyB8ClFmeHupGxPxZ16xGy0ohOs0HzW2wa64Djpv_B26Xro6Eieu4g

Response headers

date: Wed, 04 Aug 2021 08:14:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 04 Aug 2021 08:14:44 GMT

GET
H3-29 204 watchtime
www.youtube.com/api/stats/ Frame 1E3B 0
17 B 15ms
14ms Image
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=SaCVq6jT3c3EY8ht&docid=0FPhCyj8h34&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F0FPhCyj8h34%3Fcontrols%3D0%26showinfo%3D0%26modestbranding%3D1%26wmode%3Dtransparent%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fwww.bonusmonster.net%26widgetid%3D1&cmt=6.74&ei=bUwKYf6BEsaR8gPS9oLIDQ&fmt=247&fs=0&rt=7&of=-_xhI4eL4MjOL53E0nwGhA&euri=https%3A%2F%2Fwww.bonusmonster.net%2F&lact=6786&cl=387635908&state=playing&vm=CAEQABgEOjJBS1JhaHdCWVFaSmJ0VHhfNy1mdkdUNU04VktQZE4zTWxnVWdOSmJDbkVOTXg1LUQ3d2JKQUh3MUlTLUFLZkF4dEZpNzQxdmlpYW9EN2tzQUYwWHExN1Zsc1BCOU42R3JyUjVRZjBSb3Y4YU5pWVlTVGJHMmJzYTBxSjZDdVE&volume=100%2C100&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210801.0.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&splay=1&hl=en_US&cr=DE&len=35&rtn=17&afmt=250&idpj=-4&ldpj=-21&rti=7&size=2134%3A1200&inview=0&st=0%2C0.154&et=0.052%2C6.74&muted=1%2C1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Aug 2021 08:14:44 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 qoe
www.youtube.com/api/stats/ Frame 1E3B 0
56 B 14ms
13ms Ping
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=247&afmt=250&cpn=SaCVq6jT3c3EY8ht&ei=bUwKYf6BEsaR8gPS9oLIDQ&el=embedded&docid=0FPhCyj8h34&ns=yt&fexp=23940237%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24036236%2C24045411%2C24047387%2C24053866%2C24058812%2C24060921%2C24074015%2C24082773&cl=387635908&seq=3&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210801.0.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&cmt=0.460:0.197,1.210:0.950,10.008:9.749&vps=0.460:PL,10.008:PL&bwm=10.008:1730855:0.095&bwe=10.008:2317433&bat=10.008:1:1&bh=10.008:20.303

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2840754e/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 04 Aug 2021 08:14:47 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r5---sn-4g5edne7.googlevideo.com/ Frame 1E3B 362 KB
364 KB 7ms
7ms XHR
video/webm 2a00:1450:4001:44::b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5edne7.googlevideo.com/videoplayback?expire=1628086477&ei=bUwKYf6BEsaR8gPS9oLIDQ&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-AJfaWuMKJtF0SEY9s2HU50Mc2jUiAhC9llttn0P0unTd&itag=247&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=56&mm=31%2C29&mn=sn-4g5edne7%2Csn-4g5e6nsr&ms=au%2Crdu&mv=m&mvi=5&pl=48&initcwndbps=591250&vprv=1&mime=video%2Fwebm&ns=pFanmRzzpEF48BKMzhXeob4G&gir=yes&clen=4285326&dur=35.000&lmt=1605225497684328&mt=1628064546&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=qZdfMzUyeWUGXw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgEhXfrlhb1d23zElfqDR3aYvKlcy0vVDs_S6PBaxwrKYCIGfuvAKtfJ31p33zBa5GkugWA6JFDC6qR2fmet0D_1NY&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAKPsl4Gr5aYpFBdAtt1q9pU9XISoQ9C7VfIKnPSiJwkbAiAr5gd7j53mNDlSL_O0BYfQkynPKioaPrLgLFNaEvbYPw%3D%3D&alr=yes&cpn=SaCVq6jT3c3EY8ht&cver=1.20210801.0.0&range=3914189-4285325&rn=9&rbuf=19053

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2840754e/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:44::b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

a334000f23a6314a3a93c0bba899a1ae6a3031912c789f33c0cf5ad8acd8dcb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 04 Aug 2021 08:14:48 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 371137
Last-Modified: Thu, 12 Nov 2020 23:58:17 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21289
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Wed, 04 Aug 2021 08:14:48 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: P7coHiJ6Ugo
www.bonusmonster.net/	1978-01-11 21:31:40	Name: picreel_tracker__first_visit Value: Wed%20Aug%2004%202021%2010%3A14%3A37%20GMT%2B0200%20(Central%20European%20Summer%20Time)
.youtube.com/	1970-01-20 00:33:36	Name: VISITOR_INFO1_LIVE Value: Kjq5xcMZToo
www.bonusmonster.net/	1978-01-11 21:31:40	Name: picreel_tracker__page_views Value: 1
.bonusmonster.net/	1970-01-20 00:37:12	Name: __utmz Value: 201038141.1628064877.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.bonusmonster.net/	1970-01-19 20:14:26	Name: __utmb Value: 201038141.1.10.1628064877
.bonusmonster.net/	1969-12-31 23:59:59	Name: __utmc Value: 201038141
.bonusmonster.net/	1970-01-20 13:45:36	Name: __utma Value: 201038141.642550039.1628064877.1628064877.1628064877.1
.bonusmonster.net/	1970-01-19 20:14:25	Name: __utmt Value: 1
www.bonusmonster.net/	1969-12-31 23:59:59	Name: ASPSESSIONIDCERCQCCR Value: MDGKOGLAJGKAOOOBMEDEICFO
www.bonusmonster.net/	1970-01-20 05:00:00	Name: country%5Fcode Value: %28null%29%2CINVALID%5FLICENSE%5FKEY

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app.picreel.com
assets.pcrl.co
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
fundariety.com
googleads.g.doubleclick.net
i.ytimg.com
jostlepulpstick.com
r5---sn-4g5edne7.googlevideo.com
ssl.google-analytics.com
static.doubleclick.net
stats.g.doubleclick.net
system.picreel.com
t.co
www.bonusmonster.net
www.facebook.com
www.google.com
www.sastrk.com
www.youtube.com
yt3.ggpht.com
www.facebook.com
104.244.42.133
13.224.96.120
13.226.145.90
142.4.2.77
212.102.102.5
2a00:1450:4001:44::b
2a00:1450:4001:800::200e
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2006
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2016
2a00:1450:4001:831::200a
2a00:1450:400c:c06::9d
2a03:2880:f007:8:face:b00c:0:1
35.227.247.224
52.89.139.96
67.227.207.91
041d64b0cc04518a1fe281fa28afff165d9a867ce8abebbdb7f9d6dc175e7e62
0553a94fa76b0842ce9496223c522f2991cdf7f6e4ed4b310240aa37fcba30ed
06c9f121ebf10be85f9eff11e3dee1c8abc830eca2cab4f33577b58df4ea222f
0f1cea50c3c09c442f4d6039e75f384db00aa1680907a61c0f484fc651a680a7
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12b4f4c131c2f2f4b969f2baf134b6967abb6a2c48f52b4d88bad971a44dbe90
19307946d5d21a01e4fe16453f2e51b9d7d6226458d5f7de2af9a8bfb127f05d
1c10ef15858cc766b03de36600d7bc53d0010b403c17954d229028094874100a
3361be936265f9edb5c76b6edb13485321869fb6a7e978cd0829d1aec1afc72a
36e7ee19710edcc59a662c8b1e036ee73c6f5b056860f662b1881610c3fd76e0
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
493a0a1f9cdf59c4f1513fcd3b9ca89ad53d2a324b87970ae0380115f347bdd1
4ec97f831ae0ec07f6e1d4b8a02dcb7b55c2342182e668bd995beb10e46a4f83
586c271a80aa5bc8bb492857cf13c5a25982d6ab418ddd2b1a16f30d19db0d0e
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68a626d145a6a176a36643c588a57e475b7e00d21fdcd4857f3a4bb63cc20158
6da4b97d617f094ca9c057fa82bd86df862538195ff38fdd30ad08d212afc358
703a4ac3fd0df5fd515833f3fff3cac67422afa01efa98849a8a70529aeb7f56
7195c7c88d7ec9eef6c013593d20ec2dba28a76bff85cdaa465a4e1cdd82184b
7a1dc190619b7a0a0a690508e410b0b85b9f9349d1ed2dc1f72b11b83be6af0b
7be21c49aaa8ea66511ea9f790739f65954b1f6e45949207123f2faf63816806
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
80dd70706dda21fd61f0f307061ced148acff5754433abe0b46ba5c0f611f56b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
9c6ea3761fe60f9fc525b54b15862f4b6c1c17c68732b54b24075f03c820667c
a334000f23a6314a3a93c0bba899a1ae6a3031912c789f33c0cf5ad8acd8dcb9
a5af8eb61164cca569568bb63bb183a5caf9e575b5c708c8df98850ac9395ab4
a9d0832ebd7dc54e2ddf831ff23de969788279857cb659172929889389c4291c
aa01a4fdf020f433814c36cba525594cf1a14694672d6d016a221c875151e9b6
acc944d1374ce996570a31e6757dba039ee2c656a3ebaee9ebf00609568cc8f4
ad8a13febe45815a055d0ec33cf0e9469fd66a6812a3266a301504cfdae45a9c
adf33148613cb07d00c1da3473cf3d7ce89a94c3e2075a065772bcb852f65b71
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b4e215cf2ce2e74a7f2715df662aa866de5e44949c4976a3338cc777ee89c270
be2bc6d26da90852302240de26878a19e70a27994f150a4f2b3ec70cf2ba8faa
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c65aa2b99ceeb0595c8d26af4d026a062fbfae7402667ccd7fa626e43c4f5cbc
d64bea7d525ed5fb9b6c89ad17257f77862c2b95f98efb6e8ea9ca711e411cfd
d6d06879a7bc8fd55bf92e4c3884a5a9c1c8ec5dbcae2c1b02f59f4143a145e9
d7921ef0c481a7820dde371e943eb49069b4e538410d36c8d9e8ffc8e27743de
d7a630f49eaf1053345cc546dee3d6baa9f8ca4a221b83bc52b8f456fc3b6284
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d88efbcac3e561b2df14c42fcd4ff81697ed0bcde211fffaaf90a87f3effbcbd
dbc538691560b1e1a012b22e7a6b9fef88b07b02537d90bb243889e8f7173615
dd0781e6bb34c8674680e3519f19964afacc2bb38c263ea1f0f354d497b049c4
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e0b6c39f3fc851bb5d109bb6d3cf30324e9bce93ded41ade5b317de5864934d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb351929e2fdc2c39cd893e089e7f8fbe3dd605a37fd2c13bccb5e94e84f9ad8
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f255fe4742c1ef8931c9e6686b091aff09f2522bacff1c069376ec5aae853792
f35704d0bd4b1f7c1da4844418ea46091f70cefb86d050a6aac350d9605779d1
f5fdfe8949ed43812276e30df8ffc914b777caee106c2e988d4379ba7618885e
f8b0010d017514a0e1ec3fceba8fda76bb99b120fe8f2c09dae640b35b142b24
fcc3c91f6e26d1f05dd92f6cf293b0ca557d14a98fe2d7e765812e4184949c5d
fdcc7428fea8a512aa0a0215b5cc03c1e83708f7f886a7ab65e7b34e6f308c48

www.bonusmonster.net Open in urlscan Pro 67.227.207.91 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

99 %HTTPS

62 %IPv6

18 Domains

22 Subdomains

21 IPs

5 Countries

4676 kBTransfer

6920 kBSize

11 Cookies

3 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bonusmonster.net Open in urlscan Pro
67.227.207.91 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

99 %
HTTPS

62 %
IPv6

18
Domains

22
Subdomains

21
IPs

5
Countries

4676 kB
Transfer

6920 kB
Size

11
Cookies

70 HTTP transactions
1 data transactions