urlscan.io logo urlscan.io
SecurityTrails logo

plsdonate.net Open in urlscan Pro
198.187.29.148  Public Scan

Go To Rescan Add Verdict Report
URL: https://plsdonate.net/
Submission: On May 26 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 4 countries across 18 domains to perform 47 HTTP transactions. The main IP is 198.187.29.148, located in United States and belongs to NAMECHEAP-NET, US. The main domain is plsdonate.net.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 17th 2023. Valid for: a year.
This is the only time plsdonate.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

5    198.187.29.148 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server128-1.web-hosting.com
plsdonate.net
1    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
9    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    76.76.21.21 (Walnut, United States)

ASN16509 (AMAZON-02, US)
hazem.gg
5    162.19.58.158 (France)

ASN16276 (OVH, FR)
PTR: ns3096590.ip-162-19-58.eu
i.ibb.co
1    2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)
pbs.twimg.com
1    205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
images.rbxcdn.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
3    2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:20c3:9e00:1c:8de0:8c80:21 (United States)

ASN16509 (AMAZON-02, US)
d2punpeg7vtjci.cloudfront.net
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:810::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 80
2 MB
5 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 320
jnn-pa.googleapis.com — Cisco Umbrella Rank: 209
65 KB
5 ibb.co
i.ibb.co — Cisco Umbrella Rank: 12484
3 MB
5 plsdonate.net
plsdonate.net
111 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
48 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
static.doubleclick.net — Cisco Umbrella Rank: 245
1 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3537
onesignal.com — Cisco Umbrella Rank: 1386
73 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 199
33 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2230
297 B
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 226
3 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 101
22 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
15 KB
1 cloudfront.net
d2punpeg7vtjci.cloudfront.net
6 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 696
30 KB
1 rbxcdn.com
images.rbxcdn.com — Cisco Umbrella Rank: 21945
10 KB
1 twimg.com
pbs.twimg.com — Cisco Umbrella Rank: 836
430 B
1 hazem.gg
hazem.gg
25 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
84 KB
47 18
Domain Requested by
9 www.youtube.com plsdonate.net
www.youtube.com
5 i.ibb.co plsdonate.net
5 plsdonate.net plsdonate.net
4 jnn-pa.googleapis.com www.youtube.com
3 cdnjs.cloudflare.com plsdonate.net
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 fonts.gstatic.com www.youtube.com
2 cdn.onesignal.com plsdonate.net
cdn.onesignal.com
2 region1.google-analytics.com www.googletagmanager.com
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 onesignal.com cdn.onesignal.com
1 d2punpeg7vtjci.cloudfront.net cdnjs.cloudflare.com
1 code.jquery.com plsdonate.net
1 ajax.googleapis.com plsdonate.net
1 images.rbxcdn.com plsdonate.net
1 pbs.twimg.com plsdonate.net
1 hazem.gg plsdonate.net
1 www.googletagmanager.com plsdonate.net
47 22
Subject Issuer Validity Valid
plsdonate.net
Sectigo RSA Domain Validation Secure Server CA		 2023-04-17 -
2024-04-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
hazem.gg
R3		 2023-04-21 -
2023-07-20		 3 months crt.sh
i.ibb.co
R3		 2023-04-11 -
2023-07-10		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-06 -
2023-11-06		 a year crt.sh
*.rbxcdn.com
Go Daddy Secure Certificate Authority - G2		 2023-01-10 -
2024-01-25		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://plsdonate.net/
Frame ID: E0AD81948739777B8D85A4C9CC5FC720
Requests: 25 HTTP requests in this frame

Frame: https://www.youtube.com/embed/h1Qq3eKySZc
Frame ID: CE5A286CE42D853B25D118E8C86F878E
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

How to Get Free Robux | Get 800 Robux Code

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

98 %
HTTPS

81 %
IPv6

18
Domains

22
Subdomains

22
IPs

4
Countries

6516 kB
Transfer

8200 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
plsdonate.net/ 		225 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://plsdonate.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.187.29.148 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server128-1.web-hosting.com
Software
LiteSpeed / PHP/8.0.28
Resource Hash
a7389b9996faccd907882254a7a1c09809a7e4267c09d1d63be5c05d560b971d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 26 May 2023 19:05:17 GMT
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/8.0.28
x-turbo-charged-by
LiteSpeed
js
www.googletagmanager.com/gtag/ 		247 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3WJF997W0V
Requested by
Host: plsdonate.net
URL: https://plsdonate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
072a7c5dd0aaaff90c84eed6975c323c67e99490f1ca2bd3bcda89ec13cf9c1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plsdonate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 19:05:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85966
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 26 May 2023 19:05:17 GMT
collect
region1.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3WJF997W0V&gtm=45je35o0&_p=2002075445&cid=1574382990.1685127917&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1685127917&sct=1&seg=0&dl=https%3A%2F%2Fplsdonate.net%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3WJF997W0V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plsdonate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 19:05:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://plsdonate.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
reset.min.css
cdnjs.cloudflare.com/ajax/libs/meyer-reset/2.0/ 		773 B
681 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/meyer-reset/2.0/reset.min.css
Requested by
Host: plsdonate.net
URL: https://plsdonate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plsdonate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 19:05:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
9660298
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
333
last-modified
Mon, 04 May 2020 16:13:23 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f23-305"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FkRWj%2Bu%2Fd44wlyXtymkvm7eFnxoGmvfwA%2BRgXs%2BE%2B%2BUR9q2eISlpJ76fue5lvsHBuv8BRaHWbhCnchIMkbs6xsFXzXz5WEb3NMF%2BFPWTR8OGWrAABkhaCzhsKq2Ft06QuGT80iH4n%2B%2FO1QL24PU9CP2H"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7cd849eda9f43651-FRA
expires
Wed, 15 May 2024 19:05:17 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: plsdonate.net
URL: https://plsdonate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plsdonate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 19:05:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1908451
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QFhAPX%2Bpguvoctv9vI8MSKfO0uZijUPFX8cMDBhXkUOynH%2BPF5PQFUEMRb2KD5TCzXyJaCDP1ybuBRCSf8BsEJMMlsiIqdByY%2BpI%2F5OFpm%2BaTMxCTZsFVhomBzc3x5BkO3AjhvDDXvM0iyCLXbeWu%2B3p"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7cd849eda9f73651-FRA
expires
Wed, 15 May 2024 19:05:17 GMT
style.css
plsdonate.net/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://plsdonate.net/style.css
Requested by
Host: plsdonate.net
URL: https://plsdonate.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.187.29.148 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server128-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
3334af42472bd74497fb0ae805c304994f7972ef2c6d3e674b3ccb1199c7442d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plsdonate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 19:05:17 GMT
content-encoding
br
last-modified
Sat, 13 May 2023 14:02:49 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
2507
expires
Fri, 02 Jun 2023 19:05:17 GMT
h1Qq3eKySZc
www.youtube.com/embed/ Frame CE5A 		72 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/h1Qq3eKySZc
Requested by
Host: plsdonate.net
URL: https://plsdonate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ac2a30e8e61d33f223b9d0abb553e2fb11f453aaf9eb9c6a2cd41d229e07bb2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://plsdonate.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Fri, 26 May 2023 19:05:17 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
hzmico.png
hazem.gg/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hazem.gg/hzmico.png
Requested by
Host: plsdonate.net
URL: https://plsdonate.net/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
ac22853c9547333d1b591784adcdf9aef589ce3dfa3c155bb0884f18b699190f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plsdonate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 19:05:17 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::t6rq5-1685127917740-d2588f9dcd81
age
1811492
etag
"b20b472df9871699e1f46647a8bb10d3"
x-vercel-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="hzmico.png"
accept-ranges
bytes
content-length
25475
animation-500-lh9650hw.gif
i.ibb.co/z7kCMRh/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/z7kCMRh/animation-500-lh9650hw.gif
Requested by
Host: plsdonate.net
URL: https://plsdonate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.158 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096590.ip-162-19-58.eu
Software
nginx /
Resource Hash
c33cc1c92e84af6459423842bdee2a8577ba3ce659da736a6de29a21b7364dc7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plsdonate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 19:05:17 GMT
last-modified
Thu, 04 May 2023 13:35:01 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
3172077
expires
Thu, 31 Dec 2037 23:55:55 GMT
t-l-chargement.jpg
i.ibb.co/10pT9Yx/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/10pT9Yx/t-l-chargement.jpg
Requested by
Host: plsdonate.net
URL: https://plsdonate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.158 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096590.ip-162-19-58.eu
Software
nginx /
Resource Hash
e4efcd23bbf2cde0f0df88a9ba3007d5fb7ad122ebe348095fd2123579d6e713

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plsdonate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 19:05:17 GMT
last-modified
Sat, 06 May 2023 14:53:38 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
11269
expires
Thu, 31 Dec 2037 23:55:55 GMT
6b-9pBpI_400x400.jpg
pbs.twimg.com/profile_images/1579442355811360768/ 		0
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1579442355811360768/6b-9pBpI_400x400.jpg
Requested by
Host: plsdonate.net
URL: https://plsdonate.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668C) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plsdonate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 19:05:17 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
21
x-cache
MISS
server-timing
x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length
0
x-response-time
112
last-modified
Fri, 26 May 2023 19:04:57 GMT
server
ECS (frb/668C)
x-tw-cdn
VZ, VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
9fd9829346c53356
access-control-expose-headers
Content-Length
cache-control
max-age=300, must-revalidate
perf
7626143928
x-connection-hash
d891d2c45eeb1f81d4e118ce8d735a3d81dd2d42b75c389316552dec3521847d
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
fab3a9d08d254fef4aea4408d4db1dfe-loading_dark.gif
images.rbxcdn.com/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.rbxcdn.com/fab3a9d08d254fef4aea4408d4db1dfe-loading_dark.gif
Requested by
Host: plsdonate.net
URL: https://plsdonate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
3b62b9ae0092be12291d7c0c16e00f10b5c9de9b4bc5060ff61f3037363d64f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plsdonate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 19:05:17 GMT
last-modified
Tue, 19 Mar 2019 20:13:02 GMT
etag
"fab3a9d08d254fef4aea4408d4db1dfe"
x-hw
1685127917.dop225.fr8.t,1685127917.cds201.fr8.hn,1685127917.cds011.fr8.c
content-type
image/gif
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
10013
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: plsdonate.net
URL: https://plsdonate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plsdonate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 07:57:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40038
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 May 2024 07:57:59 GMT
script.js
plsdonate.net/ 		630 B
518 B 		Script
General
Check archive.org
Download Go to
Full URL
https://plsdonate.net/script.js
Requested by
Host: plsdonate.net
URL: https://plsdonate.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.187.29.148 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server128-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
03ca37eb1367c0f95e73ff550bdb6158647770e4e442445a17788f0c9cf77715

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plsdonate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 19:05:17 GMT
content-encoding
br
last-modified
Fri, 31 Mar 2023 14:37:40 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
284
expires
Fri, 02 Jun 2023 19:05:17 GMT
jquery-3.6.1.min.js
code.jquery.com/ 		88 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.1.min.js
Requested by
Host: plsdonate.net
URL: https://plsdonate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer
https://plsdonate.net/
Origin
https://plsdonate.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 19:05:17 GMT
content-encoding
gzip
last-modified
Fri, 26 Aug 2022 17:36:05 GMT
server
nginx
etag
W/"63090485-15e40"
vary
Accept-Encoding
x-hw
1685127917.dop243.fr8.t,1685127917.cds260.fr8.hn,1685127917.cds258.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30957
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: plsdonate.net
URL: https://plsdonate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plsdonate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 19:05:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3374867
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
26660
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-14983"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfTH21ti2k3vx%2BCfS9DMF8AccMgC1frr8vHcqji%2FHQuWfdlEFvcxi9cXwvvDAX8XKt4telW78uEQYreRK8oq6lC1AO9pwQ%2B6Qr3c1s9YGl9k9r%2BzuCA91jsPCPlJQ2suWSbZD1p0IByaBE74zZmpDZdo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7cd849eda9f83651-FRA
expires
Wed, 15 May 2024 19:05:17 GMT
scriptt.js
plsdonate.net/ 		693 B
472 B 		Script
General
Check archive.org
Download Go to
Full URL
https://plsdonate.net/scriptt.js
Requested by
Host: plsdonate.net
URL: https://plsdonate.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.187.29.148 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server128-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
73eef03bcd2bfc62c86a25e5e2b8978055f20fc75274df2c4038a6df4acfebaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plsdonate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 19:05:17 GMT
content-encoding
br
last-modified
Tue, 04 Apr 2023 20:48:36 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
238
expires
Fri, 02 Jun 2023 19:05:17 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: plsdonate.net
URL: https://plsdonate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plsdonate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 19:05:17 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2555
etag
W/"06f50014011c1fcd9e21b6b0481979de"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7cd849edcfbd5c4a-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Mon, 29 May 2023 19:05:17 GMT
www-player.css
www.youtube.com/s/player/bbe1b497/ Frame CE5A 		406 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/bbe1b497/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/h1Qq3eKySZc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2da3463d43c823fbf9a6df6c58b0bca86f25083def66cd532f31b114b997df04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/h1Qq3eKySZc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 15:02:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
14591
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48702
x-xss-protection
0
last-modified
Wed, 24 May 2023 01:49:18 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 25 May 2024 15:02:06 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CE5A 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/h1Qq3eKySZc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 19:55:37 GMT
x-content-type-options
nosniff
age
256180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 May 2024 19:55:37 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CE5A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/h1Qq3eKySZc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 22:41:31 GMT
x-content-type-options
nosniff
age
505426
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 22:41:31 GMT
www-embed-player.js
www.youtube.com/s/player/bbe1b497/www-embed-player.vflset/ Frame CE5A 		306 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/bbe1b497/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/h1Qq3eKySZc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66c28207b52ebc8b2daba1a02dfdb35cba26b0538410e5b696805263d016c52b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/h1Qq3eKySZc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 18:53:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
735
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94068
x-xss-protection
0
last-modified
Wed, 24 May 2023 01:49:18 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 25 May 2024 18:53:02 GMT
base.js
www.youtube.com/s/player/bbe1b497/player_ias.vflset/de_DE/ Frame CE5A 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/bbe1b497/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/h1Qq3eKySZc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0db6316bfc22e5288ea3f2cb95ed6cf7914c2e1bce29532b24c457f7ec9fddac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/h1Qq3eKySZc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 13:22:02 GMT
x-content-type-options
nosniff
age
20595
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2381999
x-xss-protection
0
last-modified
Wed, 24 May 2023 01:49:18 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 25 May 2024 13:22:02 GMT
fetch-polyfill.js
www.youtube.com/s/player/bbe1b497/fetch-polyfill.vflset/ Frame CE5A 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/bbe1b497/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/h1Qq3eKySZc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/h1Qq3eKySZc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 18:33:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
1906
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2625
x-xss-protection
0
last-modified
Wed, 24 May 2023 01:49:18 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 25 May 2024 18:33:31 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plsdonate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 19:05:17 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2555
etag
W/"2cf94922e2d551e8dc7c38c022a9a3ca"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7cd849ef19b55c4a-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Mon, 29 May 2023 19:05:17 GMT
feed.php
d2punpeg7vtjci.cloudfront.net/public/offers/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2punpeg7vtjci.cloudfront.net/public/offers/feed.php?user_id=178709&api_key=da5944c8b54c6b2177278c65dbe776a3&s1=&s2=&callback=jQuery21300758340890390452_1685127917904&_=1685127917905
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:9e00:1c:8de0:8c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
aef4bea43d40fd8557e1d4de7e7987392349b9c58ed23ebfbb556dfd7aa18e63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plsdonate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 19:05:18 GMT
via
1.1 81f038b63d8af92c2b360530d51919c2.cloudfront.net (CloudFront)
server
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
MUC50-C1
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
content-length
5802
x-amz-cf-id
qi_kEevcsYKf-qfF1u5LW3UcPM-ojjARTVWgQsGJ3lFUwkgOZTxENQ==
web
onesignal.com/api/v1/sync/7d37acf7-c4ea-4e4c-bd07-91bc7323588b/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/7d37acf7-c4ea-4e4c-bd07-91bc7323588b/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c518576a774ec3cd50eddd4074d4b8c70ffb761789fa9fd3e229af9d8b243074
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plsdonate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 19:05:18 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
3419
cf-polished
origSize=3283
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
394aec77-8baa-4b03-8e82-f12bec53fc66
x-runtime
0.034928
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"a3b3d86bd3eb37fdc49812abe812c57b"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
7cd849f01b6e5c4a-FRA
access-control-allow-headers
SDK-Version
expires
Fri, 26 May 2023 20:05:18 GMT
id
googleads.g.doubleclick.net/pagead/ Frame CE5A
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/h1Qq3eKySZc
Protocol
H2
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51d14f075ac378c1cc49364f210a4204fb2c183c4e912199b6b76298d888b4d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 19:05:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 26 May 2023 19:05:18 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame CE5A 		29 B
496 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/bbe1b497/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 18:57:58 GMT
x-content-type-options
nosniff
age
440
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 May 2023 19:12:58 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 26 May 2023 19:05:18 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CE5A 		68 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/bbe1b497/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c937a92feb6485963d8444407390154b10868808d8d46396080c98abbc3c8e58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 26 May 2023 19:05:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31804
x-xss-protection
0
remote.js
www.youtube.com/s/player/bbe1b497/player_ias.vflset/de_DE/ Frame CE5A 		116 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/bbe1b497/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/bbe1b497/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
483dc5a81a52ea9899634e28b902797da30a324ee2c671564ede9e51ae1e820d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/h1Qq3eKySZc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 15:05:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
187193
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33614
x-xss-protection
0
last-modified
Wed, 24 May 2023 01:49:18 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 23 May 2024 15:05:25 GMT
JF2eii1kyhF9uLrjdHdlzksnpph7hdM6Lhf1MY88MeI.js
www.google.com/js/th/ Frame CE5A 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/JF2eii1kyhF9uLrjdHdlzksnpph7hdM6Lhf1MY88MeI.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/bbe1b497/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
245d9e8a2d64ca117db8bae3747765ce4b27a6987b85d33a2e17f5318f3c31e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 05:05:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
223160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14838
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 May 2024 05:05:58 GMT
sddefault.jpg
i.ytimg.com/vi/h1Qq3eKySZc/ Frame CE5A 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/h1Qq3eKySZc/sddefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/h1Qq3eKySZc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84e2de72eb0b959267042574b879a804e4fc60a96a7d0a2104691108803a0383
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 19:05:18 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22176
x-xss-protection
0
server
sffe
etag
"1683733861"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 26 May 2023 21:05:18 GMT
embed.js
www.youtube.com/s/player/bbe1b497/player_ias.vflset/de_DE/ Frame CE5A 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/bbe1b497/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/bbe1b497/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d5754da18262019c8a31bbb8b1274b43a56547f78ec5b3a47dd2b01fbba86ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/h1Qq3eKySZc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 17:49:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
4572
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8335
x-xss-protection
0
last-modified
Wed, 24 May 2023 01:49:18 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 25 May 2024 17:49:06 GMT
truncated
/ Frame CE5A 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
d-OizMrD8dVGYpywVBcB19qKaQ-QUnT5csfIVwRXkUweJdKuoY2RJfXpQ10SgvgQij3mXt2O8g=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame CE5A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/d-OizMrD8dVGYpywVBcB19qKaQ-QUnT5csfIVwRXkUweJdKuoY2RJfXpQ10SgvgQij3mXt2O8g=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/h1Qq3eKySZc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9bf1e64dafa601f6d9d924a6ef1d0106049be59599a302da80510b674f271817
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 17:28:07 GMT
x-content-type-options
nosniff
age
5831
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2916
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 27 May 2023 17:28:07 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame CE5A 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/bbe1b497/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 19:05:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 26 May 2023 19:05:18 GMT
generate_204
www.youtube.com/ Frame CE5A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?MN7dwA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/h1Qq3eKySZc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/h1Qq3eKySZc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 19:05:18 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 26 May 2023 19:05:18 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CE5A 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/bbe1b497/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
df840c9d3011d2b6dd6209ded54b6a683731724a4aa5657ecf905ec51ce1e6f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 26 May 2023 19:05:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
cast_sender.js
www.gstatic.com/eureka/clank/113/ Frame CE5A 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/113/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a54e29a4b1f0cdf4f5cb2e77963987ff5051d96515bf7ee4cf0a17a28756539
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 04:10:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53715
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15228
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 15:06:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sat, 27 May 2023 04:10:03 GMT
textfile.txt
plsdonate.net/ 		163 KB
45 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://plsdonate.net/textfile.txt
Requested by
Host: plsdonate.net
URL: https://plsdonate.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.187.29.148 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server128-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
c0c095e632c8efb7d2077585d2d10012cecc30719b91b94b744be85b1dda3fb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plsdonate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 19:05:19 GMT
content-encoding
br
last-modified
Tue, 28 Feb 2023 22:20:25 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/plain
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
45567
log_event
www.youtube.com/youtubei/v1/ Frame CE5A 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/bbe1b497/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
X-Goog-Request-Time
1685127920689
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/h1Qq3eKySZc
X-YouTube-Client-Version
1.20230523.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtYZTZwNS0zMTE5SSjthcSjBg%3D%3D
X-YouTube-Ad-Signals
dt=1685127917956&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C400%2C230&vis=1&wgl=true&ca_type=image

Response headers

date
Fri, 26 May 2023 19:05:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Fri, 26 May 2023 19:05:20 GMT
juyjfu-1.gif
i.ibb.co/cF4k9df/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/cF4k9df/juyjfu-1.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.158 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096590.ip-162-19-58.eu
Software
nginx /
Resource Hash
18c3f99486a8d5140792039e9c630385bf4effa93a6b26fcaaecb2e0c1039c44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plsdonate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 19:05:21 GMT
last-modified
Wed, 01 Mar 2023 14:51:46 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
113185
expires
Thu, 31 Dec 2037 23:55:55 GMT
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3WJF997W0V&gtm=45je35o0&_p=2002075445&cid=1574382990.1685127917&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=2&sid=1685127917&sct=1&seg=0&dl=https%3A%2F%2Fplsdonate.net%2F&dt=&en=scroll&epn.percent_scrolled=90&_et=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3WJF997W0V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plsdonate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 19:05:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://plsdonate.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
juyjfu-1.gif
i.ibb.co/cF4k9df/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/cF4k9df/juyjfu-1.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.158 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096590.ip-162-19-58.eu
Software
nginx /
Resource Hash
18c3f99486a8d5140792039e9c630385bf4effa93a6b26fcaaecb2e0c1039c44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plsdonate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 19:05:24 GMT
last-modified
Wed, 01 Mar 2023 14:51:46 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
113185
expires
Thu, 31 Dec 2037 23:55:55 GMT
juyjfu-1.gif
i.ibb.co/cF4k9df/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/cF4k9df/juyjfu-1.gif
Requested by
Host: plsdonate.net
URL: https://plsdonate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.158 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096590.ip-162-19-58.eu
Software
nginx /
Resource Hash
18c3f99486a8d5140792039e9c630385bf4effa93a6b26fcaaecb2e0c1039c44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plsdonate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 19:05:25 GMT
last-modified
Wed, 01 Mar 2023 14:51:46 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
113185
expires
Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| textArray number| currentIndex function| changeText object| endTime function| $ function| jQuery function| checkLeads function| generateCode function| toggleText function| updateMessage function| initparticles function| confetti number| amount function| between object| colors number| current function| createConfetti function| animate function| closeMessage function| OneSignal number| targetHours number| targetMinutes object| targetTime number| targetMs number| totalSeconds function| updateCountdown undefined| jQuery21300758340890390452_1685127917904 number| __oneSignalSdkLoadCount function| __jp0

5 Cookies

Domain/Path Name / Value
.plsdonate.net/ Name: _ga
Value: GA1.1.1574382990.1685127917
.plsdonate.net/ Name: _ga_3WJF997W0V
Value: GS1.1.1685127917.1.0.1685127917.0.0.0
.onesignal.com/ Name: __cf_bm
Value: hI15Vk6BkBgpdCco7hsI5irwRkNBZ4BlHU9DU97EN8s-1685127917-0-AWpkvekRJZGN8uV7qLzChMJoYvSd3WL36a4tAA+pO/VD5qmdtf40q/WI/qQgvrVcMMwG3XgXuOG2Lm+OKo8OPOg=
.youtube.com/ Name: YSC
Value: 00Qr49Y1YhU
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: Xe6p5-3119I

3 Console Messages

Source Level URL
Text
other warning URL: https://plsdonate.net/(Line 269)
Message:
Unrecognized feature: 'web-share'.
network error URL: https://pbs.twimg.com/profile_images/1579442355811360768/6b-9pBpI_400x400.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.onesignal.com
cdnjs.cloudflare.com
code.jquery.com
d2punpeg7vtjci.cloudfront.net
fonts.gstatic.com
googleads.g.doubleclick.net
hazem.gg
i.ibb.co
i.ytimg.com
images.rbxcdn.com
jnn-pa.googleapis.com
onesignal.com
pbs.twimg.com
plsdonate.net
region1.google-analytics.com
static.doubleclick.net
www.google.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
162.19.58.158
198.187.29.148
2001:4860:4802:32::36
2001:4de0:ac18::1:a:3a
205.185.216.10
2600:9000:20c3:9e00:1c:8de0:8c80:21
2606:2800:134:1a0d:1429:742:782:b6
2606:4700::6811:180e
2606:4700::6812:d63b
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:810::2016
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:811::200e
2a00:1450:4001:813::2006
2a00:1450:4001:827::2003
2a00:1450:4001:828::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2003
76.76.21.21
03ca37eb1367c0f95e73ff550bdb6158647770e4e442445a17788f0c9cf77715
072a7c5dd0aaaff90c84eed6975c323c67e99490f1ca2bd3bcda89ec13cf9c1c
0db6316bfc22e5288ea3f2cb95ed6cf7914c2e1bce29532b24c457f7ec9fddac
18c3f99486a8d5140792039e9c630385bf4effa93a6b26fcaaecb2e0c1039c44
194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
245d9e8a2d64ca117db8bae3747765ce4b27a6987b85d33a2e17f5318f3c31e2
2a54e29a4b1f0cdf4f5cb2e77963987ff5051d96515bf7ee4cf0a17a28756539
2da3463d43c823fbf9a6df6c58b0bca86f25083def66cd532f31b114b997df04
3334af42472bd74497fb0ae805c304994f7972ef2c6d3e674b3ccb1199c7442d
3b62b9ae0092be12291d7c0c16e00f10b5c9de9b4bc5060ff61f3037363d64f5
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
483dc5a81a52ea9899634e28b902797da30a324ee2c671564ede9e51ae1e820d
51d14f075ac378c1cc49364f210a4204fb2c183c4e912199b6b76298d888b4d6
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66c28207b52ebc8b2daba1a02dfdb35cba26b0538410e5b696805263d016c52b
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
73eef03bcd2bfc62c86a25e5e2b8978055f20fc75274df2c4038a6df4acfebaa
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d5754da18262019c8a31bbb8b1274b43a56547f78ec5b3a47dd2b01fbba86ef
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e
84e2de72eb0b959267042574b879a804e4fc60a96a7d0a2104691108803a0383
9bf1e64dafa601f6d9d924a6ef1d0106049be59599a302da80510b674f271817
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a7389b9996faccd907882254a7a1c09809a7e4267c09d1d63be5c05d560b971d
ac22853c9547333d1b591784adcdf9aef589ce3dfa3c155bb0884f18b699190f
ac2a30e8e61d33f223b9d0abb553e2fb11f453aaf9eb9c6a2cd41d229e07bb2e
ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069
aef4bea43d40fd8557e1d4de7e7987392349b9c58ed23ebfbb556dfd7aa18e63
c0c095e632c8efb7d2077585d2d10012cecc30719b91b94b744be85b1dda3fb3
c33cc1c92e84af6459423842bdee2a8577ba3ce659da736a6de29a21b7364dc7
c518576a774ec3cd50eddd4074d4b8c70ffb761789fa9fd3e229af9d8b243074
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
c937a92feb6485963d8444407390154b10868808d8d46396080c98abbc3c8e58
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
df840c9d3011d2b6dd6209ded54b6a683731724a4aa5657ecf905ec51ce1e6f1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4efcd23bbf2cde0f0df88a9ba3007d5fb7ad122ebe348095fd2123579d6e713
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9