urlscan.io logo urlscan.io
SecurityTrails logo

www.bonusmonster.net Open in urlscan Pro
67.227.207.91  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/3hLkpIf#redirect.html?od=1sya60f59451a7850_vl_conv_s1vl_11i4.2ihnlic.U0000rgodii19i100k_x11350.g...
Effective URL: https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
Submission: On July 31 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 4 countries across 18 domains to perform 69 HTTP transactions. The main IP is 67.227.207.91, located in United States and belongs to LIQUIDWEB, US. The main domain is www.bonusmonster.net.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 16th 2019. Valid for: 2 years.
This is the only time www.bonusmonster.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 396982 (GOOGLE-PR...)
2 3 92.204.241.226 29066 (VELIANET-...)
1 70.32.24.175 55293 (A2HOSTING)
2 35.227.247.224 15169 (GOOGLE)
1 16 67.227.207.91 32244 (LIQUIDWEB)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.224.193.75 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
3 13.225.87.34 16509 (AMAZON-02)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 35.167.195.195 16509 (AMAZON-02)
69 21
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
3    92.204.241.226 (Strasbourg, France)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
PTR: mouretta.com
mouretta.com
1    70.32.24.175 (United States)

ASN55293 (A2HOSTING, US)
PTR: server.anastasia.com
brubuselfish.com
2    35.227.247.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.247.227.35.bc.googleusercontent.com
www.sastrk.com
16    67.227.207.91 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host1.yoursiteby.me
www.bonusmonster.net
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    13.224.193.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-75.fra2.r.cloudfront.net
assets.pcrl.co
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
4    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
21    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
3    13.225.87.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-34.fra2.r.cloudfront.net
system.picreel.com
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
8    2a00:1450:4001:44::b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r5---sn-4g5edne7.googlevideo.com
1    35.167.195.195 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-195-195.us-west-2.compute.amazonaws.com
app.picreel.com
Domain Requested by
21 www.youtube.com www.bonusmonster.net
www.youtube.com
16 www.bonusmonster.net 1 redirects www.bonusmonster.net
8 r5---sn-4g5edne7.googlevideo.com www.youtube.com
4 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
3 system.picreel.com assets.pcrl.co
system.picreel.com
3 mouretta.com 2 redirects
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 ssl.google-analytics.com 1 redirects www.bonusmonster.net
2 connect.facebook.net www.bonusmonster.net
connect.facebook.net
2 www.sastrk.com brubuselfish.com
1 app.picreel.com system.picreel.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 stats.g.doubleclick.net www.bonusmonster.net
1 assets.pcrl.co www.bonusmonster.net
1 ajax.googleapis.com www.bonusmonster.net
1 fonts.googleapis.com www.bonusmonster.net
1 brubuselfish.com mouretta.com
1 bit.ly 1 redirects
0 www.facebook.com Failed connect.facebook.net
69 22

This site contains links to these domains. Also see Links.

Domain
www.gambleaware.co.uk
www.gamcare.org.uk
www.picreel.com
Subject Issuer Validity Valid
brubuselfish.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-19 -
2021-12-05		 a year crt.sh
sastrk.com
Go Daddy Secure Certificate Authority - G2		 2021-07-12 -
2022-02-24		 7 months crt.sh
bonusmonster.net
Go Daddy Secure Certificate Authority - G2		 2019-10-16 -
2021-10-16		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2021-07-05 -
2021-09-27		 3 months crt.sh
assets.pcrl.co
Amazon		 2021-06-11 -
2022-07-10		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-20 -
2021-10-18		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
system.picreel.com
Amazon		 2020-12-27 -
2022-01-25		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2021-07-20 -
2021-09-28		 2 months crt.sh
*.picreel.com
Amazon		 2020-12-27 -
2022-01-25		 a year crt.sh

This page contains 4 frames:

Primary Page: https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
Frame ID: AE7CD9D0BBC23CD61DAEAD24C534B7E6
Requests: 34 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
Frame ID: C6972A4A02EA2377A0297EB6A52BE67F
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
Frame ID: 437CF614ACB681CAA40F09576A0C36D6
Requests: 34 HTTP requests in this frame

Frame: https://app.picreel.com/api/get_template?source_url=https%253A%252F%252Fwww.bonusmonster.net%252F1%252F%253Ft%253Dss12-58_690118%2526email%253D&source_host=https%253A%252F%252Fwww.bonusmonster.net&templateId=&userAgent=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F89.0.4389.72%2520Safari%252F537.36&referrer=&screenWight=1600&screenHeight=1200&pv=&pp=&sv=&sp=&nv=&np=&rb=&ret=&utm_source=Picreel&utm_medium=display&utm_campaign=Picreel
Frame ID: 5865BCAEEF42DDA93E999F12B547B327
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bit.ly/3hLkpIf HTTP 301
    http://mouretta.com/short HTTP 301
    http://mouretta.com/short/ Page URL
  2. http://mouretta.com/redirect.html?od=1sya60f59451a7850_vl_conv_s1vl_11i4.2ihnlic.U0000rgodii19i1... HTTP 302
    https://brubuselfish.com/1761d2529dd849e8000/SHSHSHSSH_11i60f59451b52d5/ya11i%7CM21unJj=%7Cgodii%7C0v... Page URL
  3. https://www.sastrk.com/3LPDKC/9F3647/?uid=135&sub1=690118&sub2=1173159639 Page URL
  4. https://www.sastrk.com/metarefresh?t=aHR0cDovL3d3dy5ib251c21vbnN0ZXIubmV0LzEvP3Q9c3MxMi01OF82OTAxMT... Page URL
  5. http://www.bonusmonster.net/1/?t=ss12-58_690118&email= HTTP 301
    https://www.bonusmonster.net/1/?t=ss12-58_690118&email= Page URL

Page Statistics

69
Requests

97 %
HTTPS

65 %
IPv6

18
Domains

22
Subdomains

21
IPs

4
Countries

5400 kB
Transfer

7633 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3hLkpIf HTTP 301
    http://mouretta.com/short HTTP 301
    http://mouretta.com/short/ Page URL
  2. http://mouretta.com/redirect.html?od=1sya60f59451a7850_vl_conv_s1vl_11i4.2ihnlic.U0000rgodii19i100k_x11350.godiiMHZ4cmR5LTBpajB0OWE0z7eDn HTTP 302
    https://brubuselfish.com/1761d2529dd849e8000/SHSHSHSSH_11i60f59451b52d5/ya11i%7CM21unJj=%7Cgodii%7C0vxrdy%7C0ij0t9a%7C58969%7C0000rgodii%7CU%7CDzy6pTS0nS9coaEypt==%7CPC%7C2stohmq/p3yuAwOzAGx0AGSuAmt1ZS92oS9wo252K3ZkqzksZGScAN== Page URL
  3. https://www.sastrk.com/3LPDKC/9F3647/?uid=135&sub1=690118&sub2=1173159639 Page URL
  4. https://www.sastrk.com/metarefresh?t=aHR0cDovL3d3dy5ib251c21vbnN0ZXIubmV0LzEvP3Q9c3MxMi01OF82OTAxMTgmZW1haWw9 Page URL
  5. http://www.bonusmonster.net/1/?t=ss12-58_690118&email= HTTP 301
    https://www.bonusmonster.net/1/?t=ss12-58_690118&email= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bit.ly/3hLkpIf HTTP 301
  • http://mouretta.com/short HTTP 301
  • http://mouretta.com/short/
Request Chain 1
  • http://mouretta.com/redirect.html?od=1sya60f59451a7850_vl_conv_s1vl_11i4.2ihnlic.U0000rgodii19i100k_x11350.godiiMHZ4cmR5LTBpajB0OWE0z7eDn HTTP 302
  • https://brubuselfish.com/1761d2529dd849e8000/SHSHSHSSH_11i60f59451b52d5/ya11i%7CM21unJj=%7Cgodii%7C0vxrdy%7C0ij0t9a%7C58969%7C0000rgodii%7CU%7CDzy6pTS0nS9coaEypt==%7CPC%7C2stohmq/p3yuAwOzAGx0AGSuAmt1ZS92oS9wo252K3ZkqzksZGScAN==
Request Chain 27
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=627212399&utmhn=www.bonusmonster.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=BonusMonster.net&utmhid=1945140245&utmr=-&utmp=%2F1%2F%3Ft%3Dss12-58_690118%26email%3D&utmht=1627740289351&utmac=UA-3280977-2&utmcc=__utma%3D201038141.864376742.1627740289.1627740289.1627740289.1%3B%2B__utmz%3D201038141.1627740289.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1635165775&utmredir=1&utmu=qDAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3280977-2&cid=864376742.1627740289&jid=1635165775&_v=5.7.2&z=627212399
Request Chain 30
  • https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=true&app_id=421820311166136&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc1ab5b52bb5cc%26domain%3Dwww.bonusmonster.net%26origin%3Dhttps%253A%252F%252Fwww.bonusmonster.net%252Ff3d3bc9887c7148%26relation%3Dparent.parent&container_width=485&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FNoDepositBonusNewsletter%2F&locale=en_US&sdk=joey&show_facepile=false&small_header=false&tabs= HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D421820311166136%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfc1ab5b52bb5cc%2526domain%253Dwww.bonusmonster.net%2526origin%253Dhttps%25253A%25252F%25252Fwww.bonusmonster.net%25252Ff3d3bc9887c7148%2526relation%253Dparent.parent%26container_width%3D485%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FNoDepositBonusNewsletter%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs HTTP 302
  • https://www.facebook.com/w/ HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F HTTP 302
  • https://www.facebook.com/w/ HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F HTTP 302
  • https://www.facebook.com/w/ HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F HTTP 302
  • https://www.facebook.com/w/ HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F HTTP 302
  • https://www.facebook.com/w/ HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F HTTP 302
  • https://www.facebook.com/w/ HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F HTTP 302
  • https://www.facebook.com/w/ HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F HTTP 302
  • https://www.facebook.com/w/ HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F HTTP 302
  • https://www.facebook.com/w/ HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
Request Chain 39
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

69 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
mouretta.com/short/
Redirect Chain
  • https://bit.ly/3hLkpIf
  • http://mouretta.com/short
  • http://mouretta.com/short/
578 B
907 B 		Document
General
Check archive.org
Download Go to
Full URL
http://mouretta.com/short/
Protocol
HTTP/1.1
Server
92.204.241.226 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
mouretta.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash
f1ebb16c09e1401b3a2488f0648b7081471d7b73353feb53f2528d0bb9281bd4

Request headers

Host
mouretta.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 31 Jul 2021 14:04:45 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified
Mon, 22 Jul 2019 15:07:57 GMT
ETag
"242-58e4670ed2d40"
Accept-Ranges
bytes
Content-Length
578
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Sat, 31 Jul 2021 14:04:45 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Location
http://mouretta.com/short/
Content-Length
234
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
Cookie set p3yuAwOzAGx0AGSuAmt1ZS92oS9wo252K3ZkqzksZGScAN==
brubuselfish.com/1761d2529dd849e8000/SHSHSHSSH_11i60f59451b52d5/ya11i%7CM21unJj=%7Cgodii%7C0vxrdy%7C0ij0t9a%7C58969%7C0000rgodii%7CU%7CDzy6pTS0nS9coaEypt==%7CPC%7C2stohmq/
Redirect Chain
  • http://mouretta.com/redirect.html?od=1sya60f59451a7850_vl_conv_s1vl_11i4.2ihnlic.U0000rgodii19i100k_x11350.godiiMHZ4cmR5LTBpajB0OWE0z7eDn
  • https://brubuselfish.com/1761d2529dd849e8000/SHSHSHSSH_11i60f59451b52d5/ya11i%7CM21unJj=%7Cgodii%7C0vxrdy%7C0ij0t9a%7C58969%7C0000rgodii%7CU%7CDzy6pTS0nS9coaEypt==%7CPC%7C2stohmq/p3yuAwOzAGx0AGSuAm...
136 B
449 B 		Document
General
Check archive.org
Download Go to
Full URL
https://brubuselfish.com/1761d2529dd849e8000/SHSHSHSSH_11i60f59451b52d5/ya11i%7CM21unJj=%7Cgodii%7C0vxrdy%7C0ij0t9a%7C58969%7C0000rgodii%7CU%7CDzy6pTS0nS9coaEypt==%7CPC%7C2stohmq/p3yuAwOzAGx0AGSuAmt1ZS92oS9wo252K3ZkqzksZGScAN==
Requested by
Host: mouretta.com
URL: http://mouretta.com/short/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.32.24.175 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
server.anastasia.com
Software
Apache /
Resource Hash

Request headers

Host
brubuselfish.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://mouretta.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://mouretta.com/short/#redirect.html?od=1sya60f59451a7850_vl_conv_s1vl_11i4.2ihnlic.U0000rgodii19i100k_x11350.godiiMHZ4cmR5LTBpajB0OWE0z7eDn

Response headers

Date
Sat, 31 Jul 2021 14:04:46 GMT
Server
Apache
Set-Cookie
uid10589=1173159639-20210731100447-dc728495a86fdd364b9bb7cb14033c3b-; domain=; expires=Mon, 30-Aug-2021 14:04:47 GMT; path=/; SameSite=None; Secure
Content-Length
136
Connection
close
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Sat, 31 Jul 2021 14:04:45 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By
PHP/5.4.16
Location
https://brubuselfish.com/1761d2529dd849e8000/SHSHSHSSH_11i60f59451b52d5/ya11i|M21unJj=|godii|0vxrdy|0ij0t9a|58969|0000rgodii|U|Dzy6pTS0nS9coaEypt==|PC|2stohmq/p3yuAwOzAGx0AGSuAmt1ZS92oS9wo252K3ZkqzksZGScAN==
Content-Length
0
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
/
www.sastrk.com/3LPDKC/9F3647/ 		321 B
670 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sastrk.com/3LPDKC/9F3647/?uid=135&sub1=690118&sub2=1173159639
Requested by
Host: brubuselfish.com
URL: https://brubuselfish.com/1761d2529dd849e8000/SHSHSHSSH_11i60f59451b52d5/ya11i%7CM21unJj=%7Cgodii%7C0vxrdy%7C0ij0t9a%7C58969%7C0000rgodii%7CU%7CDzy6pTS0nS9coaEypt==%7CPC%7C2stohmq/p3yuAwOzAGx0AGSuAmt1ZS92oS9wo252K3ZkqzksZGScAN==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.247.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.247.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
18171f49481e0ed7feb05f908a6c1cce86a3eb06aed9d3230a5a3b83f9b922c9

Request headers

:method
GET
:authority
www.sastrk.com
:scheme
https
:path
/3LPDKC/9F3647/?uid=135&sub1=690118&sub2=1173159639
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://brubuselfish.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://brubuselfish.com/

Response headers

server
nginx
date
Sat, 31 Jul 2021 14:04:48 GMT
content-type
text/html; charset=utf-8
content-length
321
set-cookie
uniqueClick_9F3647=f0dd974b-665d-441b-9fad-aafb4b7bc21c:1627740288; Path=/; Expires=Mon, 30 Aug 2021 14:04:48 GMT; Secure; SameSite=None transaction_id=3ee1ca4183af4cf7a45cc3e54fb8a51c; Path=/; Expires=Fri, 29 Oct 2021 14:04:48 GMT; Secure; SameSite=None
vary
Origin
x-eflow-request-id
fbb9855f-9f0d-4e2e-b636-7063ff3ba83a
via
1.1 google
alt-svc
clear
metarefresh
www.sastrk.com/ 		266 B
328 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sastrk.com/metarefresh?t=aHR0cDovL3d3dy5ib251c21vbnN0ZXIubmV0LzEvP3Q9c3MxMi01OF82OTAxMTgmZW1haWw9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.247.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.247.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2782023dab8a6bfef7bd834c7c953e5c96971d327c45b19b98a59e3e69e4cc2b

Request headers

:method
GET
:authority
www.sastrk.com
:scheme
https
:path
/metarefresh?t=aHR0cDovL3d3dy5ib251c21vbnN0ZXIubmV0LzEvP3Q9c3MxMi01OF82OTAxMTgmZW1haWw9
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://www.sastrk.com/3LPDKC/9F3647/?uid=135&sub1=690118&sub2=1173159639
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uniqueClick_9F3647=f0dd974b-665d-441b-9fad-aafb4b7bc21c:1627740288; transaction_id=3ee1ca4183af4cf7a45cc3e54fb8a51c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sastrk.com/3LPDKC/9F3647/?uid=135&sub1=690118&sub2=1173159639

Response headers

server
nginx
date
Sat, 31 Jul 2021 14:04:48 GMT
content-type
text/html; charset=utf-8
content-length
266
via
1.1 google
alt-svc
clear
Primary Request /
www.bonusmonster.net/1/
Redirect Chain
  • http://www.bonusmonster.net/1/?t=ss12-58_690118&email=
  • https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
28 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.207.91 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host1.yoursiteby.me
Software
Microsoft-IIS/10.0 /
Resource Hash
f96ae763f83ab49741df41c2f8cce3752f62021cc8d73849e26da47831f2cf38

Request headers

:method
GET
:authority
www.bonusmonster.net
:scheme
https
:path
/1/?t=ss12-58_690118&email=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sastrk.com/metarefresh?t=aHR0cDovL3d3dy5ib251c21vbnN0ZXIubmV0LzEvP3Q9c3MxMi01OF82OTAxMTgmZW1haWw9

Response headers

cache-control
private
content-type
text/html
server
Microsoft-IIS/10.0
set-cookie
country%5Fcode=%28null%29%2CINVALID%5FLICENSE%5FKEY; expires=Sun, 31-Jul-2022 14:04:48 GMT; path=/ ASPSESSIONIDCGTBTACR=GFABDDFCPEEAEGPMCHJDEIIO; secure; path=/
date
Sat, 31 Jul 2021 14:04:48 GMT
content-length
29051

Redirect headers

Content-Type
text/html; charset=UTF-8
Location
https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
Server
Microsoft-IIS/10.0
Date
Sat, 31 Jul 2021 14:04:48 GMT
Content-Length
182
bootstrap.min.css
www.bonusmonster.net/1/css/ 		118 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bonusmonster.net/1/css/bootstrap.min.css
Requested by
Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.207.91 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host1.yoursiteby.me
Software
Microsoft-IIS/10.0 /
Resource Hash
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Request headers

:path
/1/css/bootstrap.min.css
pragma
no-cache
cookie
country%5Fcode=%28null%29%2CINVALID%5FLICENSE%5FKEY; ASPSESSIONIDCGTBTACR=GFABDDFCPEEAEGPMCHJDEIIO
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.bonusmonster.net
referer
https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 14:04:48 GMT
last-modified
Mon, 21 Mar 2016 13:31:18 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"097e5f27583d11:0"
content-length
121260
content-type
text/css
css
fonts.googleapis.com/ 		3 KB
568 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,300,100,900
Requested by
Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
acc944d1374ce996570a31e6757dba039ee2c656a3ebaee9ebf00609568cc8f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bonusmonster.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 31 Jul 2021 14:04:48 GMT
server
ESF
date
Sat, 31 Jul 2021 14:04:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 31 Jul 2021 14:04:48 GMT
docs.css
www.bonusmonster.net/1/css/ 		10 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bonusmonster.net/1/css/docs.css
Requested by
Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.207.91 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host1.yoursiteby.me
Software
Microsoft-IIS/10.0 /
Resource Hash
493a0a1f9cdf59c4f1513fcd3b9ca89ad53d2a324b87970ae0380115f347bdd1

Request headers

:path
/1/css/docs.css
pragma
no-cache
cookie
country%5Fcode=%28null%29%2CINVALID%5FLICENSE%5FKEY; ASPSESSIONIDCGTBTACR=GFABDDFCPEEAEGPMCHJDEIIO
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.bonusmonster.net
referer
https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 14:04:48 GMT
last-modified
Mon, 21 Mar 2016 13:31:18 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"097e5f27583d11:0"
content-length
9940
content-type
text/css
global.css
www.bonusmonster.net/_inc/css/ 		17 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bonusmonster.net/_inc/css/global.css
Requested by
Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.207.91 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host1.yoursiteby.me
Software
Microsoft-IIS/10.0 /
Resource Hash
aa01a4fdf020f433814c36cba525594cf1a14694672d6d016a221c875151e9b6

Request headers

:path
/_inc/css/global.css
pragma
no-cache
cookie
country%5Fcode=%28null%29%2CINVALID%5FLICENSE%5FKEY; ASPSESSIONIDCGTBTACR=GFABDDFCPEEAEGPMCHJDEIIO
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.bonusmonster.net
referer
https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 14:04:48 GMT
last-modified
Thu, 12 Jan 2017 17:31:30 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"05ceb5f96cd21:0"
content-length
16901
content-type
text/css
logo-bmonster.png
www.bonusmonster.net/1/images/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bonusmonster.net/1/images/logo-bmonster.png
Requested by
Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.207.91 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host1.yoursiteby.me
Software
Microsoft-IIS/10.0 /
Resource Hash
80dd70706dda21fd61f0f307061ced148acff5754433abe0b46ba5c0f611f56b

Request headers

:path
/1/images/logo-bmonster.png
pragma
no-cache
cookie
country%5Fcode=%28null%29%2CINVALID%5FLICENSE%5FKEY; ASPSESSIONIDCGTBTACR=GFABDDFCPEEAEGPMCHJDEIIO
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bonusmonster.net
referer
https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 14:04:48 GMT
last-modified
Wed, 25 Apr 2018 17:38:22 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"03bb334bcdcd31:0"
content-length
31106
content-type
image/png
all-logos.png
www.bonusmonster.net/1/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bonusmonster.net/1/images/all-logos.png
Requested by
Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.207.91 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host1.yoursiteby.me
Software
Microsoft-IIS/10.0 /
Resource Hash
f255fe4742c1ef8931c9e6686b091aff09f2522bacff1c069376ec5aae853792

Request headers

:path
/1/images/all-logos.png
pragma
no-cache
cookie
country%5Fcode=%28null%29%2CINVALID%5FLICENSE%5FKEY; ASPSESSIONIDCGTBTACR=GFABDDFCPEEAEGPMCHJDEIIO
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bonusmonster.net
referer
https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 14:04:48 GMT
last-modified
Mon, 21 Mar 2016 13:31:16 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"06ab4f17583d11:0"
content-length
24575
content-type
image/png
section-bullet1.png
www.bonusmonster.net/1/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bonusmonster.net/1/images/section-bullet1.png
Requested by
Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.207.91 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host1.yoursiteby.me
Software
Microsoft-IIS/10.0 /
Resource Hash
f35704d0bd4b1f7c1da4844418ea46091f70cefb86d050a6aac350d9605779d1

Request headers

:path
/1/images/section-bullet1.png
pragma
no-cache
cookie
country%5Fcode=%28null%29%2CINVALID%5FLICENSE%5FKEY; ASPSESSIONIDCGTBTACR=GFABDDFCPEEAEGPMCHJDEIIO
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bonusmonster.net
referer
https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 14:04:48 GMT
last-modified
Mon, 21 Mar 2016 13:31:18 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"097e5f27583d11:0"
content-length
3458
content-type
image/png
section-bullet2.png
www.bonusmonster.net/1/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bonusmonster.net/1/images/section-bullet2.png
Requested by
Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.207.91 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host1.yoursiteby.me
Software
Microsoft-IIS/10.0 /
Resource Hash
a9d0832ebd7dc54e2ddf831ff23de969788279857cb659172929889389c4291c

Request headers

:path
/1/images/section-bullet2.png
pragma
no-cache
cookie
country%5Fcode=%28null%29%2CINVALID%5FLICENSE%5FKEY; ASPSESSIONIDCGTBTACR=GFABDDFCPEEAEGPMCHJDEIIO
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bonusmonster.net
referer
https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 14:04:48 GMT
last-modified
Mon, 21 Mar 2016 13:31:18 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"097e5f27583d11:0"
content-length
3661
content-type
image/png
section-bullet3.png
www.bonusmonster.net/1/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bonusmonster.net/1/images/section-bullet3.png
Requested by
Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.207.91 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host1.yoursiteby.me
Software
Microsoft-IIS/10.0 /
Resource Hash
7195c7c88d7ec9eef6c013593d20ec2dba28a76bff85cdaa465a4e1cdd82184b

Request headers

:path
/1/images/section-bullet3.png
pragma
no-cache
cookie
country%5Fcode=%28null%29%2CINVALID%5FLICENSE%5FKEY; ASPSESSIONIDCGTBTACR=GFABDDFCPEEAEGPMCHJDEIIO
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bonusmonster.net
referer
https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 14:04:48 GMT
last-modified
Mon, 21 Mar 2016 13:31:18 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"097e5f27583d11:0"
content-length
3613
content-type
image/png
social-icons.png
www.bonusmonster.net/1/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bonusmonster.net/1/images/social-icons.png
Requested by
Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.207.91 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host1.yoursiteby.me
Software
Microsoft-IIS/10.0 /
Resource Hash
12b4f4c131c2f2f4b969f2baf134b6967abb6a2c48f52b4d88bad971a44dbe90

Request headers

:path
/1/images/social-icons.png
pragma
no-cache
cookie
country%5Fcode=%28null%29%2CINVALID%5FLICENSE%5FKEY; ASPSESSIONIDCGTBTACR=GFABDDFCPEEAEGPMCHJDEIIO
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bonusmonster.net
referer
https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 14:04:48 GMT
last-modified
Mon, 21 Mar 2016 13:31:16 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"06ab4f17583d11:0"
content-length
12169
content-type
image/png
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bonusmonster.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 10:39:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12341
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33507
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 31 Jul 2022 10:39:08 GMT
bootstrap.js
www.bonusmonster.net/1/js/ 		70 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bonusmonster.net/1/js/bootstrap.js
Requested by
Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.207.91 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host1.yoursiteby.me
Software
Microsoft-IIS/10.0 /
Resource Hash
d7a630f49eaf1053345cc546dee3d6baa9f8ca4a221b83bc52b8f456fc3b6284

Request headers

:path
/1/js/bootstrap.js
pragma
no-cache
cookie
country%5Fcode=%28null%29%2CINVALID%5FLICENSE%5FKEY; ASPSESSIONIDCGTBTACR=GFABDDFCPEEAEGPMCHJDEIIO
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.bonusmonster.net
referer
https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 14:04:48 GMT
last-modified
Sat, 05 Nov 2016 19:34:16 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"06c31989b37d21:0"
content-length
71925
content-type
application/javascript
tubular.js
www.bonusmonster.net/1/js/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bonusmonster.net/1/js/tubular.js
Requested by
Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.207.91 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host1.yoursiteby.me
Software
Microsoft-IIS/10.0 /
Resource Hash
dbc538691560b1e1a012b22e7a6b9fef88b07b02537d90bb243889e8f7173615

Request headers

:path
/1/js/tubular.js
pragma
no-cache
cookie
country%5Fcode=%28null%29%2CINVALID%5FLICENSE%5FKEY; ASPSESSIONIDCGTBTACR=GFABDDFCPEEAEGPMCHJDEIIO
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.bonusmonster.net
referer
https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 14:04:48 GMT
last-modified
Fri, 11 Nov 2016 01:21:22 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"09585e9b93bd21:0"
content-length
6200
content-type
application/javascript
global.js
www.bonusmonster.net/_inc/js/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bonusmonster.net/_inc/js/global.js
Requested by
Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.207.91 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host1.yoursiteby.me
Software
Microsoft-IIS/10.0 /
Resource Hash
d6d06879a7bc8fd55bf92e4c3884a5a9c1c8ec5dbcae2c1b02f59f4143a145e9

Request headers

:path
/_inc/js/global.js
pragma
no-cache
cookie
country%5Fcode=%28null%29%2CINVALID%5FLICENSE%5FKEY; ASPSESSIONIDCGTBTACR=GFABDDFCPEEAEGPMCHJDEIIO
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.bonusmonster.net
referer
https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 14:04:48 GMT
last-modified
Thu, 07 Apr 2016 17:53:20 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"028f65ef690d11:0"
content-length
20323
content-type
application/javascript
jstracker.min.js
assets.pcrl.co/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pcrl.co/js/jstracker.min.js?geo=1
Requested by
Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-75.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
adf33148613cb07d00c1da3473cf3d7ce89a94c3e2075a065772bcb852f65b71

Request headers

Referer
https://www.bonusmonster.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ILWpFNHKyzE1o_od3IQyxMI3qjjCp8cy
Content-Encoding
gzip
ETag
"3b9aad01eeeb35815f6d1641a4650d6c"
Age
20428
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
1356
Last-Modified
Thu, 16 May 2019 15:18:55 GMT
Server
AmazonS3
Date
Sat, 31 Jul 2021 08:24:22 GMT
Content-Type
application/javascript
Via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
Cache-Control
max-age=21600, must-revalidate
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
PSwZi3H3KK3hNbEWlmLMMPFYN8emoUo1lViTMDOypNfRTEH1AWaYqQ==
bg.jpg
www.bonusmonster.net/1/images/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bonusmonster.net/1/images/bg.jpg
Requested by
Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/css/docs.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.207.91 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host1.yoursiteby.me
Software
Microsoft-IIS/10.0 /
Resource Hash
a5af8eb61164cca569568bb63bb183a5caf9e575b5c708c8df98850ac9395ab4

Request headers

:path
/1/images/bg.jpg
pragma
no-cache
cookie
country%5Fcode=%28null%29%2CINVALID%5FLICENSE%5FKEY; ASPSESSIONIDCGTBTACR=GFABDDFCPEEAEGPMCHJDEIIO
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bonusmonster.net
referer
https://www.bonusmonster.net/1/css/docs.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.bonusmonster.net/1/css/docs.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 14:04:48 GMT
last-modified
Mon, 21 Mar 2016 13:31:16 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"06ab4f17583d11:0"
content-length
72488
content-type
image/jpeg
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
12d72023e46c7f94272b44ad2742d4d4e62a6f623c4a490e6c2d16f415ed9d52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.bonusmonster.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
w7DJhHKQkBe4PMzm9PANxA==
cross-origin-resource-policy
cross-origin
expires
Sat, 31 Jul 2021 14:15:22 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1685
x-fb-rlafr
0
x-fb-debug
rE2WTtPmvq3PVA0VkhUIbwLrSAnxKoXpjP8Lr6kPXcVAJ+MQzD2GcWLmPPnAqhptMrD7oOEs/BbDnMJOZT6ncg==
x-fb-trip-id
917726464
x-fb-content-md5
cdbbbcaa288190954702e5be57f41261
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
date
Sat, 31 Jul 2021 14:04:49 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"41ef4f4b87ad3c5735ce8d01edb2a96e"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bonusmonster.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
4975
date
Sat, 31 Jul 2021 12:41:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Sat, 31 Jul 2021 14:41:54 GMT
form-btn.png
www.bonusmonster.net/1/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bonusmonster.net/1/images/form-btn.png
Requested by
Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/css/docs.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.207.91 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host1.yoursiteby.me
Software
Microsoft-IIS/10.0 /
Resource Hash
fcc3c91f6e26d1f05dd92f6cf293b0ca557d14a98fe2d7e765812e4184949c5d

Request headers

:path
/1/images/form-btn.png
pragma
no-cache
cookie
country%5Fcode=%28null%29%2CINVALID%5FLICENSE%5FKEY; ASPSESSIONIDCGTBTACR=GFABDDFCPEEAEGPMCHJDEIIO
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bonusmonster.net
referer
https://www.bonusmonster.net/1/css/docs.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.bonusmonster.net/1/css/docs.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 14:04:48 GMT
last-modified
Mon, 21 Mar 2016 13:31:18 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"097e5f27583d11:0"
content-length
1312
content-type
image/png
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,300,100,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.bonusmonster.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 08:34:22 GMT
x-content-type-options
nosniff
age
365427
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:12:12 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Jul 2022 08:34:22 GMT
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,300,100,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.bonusmonster.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 04:01:05 GMT
x-content-type-options
nosniff
age
381824
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22572
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:30 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Jul 2022 04:01:05 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,300,100,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.bonusmonster.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 00:16:41 GMT
x-content-type-options
nosniff
age
395288
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Jul 2022 00:16:41 GMT
sdk.js
connect.facebook.net/en_US/ 		227 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=a5a4ac7e4805e6d2873a78b9f2b1f1ed
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
19d4769a84fc5e58a47a7e0b9794ea591c92827cf65f638429bfda0bf8ca3440
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.bonusmonster.net
Referer
https://www.bonusmonster.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
GOfPPC73TnTrZMbWQoB/dA==
cross-origin-resource-policy
cross-origin
expires
Sun, 31 Jul 2022 13:35:40 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
67638
x-fb-rlafr
0
x-fb-debug
PbnDbIN7H/ap0PwE0Qk+Hk3oFquyTkKfMpWt4N28kjdHQkwt07XlIO0pCfXb8Z26UKXdvtGSYeGt/BV99lO5aw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
x-fb-content-md5
cce099ef5e4708d1398083fefc3bfe53
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 31 Jul 2021 14:04:49 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"ddcfaeac9a2eb64880a0b1ba1d14b4e7"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=627212399&utmhn=www.bonusmonster.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3280977-2&cid=864376742.1627740289&jid=1635165775&_v=5.7.2&z=627212399
35 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3280977-2&cid=864376742.1627740289&jid=1635165775&_v=5.7.2&z=627212399
Requested by
Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bonusmonster.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 31 Jul 2021 14:04:49 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 31 Jul 2021 14:04:49 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3280977-2&cid=864376742.1627740289&jid=1635165775&_v=5.7.2&z=627212399
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
368
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe_api
www.youtube.com/ 		980 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/js/tubular.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
51d8d0c12e399495963bccc9e89aeb4555c568f46d358d6ea3b8928ca535d799
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bonusmonster.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 14:04:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control
private, max-age=0
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sat, 31 Jul 2021 14:04:49 GMT
blocked_sites.js
system.picreel.com/js/ 		281 B
806 B 		Script
General
Check archive.org
Download Go to
Full URL
https://system.picreel.com/js/blocked_sites.js
Requested by
Host: assets.pcrl.co
URL: https://assets.pcrl.co/js/jstracker.min.js?geo=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-34.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c65aa2b99ceeb0595c8d26af4d026a062fbfae7402667ccd7fa626e43c4f5cbc

Request headers

Referer
https://www.bonusmonster.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
tBnfWhrOfFymnPiDm.89fw0yzvTPUS4E
Via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
Last-Modified
Tue, 14 May 2019 05:28:18 GMT
Server
AmazonS3
Age
3867
ETag
"cfe5c6de5d18b2265cc2f986399af585"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Date
Sat, 31 Jul 2021 13:00:22 GMT
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Length
281
X-Amz-Cf-Id
uKwz1w5NCAS4lWs6WN6L6Z7q-qsqmCHztkR0KQXQs-cYowVq1j6xBw==
/
www.facebook.com/login/ Frame C697
Redirect Chain
  • https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=true&app_id=421820311166136&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc1a...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D421820311166136%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....
  • https://www.facebook.com/w/
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
  • https://www.facebook.com/w/
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
  • https://www.facebook.com/w/
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
  • https://www.facebook.com/w/
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
  • https://www.facebook.com/w/
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
  • https://www.facebook.com/w/
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
  • https://www.facebook.com/w/
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
  • https://www.facebook.com/w/
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
  • https://www.facebook.com/w/
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
0
0
www-widgetapi.js
www.youtube.com/s/player/3c3086a1/www-widgetapi.vflset/ 		125 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/3c3086a1/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f85dfa211770e77ae74625ad98e4b1a114808bea92c6a361c25d0c889de9ecd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bonusmonster.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 09:23:33 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 29 Jul 2021 00:19:05 GMT
server
sffe
age
16876
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42813
x-xss-protection
0
expires
Sun, 31 Jul 2022 09:23:33 GMT
jstracker.content.min.js
system.picreel.com/js/ 		95 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://system.picreel.com/js/jstracker.content.min.js?geo=1
Requested by
Host: assets.pcrl.co
URL: https://assets.pcrl.co/js/jstracker.min.js?geo=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-34.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6da4b97d617f094ca9c057fa82bd86df862538195ff38fdd30ad08d212afc358

Request headers

Referer
https://www.bonusmonster.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cN8jAqOq5_9FbLW50PQYPNUEyDvkCmki
Content-Encoding
gzip
ETag
"94862a47a33a6d45257cbc7ab4af004d"
Age
5814
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
22000
Last-Modified
Wed, 16 Sep 2020 12:57:14 GMT
Server
AmazonS3
Date
Sat, 31 Jul 2021 12:28:30 GMT
Content-Type
application/javascript
Via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
Cache-Control
max-age=21600, must-revalidate
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
X-Amz-Cf-Id
nYUPAt2kDeN_Cxq1WOvx1IwWKZ56LYa9qp3TeXA1merVAHf9DYOI7A==
0FPhCyj8h34
www.youtube.com/embed/ Frame 437C 		55 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3c3086a1/www-widgetapi.vflset/www-widgetapi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f19b77cb4bf396aae25d837e1dc2ddb6369341f5a05fa5937c465c9d359a1dd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bonusmonster.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
YSC=31e2RPUTx5I; VISITOR_INFO1_LIVE=2-rWJg737oE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.bonusmonster.net/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 31 Jul 2021 14:04:49 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
CONSENT=PENDING+899; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
www-player-webp.css
www.youtube.com/s/player/3c3086a1/ Frame 437C 		327 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/3c3086a1/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d64bea7d525ed5fb9b6c89ad17257f77862c2b95f98efb6e8ea9ca711e411cfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jul 2021 15:44:32 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 29 Jul 2021 00:19:05 GMT
server
sffe
age
166817
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46052
x-xss-protection
0
expires
Fri, 29 Jul 2022 15:44:32 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 437C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 21:27:21 GMT
x-content-type-options
nosniff
age
405448
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Jul 2022 21:27:21 GMT
www-embed-player.js
www.youtube.com/s/player/3c3086a1/www-embed-player.vflset/ Frame 437C 		192 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/3c3086a1/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
542cf0a96a64d6b0e72b759fc6cfcd33e4af5b20a26130fa433fc52f91ed43ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 12:01:46 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 29 Jul 2021 00:19:05 GMT
server
sffe
age
7383
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65155
x-xss-protection
0
expires
Sun, 31 Jul 2022 12:01:46 GMT
base.js
www.youtube.com/s/player/3c3086a1/player_ias.vflset/en_US/ Frame 437C 		2 MB
491 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/3c3086a1/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e181aae64580371759fd9ab9c8e0023f094fb07ed464a8e4abe0a34a171ea01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 07:22:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
24112
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
502661
x-xss-protection
0
last-modified
Thu, 29 Jul 2021 00:19:05 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 31 Jul 2022 07:22:57 GMT
fetch-polyfill.js
www.youtube.com/s/player/3c3086a1/fetch-polyfill.vflset/ Frame 437C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/3c3086a1/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:56:47 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 29 Jul 2021 00:19:05 GMT
server
sffe
age
61682
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
expires
Sat, 30 Jul 2022 20:56:47 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 437C
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aad293a9fa969be836112fbb01483e355e67897108199abfedd8c7be214d2652
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 14:04:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 31 Jul 2021 14:04:49 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 437C 		29 B
523 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3c3086a1/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 13:55:38 GMT
x-content-type-options
nosniff
age
551
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-media
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 Jul 2021 14:10:38 GMT
lQhxPAwZ8aKovI4sh1-uQnDIc052gq1eOOABQ5agqhc.js
www.google.com/js/th/ Frame 437C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/lQhxPAwZ8aKovI4sh1-uQnDIc052gq1eOOABQ5agqhc.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3c3086a1/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9508713c0c19f1a2a8bc8e2c875fae4270c8734e7682ad5e38e0014396a0aa17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 12:13:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
6651
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13201
x-xss-protection
0
last-modified
Mon, 19 Jul 2021 15:00:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 31 Jul 2022 12:13:58 GMT
embed.js
www.youtube.com/s/player/3c3086a1/player_ias.vflset/en_US/ Frame 437C 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/3c3086a1/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3c3086a1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5787bf5f935343a6b1deb535b441f8b217106b373fd7de7714e5d71aa51a930d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jul 2021 15:49:32 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 29 Jul 2021 00:19:05 GMT
server
sffe
age
166517
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7435
x-xss-protection
0
expires
Fri, 29 Jul 2022 15:49:32 GMT
truncated
/ Frame 437C 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AKedOLRNj08vhWD-xuPw3UTORwO5peEmoFsVSpbEfw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 437C 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLRNj08vhWD-xuPw3UTORwO5peEmoFsVSpbEfw=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7a1dc190619b7a0a0a690508e410b0b85b9f9349d1ed2dc1f72b11b83be6af0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 11:02:44 GMT
x-content-type-options
nosniff
server
fife
age
10925
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1141
x-xss-protection
0
expires
Sun, 01 Aug 2021 11:02:44 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/0FPhCyj8h34/ Frame 437C 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/0FPhCyj8h34/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb351929e2fdc2c39cd893e089e7f8fbe3dd605a37fd2c13bccb5e94e84f9ad8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 14:04:49 GMT
x-content-type-options
nosniff
server
sffe
age
0
etag
"0"
vary
Origin
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99582
x-xss-protection
0
expires
Sat, 31 Jul 2021 16:04:49 GMT
player
www.youtube.com/youtubei/v1/ Frame 437C 		52 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3c3086a1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d230928b3134312200144219ab6bf6c6eacb14967f8f192d8625656624ec4359
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20210728.1.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Visitor-Id
CgsyLXJXSmc3MzdvRSiBsZWIBg%3D%3D
Content-Type
application/json

Response headers

date
Sat, 31 Jul 2021 14:04:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17420
x-xss-protection
0
expires
Sat, 31 Jul 2021 14:04:49 GMT
generate_204
www.youtube.com/ Frame 437C 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?UZX7LQ
Requested by
Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 14:04:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
qoe
www.youtube.com/api/stats/ Frame 437C 		0
19 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=244&afmt=250&cpn=WJ6FWBycuPcf_LaW&ei=gVgFYdmQMYyT1wKUzpfABg&el=embedded&docid=0FPhCyj8h34&ns=yt&fexp=23848211%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24036236%2C24045411%2C24053866%2C24058128%2C24058812%2C24060921%2C24067673%2C24068842&cl=387454209&seq=1&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210728.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.016:S,0.146:S,0.146:S&cmt=0.016:0.000,0.146:0.000&ctmp=cc:t.137;useVodTrack&afs=0.146:250::i&vfs=0.146:244:247::r&view=0.146:2134:1200&bwe=0.146:130000&bat=0.146:1:1&vis=0.146:0&bh=0.146:0.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3c3086a1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 31 Jul 2021 14:04:49 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
r5---sn-4g5edne7.googlevideo.com/ Frame 437C 		170 KB
172 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r5---sn-4g5edne7.googlevideo.com/videoplayback?expire=1627761889&ei=gVgFYdmQMYyT1wKUzpfABg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AKTDHjf7QcVWd3rLYyc3wWebsNu1dAg3s2FbZXM2J6wh&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=56&mm=31%2C29&mn=sn-4g5edne7%2Csn-4g5e6nsr&ms=au%2Crdu&mv=u&mvi=5&pl=52&vprv=1&mime=video%2Fwebm&ns=rP305qwU2cLcsor5GG7uXSAG&gir=yes&clen=2371855&dur=35.000&lmt=1605225497660584&mt=1627739279&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=hTOige0raCa2Xg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgIOilp4vCS8ZgxiW05BOWTpiBcnqAR39T7cwqIxg5laICIQC-jgxYWlCkUH41ZGa816S1UjL2MbK21FUsWLj0diFjvQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhANkD7efOvAIi0xz-U8iqAH9RgAjdyvDkRLN4KGNCcyzLAiBpFu4IbUebk1bswBpqfmW_4GwCSB_IZpmRA7iiYgnU8w%3D%3D&alr=yes&cpn=WJ6FWBycuPcf_LaW&cver=1.20210728.1.0&range=0-174579&rn=1&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3c3086a1/player_ias.vflset/en_US/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:44::b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
0553a94fa76b0842ce9496223c522f2991cdf7f6e4ed4b310240aa37fcba30ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 31 Jul 2021 14:04:49 GMT
X-Restrict-Formats-Hint
None
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
174580
Last-Modified
Thu, 12 Nov 2020 23:58:17 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/webm
Access-Control-Allow-Origin
https://www.youtube.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=21300
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
X-Content-Type-Options
nosniff
Expires
Sat, 31 Jul 2021 14:04:49 GMT
videoplayback
r5---sn-4g5edne7.googlevideo.com/ Frame 437C 		16 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r5---sn-4g5edne7.googlevideo.com/videoplayback?expire=1627761889&ei=gVgFYdmQMYyT1wKUzpfABg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AKTDHjf7QcVWd3rLYyc3wWebsNu1dAg3s2FbZXM2J6wh&itag=250&source=youtube&requiressl=yes&mh=56&mm=31%2C29&mn=sn-4g5edne7%2Csn-4g5e6nsr&ms=au%2Crdu&mv=u&mvi=5&pl=52&vprv=1&mime=audio%2Fwebm&ns=rP305qwU2cLcsor5GG7uXSAG&gir=yes&clen=16130&dur=35.021&lmt=1605224105748250&mt=1627739279&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=hTOige0raCa2Xg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAO4_kUgPa3X2wdzG_rytQcKJsGNGNO_hKnzpZ_JY8gjvAiEAkhvmMHRj4oyt5CtqXQLdqYc-jaCGrtXqB3Id_r53lBw%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhANkD7efOvAIi0xz-U8iqAH9RgAjdyvDkRLN4KGNCcyzLAiBpFu4IbUebk1bswBpqfmW_4GwCSB_IZpmRA7iiYgnU8w%3D%3D&alr=yes&cpn=WJ6FWBycuPcf_LaW&cver=1.20210728.1.0&range=0-16129&rn=2&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3c3086a1/player_ias.vflset/en_US/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:44::b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
041d64b0cc04518a1fe281fa28afff165d9a867ce8abebbdb7f9d6dc175e7e62
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 31 Jul 2021 14:04:49 GMT
X-Content-Type-Options
nosniff
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
16130
Last-Modified
Thu, 12 Nov 2020 23:35:05 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
audio/webm
Access-Control-Allow-Origin
https://www.youtube.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=21300
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
Expires
Sat, 31 Jul 2021 14:04:49 GMT
endscreen.js
www.youtube.com/s/player/3c3086a1/player_ias.vflset/en_US/ Frame 437C 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/3c3086a1/player_ias.vflset/en_US/endscreen.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3c3086a1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
227a81ed254d9b51de91186b3fc7466b270105f7210299f1b4f75e419ff08386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jul 2021 15:44:39 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 29 Jul 2021 00:19:05 GMT
server
sffe
age
166810
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7192
x-xss-protection
0
expires
Fri, 29 Jul 2022 15:44:39 GMT
next
www.youtube.com/youtubei/v1/ Frame 437C 		64 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3c3086a1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
afa1e6da430a4b0722cba2949a6d0f79e0938dcc4b571d7c33a9f764512c32f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20210728.1.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Visitor-Id
CgsyLXJXSmc3MzdvRSiBsZWIBg%3D%3D
Content-Type
application/json

Response headers

date
Sat, 31 Jul 2021 14:04:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5393
x-xss-protection
0
expires
Sat, 31 Jul 2021 14:04:50 GMT
videoplayback
r5---sn-4g5edne7.googlevideo.com/ Frame 437C 		335 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r5---sn-4g5edne7.googlevideo.com/videoplayback?expire=1627761889&ei=gVgFYdmQMYyT1wKUzpfABg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AKTDHjf7QcVWd3rLYyc3wWebsNu1dAg3s2FbZXM2J6wh&itag=247&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=56&mm=31%2C29&mn=sn-4g5edne7%2Csn-4g5e6nsr&ms=au%2Crdu&mv=u&mvi=5&pl=52&vprv=1&mime=video%2Fwebm&ns=rP305qwU2cLcsor5GG7uXSAG&gir=yes&clen=4285326&dur=35.000&lmt=1605225497684328&mt=1627739279&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=hTOige0raCa2Xg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAMY9GjqV145ayTEn-45SslhS-njXywLG8k_f06CkyAsjAiBCfE-A3r2muhlVC9W7UszJ-in4Ucf2kEJmP05t2JyWJg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhANkD7efOvAIi0xz-U8iqAH9RgAjdyvDkRLN4KGNCcyzLAiBpFu4IbUebk1bswBpqfmW_4GwCSB_IZpmRA7iiYgnU8w%3D%3D&alr=yes&cpn=WJ6FWBycuPcf_LaW&cver=1.20210728.1.0&range=0-334&rn=3&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3c3086a1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:44::b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
586c271a80aa5bc8bb492857cf13c5a25982d6ab418ddd2b1a16f30d19db0d0e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 14:04:50 GMT
x-restrict-formats-hint
None
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
335
client-protocol
quic
last-modified
Thu, 12 Nov 2020 23:58:17 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21299
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-content-type-options
nosniff
expires
Sat, 31 Jul 2021 14:04:50 GMT
videoplayback
r5---sn-4g5edne7.googlevideo.com/ Frame 437C 		170 KB
170 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r5---sn-4g5edne7.googlevideo.com/videoplayback?expire=1627761889&ei=gVgFYdmQMYyT1wKUzpfABg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AKTDHjf7QcVWd3rLYyc3wWebsNu1dAg3s2FbZXM2J6wh&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=56&mm=31%2C29&mn=sn-4g5edne7%2Csn-4g5e6nsr&ms=au%2Crdu&mv=u&mvi=5&pl=52&vprv=1&mime=video%2Fwebm&ns=rP305qwU2cLcsor5GG7uXSAG&gir=yes&clen=2371855&dur=35.000&lmt=1605225497660584&mt=1627739279&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=hTOige0raCa2Xg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgIOilp4vCS8ZgxiW05BOWTpiBcnqAR39T7cwqIxg5laICIQC-jgxYWlCkUH41ZGa816S1UjL2MbK21FUsWLj0diFjvQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhANkD7efOvAIi0xz-U8iqAH9RgAjdyvDkRLN4KGNCcyzLAiBpFu4IbUebk1bswBpqfmW_4GwCSB_IZpmRA7iiYgnU8w%3D%3D&alr=yes&cpn=WJ6FWBycuPcf_LaW&cver=1.20210728.1.0&range=174580-348824&rn=4&rbuf=2466
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3c3086a1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:44::b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
ad8a13febe45815a055d0ec33cf0e9469fd66a6812a3266a301504cfdae45a9c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 14:04:50 GMT
x-restrict-formats-hint
None
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
174245
client-protocol
quic
last-modified
Thu, 12 Nov 2020 23:58:17 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21299
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-content-type-options
nosniff
expires
Sat, 31 Jul 2021 14:04:50 GMT
videoplayback
r5---sn-4g5edne7.googlevideo.com/ Frame 437C 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r5---sn-4g5edne7.googlevideo.com/videoplayback?expire=1627761889&ei=gVgFYdmQMYyT1wKUzpfABg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AKTDHjf7QcVWd3rLYyc3wWebsNu1dAg3s2FbZXM2J6wh&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=56&mm=31%2C29&mn=sn-4g5edne7%2Csn-4g5e6nsr&ms=au%2Crdu&mv=u&mvi=5&pl=52&vprv=1&mime=video%2Fwebm&ns=rP305qwU2cLcsor5GG7uXSAG&gir=yes&clen=2371855&dur=35.000&lmt=1605225497660584&mt=1627739279&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=hTOige0raCa2Xg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgIOilp4vCS8ZgxiW05BOWTpiBcnqAR39T7cwqIxg5laICIQC-jgxYWlCkUH41ZGa816S1UjL2MbK21FUsWLj0diFjvQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhANkD7efOvAIi0xz-U8iqAH9RgAjdyvDkRLN4KGNCcyzLAiBpFu4IbUebk1bswBpqfmW_4GwCSB_IZpmRA7iiYgnU8w%3D%3D&alr=yes&cpn=WJ6FWBycuPcf_LaW&cver=1.20210728.1.0&range=348825-353679&rn=5&rbuf=4931
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3c3086a1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:44::b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
7be21c49aaa8ea66511ea9f790739f65954b1f6e45949207123f2faf63816806
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 14:04:50 GMT
x-restrict-formats-hint
None
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4855
client-protocol
quic
last-modified
Thu, 12 Nov 2020 23:58:17 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21299
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-content-type-options
nosniff
expires
Sat, 31 Jul 2021 14:04:50 GMT
qoe
www.youtube.com/api/stats/ Frame 437C 		0
19 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=247&afmt=250&cpn=WJ6FWBycuPcf_LaW&ei=gVgFYdmQMYyT1wKUzpfABg&el=embedded&docid=0FPhCyj8h34&ns=yt&fexp=23848211%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24036236%2C24045411%2C24053866%2C24058128%2C24058812%2C24060921%2C24067673%2C24068842&cl=387454209&seq=2&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210728.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&cat=itdrm&user_intent=0.018&vfs=0.267:247:247:244:r&view=0.267:2134:1200&vps=0.267:S,0.267:S&bwm=0.267:370145:0.217&bwe=0.267:1108873&bat=0.267:1:1&cmt=0.267:0.014&bh=0.267:0.000&df=0.267:0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3c3086a1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 31 Jul 2021 14:04:50 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
r5---sn-4g5edne7.googlevideo.com/ Frame 437C 		687 KB
687 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r5---sn-4g5edne7.googlevideo.com/videoplayback?expire=1627761889&ei=gVgFYdmQMYyT1wKUzpfABg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AKTDHjf7QcVWd3rLYyc3wWebsNu1dAg3s2FbZXM2J6wh&itag=247&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=56&mm=31%2C29&mn=sn-4g5edne7%2Csn-4g5e6nsr&ms=au%2Crdu&mv=u&mvi=5&pl=52&vprv=1&mime=video%2Fwebm&ns=rP305qwU2cLcsor5GG7uXSAG&gir=yes&clen=4285326&dur=35.000&lmt=1605225497684328&mt=1627739279&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=hTOige0raCa2Xg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAMY9GjqV145ayTEn-45SslhS-njXywLG8k_f06CkyAsjAiBCfE-A3r2muhlVC9W7UszJ-in4Ucf2kEJmP05t2JyWJg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhANkD7efOvAIi0xz-U8iqAH9RgAjdyvDkRLN4KGNCcyzLAiBpFu4IbUebk1bswBpqfmW_4GwCSB_IZpmRA7iiYgnU8w%3D%3D&alr=yes&cpn=WJ6FWBycuPcf_LaW&cver=1.20210728.1.0&range=631284-1334442&rn=6&rbuf=5000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3c3086a1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:44::b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
1e9c4a1bbb7eb27ace495df62631bb823650604e7801f475ab1f22f35d114ba9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 14:04:50 GMT
x-restrict-formats-hint
None
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
703159
client-protocol
quic
last-modified
Thu, 12 Nov 2020 23:58:17 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21299
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-content-type-options
nosniff
expires
Sat, 31 Jul 2021 14:04:50 GMT
videoplayback
r5---sn-4g5edne7.googlevideo.com/ Frame 437C 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r5---sn-4g5edne7.googlevideo.com/videoplayback?expire=1627761889&ei=gVgFYdmQMYyT1wKUzpfABg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AKTDHjf7QcVWd3rLYyc3wWebsNu1dAg3s2FbZXM2J6wh&itag=247&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=56&mm=31%2C29&mn=sn-4g5edne7%2Csn-4g5e6nsr&ms=au%2Crdu&mv=u&mvi=5&pl=52&vprv=1&mime=video%2Fwebm&ns=rP305qwU2cLcsor5GG7uXSAG&gir=yes&clen=4285326&dur=35.000&lmt=1605225497684328&mt=1627739279&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=hTOige0raCa2Xg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAMY9GjqV145ayTEn-45SslhS-njXywLG8k_f06CkyAsjAiBCfE-A3r2muhlVC9W7UszJ-in4Ucf2kEJmP05t2JyWJg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhANkD7efOvAIi0xz-U8iqAH9RgAjdyvDkRLN4KGNCcyzLAiBpFu4IbUebk1bswBpqfmW_4GwCSB_IZpmRA7iiYgnU8w%3D%3D&alr=yes&cpn=WJ6FWBycuPcf_LaW&cver=1.20210728.1.0&range=1334443-2786045&rn=7&rbuf=10000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3c3086a1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:44::b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
8cc5159142d64aa8b0e90ca171d9c8a110412b2a08ee46a3ec9777e710f17854
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 14:04:50 GMT
x-restrict-formats-hint
None
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1451603
client-protocol
quic
last-modified
Thu, 12 Nov 2020 23:58:17 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21299
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-content-type-options
nosniff
expires
Sat, 31 Jul 2021 14:04:50 GMT
playback
www.youtube.com/api/stats/ Frame 437C 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=WJ6FWBycuPcf_LaW&docid=0FPhCyj8h34&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F0FPhCyj8h34%3Fcontrols%3D0%26showinfo%3D0%26modestbranding%3D1%26wmode%3Dtransparent%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fwww.bonusmonster.net%26widgetid%3D1&cmt=0.052&ei=gVgFYdmQMYyT1wKUzpfABg&fmt=247&fs=0&rt=0.34&of=-_xhI4eL4MjOL53E0nwGhA&euri=https%3A%2F%2Fwww.bonusmonster.net%2F&lact=118&cl=387454209&mos=1&vm=CAEQABgEOjJBS1JhaHdCWUdWc2ZuY3RONGxaQ1dGejhlUUEzVGdYUlR3dkQtQ1NmT1hLck1JWkxhZ2JMQUh3MUlTLUoxZnJIN2gzR0pGNjhGYzQ0SFpHNE11UlBaYTdtM2NKRDktTEU1aDhJQnlRRm1rdDdQUXc4MWI5ZnFzLTJXTXF4Q3d2Tw&volume=100&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210728.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&splay=1&hl=en_US&cr=DE&len=35.021&fexp=23848211%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24036236%2C24045411%2C24053866%2C24058128%2C24058812%2C24060921%2C24067673%2C24068842&rtn=11&afmt=250&size=2134%3A1200&inview=0&muted=1
Requested by
Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 31 Jul 2021 14:04:50 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ptracking
www.youtube.com/ Frame 437C 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/ptracking?html5=1&video_id=0FPhCyj8h34&cpn=WJ6FWBycuPcf_LaW&ei=gVgFYdmQMYyT1wKUzpfABg&ptk=youtube_none&pltype=contentugc
Requested by
Host: www.bonusmonster.net
URL: https://www.bonusmonster.net/1/?t=ss12-58_690118&email=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 31 Jul 2021 14:04:50 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cd.min.js
system.picreel.com/js/ 		947 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://system.picreel.com/js/cd.min.js
Requested by
Host: system.picreel.com
URL: https://system.picreel.com/js/jstracker.content.min.js?geo=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-34.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
19307946d5d21a01e4fe16453f2e51b9d7d6226458d5f7de2af9a8bfb127f05d

Request headers

Referer
https://www.bonusmonster.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
n_c1cIpGEJcZhJ9hIDMWj._AdYJJJMpt
Content-Encoding
gzip
ETag
"6db0367a3eaf0edafdc6fd27eeb4cc14"
Age
7015
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
447
Last-Modified
Tue, 14 May 2019 05:30:06 GMT
Server
AmazonS3
Date
Sat, 31 Jul 2021 12:07:56 GMT
Content-Type
application/javascript
Via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
Cache-Control
max-age=21600, must-revalidate
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
X-Amz-Cf-Id
jyAmQRlJcP8f4fcEZu4_YNk-VGlDEjYTpak6v9SgpBKR7peEtA2iOA==
get_template
app.picreel.com/api/ Frame 5865 		0
251 B 		Document
General
Check archive.org
Download Go to
Full URL
https://app.picreel.com/api/get_template?source_url=https%253A%252F%252Fwww.bonusmonster.net%252F1%252F%253Ft%253Dss12-58_690118%2526email%253D&source_host=https%253A%252F%252Fwww.bonusmonster.net&templateId=&userAgent=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F89.0.4389.72%2520Safari%252F537.36&referrer=&screenWight=1600&screenHeight=1200&pv=&pp=&sv=&sp=&nv=&np=&rb=&ret=&utm_source=Picreel&utm_medium=display&utm_campaign=Picreel
Requested by
Host: system.picreel.com
URL: https://system.picreel.com/js/jstracker.content.min.js?geo=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.167.195.195 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-195-195.us-west-2.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) / PHP/5.5.9-1ubuntu4.21
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
app.picreel.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.bonusmonster.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.bonusmonster.net/

Response headers

Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sat, 31 Jul 2021 14:06:25 GMT
Server
nginx/1.4.6 (Ubuntu)
X-Powered-By
PHP/5.5.9-1ubuntu4.21
Content-Length
20
Connection
keep-alive
log_event
www.youtube.com/youtubei/v1/ Frame 437C 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3c3086a1/www-embed-player.vflset/www-embed-player.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
X-YouTube-Client-Version
1.20210728.1.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgsyLXJXSmc3MzdvRSiBsZWIBg%3D%3D
X-YouTube-Ad-Signals
dt=1627740289571&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2134%2C1200&vis=1&wgl=true&ca_type=image&bid=ANyPxKqyv6uYER37AHQIwQyLDpKH7Xnx1WVQwRccekK6lanry-k77DFa6NgMObrqd-UBAAUTC7Wx0BALH2SOx2pff02Cfe_EkQ

Response headers

date
Sat, 31 Jul 2021 14:04:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Sat, 31 Jul 2021 14:04:51 GMT
atr
www.youtube.com/api/stats/ Frame 437C 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=WJ6FWBycuPcf_LaW&docid=0FPhCyj8h34&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F0FPhCyj8h34%3Fcontrols%3D0%26showinfo%3D0%26modestbranding%3D1%26wmode%3Dtransparent%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fwww.bonusmonster.net%26widgetid%3D1&cmt=4.572&ei=gVgFYdmQMYyT1wKUzpfABg&fmt=247&fs=0&rt=4.858&of=-_xhI4eL4MjOL53E0nwGhA&euri=https%3A%2F%2Fwww.bonusmonster.net%2F&lact=4636&cl=387454209&mos=1&vm=CAEQABgEOjJBS1JhaHdCWUdWc2ZuY3RONGxaQ1dGejhlUUEzVGdYUlR3dkQtQ1NmT1hLck1JWkxhZ2JMQUh3MUlTLUoxZnJIN2gzR0pGNjhGYzQ0SFpHNE11UlBaYTdtM2NKRDktTEU1aDhJQnlRRm1rdDdQUXc4MWI5ZnFzLTJXTXF4Q3d2Tw&volume=100&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210728.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&splay=1&hl=en_US&cr=DE&len=35&fexp=23848211%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24036236%2C24045411%2C24053866%2C24058128%2C24058812%2C24060921%2C24067673%2C24068842&afmt=250&muted=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3c3086a1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
X-YouTube-Client-Version
1.20210728.1.0
X-YouTube-Time-Zone
Europe/Berlin
X-YouTube-Ad-Signals
dt=1627740289650&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2134%2C1200&vis=1&wgl=true&ca_type=image&bid=ANyPxKqyv6uYER37AHQIwQyLDpKH7Xnx1WVQwRccekK6lanry-k77DFa6NgMObrqd-UBAAUTC7Wx0BALH2SOx2pff02Cfe_EkQ

Response headers

pragma
no-cache
date
Sat, 31 Jul 2021 14:04:54 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
r5---sn-4g5edne7.googlevideo.com/ Frame 437C 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r5---sn-4g5edne7.googlevideo.com/videoplayback?expire=1627761889&ei=gVgFYdmQMYyT1wKUzpfABg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AKTDHjf7QcVWd3rLYyc3wWebsNu1dAg3s2FbZXM2J6wh&itag=247&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=56&mm=31%2C29&mn=sn-4g5edne7%2Csn-4g5e6nsr&ms=au%2Crdu&mv=u&mvi=5&pl=52&vprv=1&mime=video%2Fwebm&ns=rP305qwU2cLcsor5GG7uXSAG&gir=yes&clen=4285326&dur=35.000&lmt=1605225497684328&mt=1627739279&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=hTOige0raCa2Xg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAMY9GjqV145ayTEn-45SslhS-njXywLG8k_f06CkyAsjAiBCfE-A3r2muhlVC9W7UszJ-in4Ucf2kEJmP05t2JyWJg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhANkD7efOvAIi0xz-U8iqAH9RgAjdyvDkRLN4KGNCcyzLAiBpFu4IbUebk1bswBpqfmW_4GwCSB_IZpmRA7iiYgnU8w%3D%3D&alr=yes&cpn=WJ6FWBycuPcf_LaW&cver=1.20210728.1.0&range=2786046-4285325&rn=8&rbuf=15050
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3c3086a1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:44::b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
6ad89e7dba1bbd14d3622f360be6a2faabdbeb47d63e308bb92d2043e2acae88
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 14:04:55 GMT
x-restrict-formats-hint
None
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1499280
client-protocol
quic
last-modified
Thu, 12 Nov 2020 23:58:17 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21294
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-content-type-options
nosniff
expires
Sat, 31 Jul 2021 14:04:55 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 437C 		28 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3c3086a1/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
X-YouTube-Client-Version
1.20210728.1.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgsyLXJXSmc3MzdvRSiBsZWIBg%3D%3D
X-YouTube-Ad-Signals
dt=1627740289650&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2134%2C1200&vis=1&wgl=true&ca_type=image&bid=ANyPxKqyv6uYER37AHQIwQyLDpKH7Xnx1WVQwRccekK6lanry-k77DFa6NgMObrqd-UBAAUTC7Wx0BALH2SOx2pff02Cfe_EkQ

Response headers

date
Sat, 31 Jul 2021 14:04:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Sat, 31 Jul 2021 14:04:56 GMT
qoe
www.youtube.com/api/stats/ Frame 437C 		0
19 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=247&afmt=250&cpn=WJ6FWBycuPcf_LaW&ei=gVgFYdmQMYyT1wKUzpfABg&el=embedded&docid=0FPhCyj8h34&ns=yt&fexp=23848211%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24036236%2C24045411%2C24053866%2C24058128%2C24058812%2C24060921%2C24067673%2C24068842&cl=387454209&seq=3&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210728.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&cmt=0.488:0.200,1.238:0.952,10.006:9.720&vps=0.488:PL,10.006:PL&bwm=10.006:3654042:0.150&bwe=10.006:4382973&bat=10.006:1:1&bh=10.006:35.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3c3086a1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 31 Jul 2021 14:04:59 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
watchtime
www.youtube.com/api/stats/ Frame 437C 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=WJ6FWBycuPcf_LaW&docid=0FPhCyj8h34&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F0FPhCyj8h34%3Fcontrols%3D0%26showinfo%3D0%26modestbranding%3D1%26wmode%3Dtransparent%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fwww.bonusmonster.net%26widgetid%3D1&cmt=10.714&ei=gVgFYdmQMYyT1wKUzpfABg&fmt=247&fs=0&rt=11.001&of=-_xhI4eL4MjOL53E0nwGhA&euri=https%3A%2F%2Fwww.bonusmonster.net%2F&lact=10779&cl=387454209&state=playing&vm=CAEQABgEOjJBS1JhaHdCWUdWc2ZuY3RONGxaQ1dGejhlUUEzVGdYUlR3dkQtQ1NmT1hLck1JWkxhZ2JMQUh3MUlTLUoxZnJIN2gzR0pGNjhGYzQ0SFpHNE11UlBaYTdtM2NKRDktTEU1aDhJQnlRRm1rdDdQUXc4MWI5ZnFzLTJXTXF4Q3d2Tw&volume=100%2C100&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210728.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&splay=1&hl=en_US&cr=DE&len=35&rtn=21&afmt=250&idpj=0&ldpj=-7&rti=11&size=2134%3A1200&inview=0&st=0%2C0.154&et=0.052%2C10.714&muted=1%2C1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/0FPhCyj8h34?controls=0&showinfo=0&modestbranding=1&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.bonusmonster.net&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 31 Jul 2021 14:05:00 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.facebook.com
URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _gaq function| $ function| jQuery object| FB object| _gat object| gaGlobal function| backSubmit object| jQuery111303217445825932326 function| isMobile function| aweberSubmit function| validateEmail function| swal function| sweetAlert function| isBlockedDomain function| loadScripts function| getParams function| getGetParameters function| getCookie object| linksArray string| link object| get_params boolean| script_loaded boolean| block_loading object| $node function| onYouTubeIframeAPIReady function| onPlayerReady function| onPlayerStateChange object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| blocked_sites object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| player object| picreel object| PCD

9 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: 31e2RPUTx5I
.bonusmonster.net/ Name: __utmt
Value: 1
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 2-rWJg737oE
.bonusmonster.net/ Name: __utmz
Value: 201038141.1627740289.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.bonusmonster.net/ Name: __utmb
Value: 201038141.1.10.1627740289
.bonusmonster.net/ Name: __utmc
Value: 201038141
.bonusmonster.net/ Name: __utma
Value: 201038141.864376742.1627740289.1627740289.1627740289.1
www.bonusmonster.net/ Name: ASPSESSIONIDCGTBTACR
Value: GFABDDFCPEEAEGPMCHJDEIIO
www.bonusmonster.net/ Name: country%5Fcode
Value: %28null%29%2CINVALID%5FLICENSE%5FKEY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app.picreel.com
assets.pcrl.co
bit.ly
brubuselfish.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
mouretta.com
r5---sn-4g5edne7.googlevideo.com
ssl.google-analytics.com
static.doubleclick.net
stats.g.doubleclick.net
system.picreel.com
www.bonusmonster.net
www.facebook.com
www.google.com
www.sastrk.com
www.youtube.com
yt3.ggpht.com
www.facebook.com
13.224.193.75
13.225.87.34
2a00:1450:4001:44::b
2a00:1450:4001:800::2003
2a00:1450:4001:802::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2016
2a00:1450:4001:810::2006
2a00:1450:4001:810::200e
2a00:1450:4001:811::2008
2a00:1450:4001:812::200a
2a00:1450:4001:813::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:831::200a
2a00:1450:400c:c07::9a
2a03:2880:f02d:100:face:b00c:0:3
35.167.195.195
35.227.247.224
67.199.248.10
67.227.207.91
70.32.24.175
92.204.241.226
041d64b0cc04518a1fe281fa28afff165d9a867ce8abebbdb7f9d6dc175e7e62
0553a94fa76b0842ce9496223c522f2991cdf7f6e4ed4b310240aa37fcba30ed
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12b4f4c131c2f2f4b969f2baf134b6967abb6a2c48f52b4d88bad971a44dbe90
12d72023e46c7f94272b44ad2742d4d4e62a6f623c4a490e6c2d16f415ed9d52
18171f49481e0ed7feb05f908a6c1cce86a3eb06aed9d3230a5a3b83f9b922c9
19307946d5d21a01e4fe16453f2e51b9d7d6226458d5f7de2af9a8bfb127f05d
19d4769a84fc5e58a47a7e0b9794ea591c92827cf65f638429bfda0bf8ca3440
1e9c4a1bbb7eb27ace495df62631bb823650604e7801f475ab1f22f35d114ba9
227a81ed254d9b51de91186b3fc7466b270105f7210299f1b4f75e419ff08386
2782023dab8a6bfef7bd834c7c953e5c96971d327c45b19b98a59e3e69e4cc2b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f85dfa211770e77ae74625ad98e4b1a114808bea92c6a361c25d0c889de9ecd
493a0a1f9cdf59c4f1513fcd3b9ca89ad53d2a324b87970ae0380115f347bdd1
51d8d0c12e399495963bccc9e89aeb4555c568f46d358d6ea3b8928ca535d799
542cf0a96a64d6b0e72b759fc6cfcd33e4af5b20a26130fa433fc52f91ed43ff
5787bf5f935343a6b1deb535b441f8b217106b373fd7de7714e5d71aa51a930d
586c271a80aa5bc8bb492857cf13c5a25982d6ab418ddd2b1a16f30d19db0d0e
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6ad89e7dba1bbd14d3622f360be6a2faabdbeb47d63e308bb92d2043e2acae88
6da4b97d617f094ca9c057fa82bd86df862538195ff38fdd30ad08d212afc358
7195c7c88d7ec9eef6c013593d20ec2dba28a76bff85cdaa465a4e1cdd82184b
7a1dc190619b7a0a0a690508e410b0b85b9f9349d1ed2dc1f72b11b83be6af0b
7be21c49aaa8ea66511ea9f790739f65954b1f6e45949207123f2faf63816806
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
80dd70706dda21fd61f0f307061ced148acff5754433abe0b46ba5c0f611f56b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8cc5159142d64aa8b0e90ca171d9c8a110412b2a08ee46a3ec9777e710f17854
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
9508713c0c19f1a2a8bc8e2c875fae4270c8734e7682ad5e38e0014396a0aa17
9e181aae64580371759fd9ab9c8e0023f094fb07ed464a8e4abe0a34a171ea01
a5af8eb61164cca569568bb63bb183a5caf9e575b5c708c8df98850ac9395ab4
a9d0832ebd7dc54e2ddf831ff23de969788279857cb659172929889389c4291c
aa01a4fdf020f433814c36cba525594cf1a14694672d6d016a221c875151e9b6
aad293a9fa969be836112fbb01483e355e67897108199abfedd8c7be214d2652
acc944d1374ce996570a31e6757dba039ee2c656a3ebaee9ebf00609568cc8f4
ad8a13febe45815a055d0ec33cf0e9469fd66a6812a3266a301504cfdae45a9c
adf33148613cb07d00c1da3473cf3d7ce89a94c3e2075a065772bcb852f65b71
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
afa1e6da430a4b0722cba2949a6d0f79e0938dcc4b571d7c33a9f764512c32f5
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c65aa2b99ceeb0595c8d26af4d026a062fbfae7402667ccd7fa626e43c4f5cbc
d230928b3134312200144219ab6bf6c6eacb14967f8f192d8625656624ec4359
d64bea7d525ed5fb9b6c89ad17257f77862c2b95f98efb6e8ea9ca711e411cfd
d6d06879a7bc8fd55bf92e4c3884a5a9c1c8ec5dbcae2c1b02f59f4143a145e9
d7a630f49eaf1053345cc546dee3d6baa9f8ca4a221b83bc52b8f456fc3b6284
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dbc538691560b1e1a012b22e7a6b9fef88b07b02537d90bb243889e8f7173615
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb351929e2fdc2c39cd893e089e7f8fbe3dd605a37fd2c13bccb5e94e84f9ad8
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f19b77cb4bf396aae25d837e1dc2ddb6369341f5a05fa5937c465c9d359a1dd4
f1ebb16c09e1401b3a2488f0648b7081471d7b73353feb53f2528d0bb9281bd4
f255fe4742c1ef8931c9e6686b091aff09f2522bacff1c069376ec5aae853792
f35704d0bd4b1f7c1da4844418ea46091f70cefb86d050a6aac350d9605779d1
f96ae763f83ab49741df41c2f8cce3752f62021cc8d73849e26da47831f2cf38
fcc3c91f6e26d1f05dd92f6cf293b0ca557d14a98fe2d7e765812e4184949c5d