www.baldbrothersteam.com Open in urlscan Pro
208.113.171.199 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.baldbrothersteam.com/
Submission: On February 07 via automatic, source certstream-suspicious (February 7th 2023, 8:26:00 am UTC) — Scanned from DE

Summary HTTP 195 Redirects Behaviour Indicators

Summary

This website contacted 24 IPs in 3 countries across 18 domains to perform 195 HTTP transactions. The main IP is 208.113.171.199, located in United States and belongs to DREAMHOST-AS, US. The main domain is www.baldbrothersteam.com.
TLS certificate: Issued by R3 on February 5th 2023. Valid for: 3 months.

This is the only time www.baldbrothersteam.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
68	208.113.171.199 208.113.171.199	26347 (DREAMHOST-AS) (DREAMHOST-AS)
3	2a05:d018:56f... 2a05:d018:56f:b800:f42c:e894:1fb0:3740	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223e:a600:15:a0d3:77c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6812:414	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:80d::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1 1	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
31	2a00:1450:400... 2a00:1450:400d:805::200e	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:400d:808::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2016	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:24::7	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:14::8	15169 (GOOGLE) (GOOGLE)
195	24

68 208.113.171.199 (United States)

ASN26347 (DREAMHOST-AS, US)
PTR: apache2-argon.sussex.dreamhost.com

www.baldbrothersteam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:56f:b800:f42c:e894:1fb0:3740 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

sok.soapfighters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:a600:15:a0d3:77c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.clickcease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:414 (United States)

ASN13335 (CLOUDFLARENET, US)

www.idxhome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80d::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (Glen Cove, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:400d:805::200e (Ireland)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:24::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr2---sn-4g5edndr.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:14::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr3---sn-4g5lznek.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	baldbrothersteam.com www.baldbrothersteam.com	3 MB
31	youtube.com www.youtube.com — Cisco Umbrella Rank: 76	2 MB
16	googlevideo.com rr2---sn-4g5edndr.googlevideo.com — Cisco Umbrella Rank: 72668 rr3---sn-4g5lznek.googlevideo.com — Cisco Umbrella Rank: 74202	3 MB
16	gstatic.com fonts.gstatic.com www.gstatic.com	537 KB
15	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34 maps.googleapis.com — Cisco Umbrella Rank: 361 jnn-pa.googleapis.com — Cisco Umbrella Rank: 189	254 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21 region1.google-analytics.com — Cisco Umbrella Rank: 2456	21 KB
6	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 static.doubleclick.net — Cisco Umbrella Rank: 214	2 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2	69 KB
6	idxhome.com www.idxhome.com — Cisco Umbrella Rank: 158124	1 MB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	254 KB
3	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 229	11 KB
3	soapfighters.com sok.soapfighters.com — Cisco Umbrella Rank: 108861	33 KB
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 87	272 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	136 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	google.de www.google.de — Cisco Umbrella Rank: 5986	472 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 167	418 B
1	clickcease.com www.clickcease.com — Cisco Umbrella Rank: 9759	54 KB
195	18

	Domain	Requested by
68	www.baldbrothersteam.com	www.baldbrothersteam.com
31	www.youtube.com	www.baldbrothersteam.com www.youtube.com
10	fonts.gstatic.com	fonts.googleapis.com www.google.com www.youtube.com
9	rr3---sn-4g5lznek.googlevideo.com	www.youtube.com
8	jnn-pa.googleapis.com	www.youtube.com
7	rr2---sn-4g5edndr.googlevideo.com	www.youtube.com
6	www.gstatic.com	www.googletagmanager.com www.gstatic.com www.google.com
6	www.google.com	www.baldbrothersteam.com www.gstatic.com www.google.com www.youtube.com
6	www.idxhome.com	www.baldbrothersteam.com www.idxhome.com
4	googleads.g.doubleclick.net	2 redirects www.youtube.com
4	region1.google-analytics.com	www.googletagmanager.com
4	www.googletagmanager.com	www.baldbrothersteam.com www.googletagmanager.com
4	maps.googleapis.com	www.baldbrothersteam.com maps.googleapis.com
3	yt3.ggpht.com	www.youtube.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.googleapis.com	www.baldbrothersteam.com client
3	sok.soapfighters.com	www.baldbrothersteam.com sok.soapfighters.com
2	i.ytimg.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	connect.facebook.net	www.baldbrothersteam.com connect.facebook.net
1	www.facebook.com	www.baldbrothersteam.com
1	www.google.de	www.baldbrothersteam.com
1	www.googleadservices.com	1 redirects
1	www.clickcease.com	www.baldbrothersteam.com
195	24

This site contains no links.

Subject Issuer	Validity	Valid
www.baldbrothersteam.com R3	`2023-02-05` - `2023-05-06`	3 months	crt.sh
*.soapfighters.com ZeroSSL ECC Domain Secure Site CA	`2022-12-20` - `2023-03-20`	3 months	crt.sh
clickcease.com Amazon RSA 2048 M02	`2022-10-27` - `2023-11-25`	a year	crt.sh
idxhome.com Cloudflare Inc ECC CA-3	`2022-05-08` - `2023-05-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-16` - `2023-02-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-01-31` - `2023-04-11`	2 months	crt.sh

This page contains 5 frames:

Frame: https://www.baldbrothersteam.com/?clickcease=block
Frame ID: DDAB58629BCBEDE9399C007F4FF59B2C
Requests: 112 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D9A667E3F96F62E2AAD6D0B4B4CAAD33
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeB-8weAAAAAGpmaXDLGRJ1b-iQ-IJQVJMF4tP-&co=aHR0cHM6Ly93d3cuYmFsZGJyb3RoZXJzdGVhbS5jb206NDQz&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=1gxzrxix454c
Frame ID: E4427B4DB7CA95E9B3B549DE37707973
Requests: 8 HTTP requests in this frame

Frame: https://www.youtube.com/embed/E_R3TNh2dBQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=1
Frame ID: ED34E9238539BCFB781E2BA6700D9BA3
Requests: 37 HTTP requests in this frame

Frame: https://www.youtube.com/embed/1P1H4eQgXjU?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=3
Frame ID: 931C58764367BBCDDCB479B0E0F86839
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

195
Requests

94 %
HTTPS

92 %
IPv6

18
Domains

24
Subdomains

24
IPs

3
Countries

11316 kB
Transfer

24186 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 93

https://www.googleadservices.com/pagead/conversion/779806856/wcm?cc=ZZ&dn=8333052253&cl=4KOcCNDi1OUDEIjR6_MC&ct_eid=2 HTTP 302
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8333052253&cl=4KOcCNDi1OUDEIjR6_MC

Request Chain 127

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 129

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

195 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.baldbrothersteam.com/ 110 KB
22 KB 568ms
144ms Document
text/html 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 3e973adb9daf872aeaa62c6360e32766a9acfb0b7e75afb39e4bf218df6f0b30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 07 Feb 2023 08:25:49 GMT
expires: Mon, 29 Oct 1923 20:30:00 GMT
last-modified: Sun, 05 Feb 2023 01:11:36 GMT
pragma: no-cache
server: Apache
vary: Accept-Encoding,User-Agent

GET
H2 200 ec7840671e6217a592908ccf7bbd6ec6.js Show response
sok.soapfighters.com/i/ 86 KB
31 KB 272ms
116ms Script
text/javascript 2a05:d018:56f:b800:f42c:e894:1fb0:3740
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sok.soapfighters.com/i/ec7840671e6217a592908ccf7bbd6ec6.js
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2b80c57b1f6b508eba9f024bc1324b75d8e71f845f4432f4e84c397e08f29ad5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: text/javascript; charset=utf-8
date: Tue, 07 Feb 2023 08:25:49 GMT
cache-control: max-age=43200
content-encoding: gzip
etag: "157a0-yHXN6YKUP4syCfHfprOf0InViEk"
content-length: 31952
expires: Tue, 07 Feb 2023 20:25:49 GMT

GET
H2 200 stat.js Show response
www.clickcease.com/monitor/ 171 KB
54 KB 209ms
49ms Script
application/javascript 2600:9000:223e:a600:15:a0d3:77c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickcease.com/monitor/stat.js

Requested by

Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:a600:15:a0d3:77c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4f9687af855e3702920c9feedcf07596807bf43bcd8de0b543ffee66f98e1a22

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://clickcease.com https://*.clickcease.com; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: 6Er2d0GJvgnFniPQXIH7h8kzG7dJBNJf
content-encoding: gzip
via: 1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront)
date: Tue, 07 Feb 2023 08:25:46 GMT
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://clickcease.com https://*.clickcease.com; upgrade-insecure-requests;
x-amz-cf-pop: FRA56-P4
age: 4
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Nov 2022 11:31:37 GMT
server: AmazonS3
etag: W/"1c27f449b067550681f23ad3e53988fa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: microphone 'none'; camera 'none';
x-amz-cf-id: hVL-PuPHmo2KO0ZouYDvC-N_bfwmVx5byHfZRRzVRKeZxh3ltbJe0Q==

GET
H2 200 bundle.css
www.idxhome.com/service/resources/dist/wordpress/ 431 KB
49 KB 940ms
828ms Stylesheet
text/css 2606:4700::6812:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.idxhome.com/service/resources/dist/wordpress/bundle.css?1675507044895
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c8fc5c40f95a6852b43a8eb5914ec248ce3fd4fd00ba72fb46abdd0b1006872

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 08 Mar 2022 22:05:20 GMT
server: cloudflare
vary: Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT STA"
access-control-allow-origin: *
content-type: text/css;charset=UTF-8
cf-ray: 795abcb51f769107-FRA

GET
H2 200 3tqe.css
www.baldbrothersteam.com/wp-content/cache/wpfc-minified/mn5ny7yi/ 3 KB
873 B 151ms
143ms Stylesheet
text/css 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/cache/wpfc-minified/mn5ny7yi/3tqe.css
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: fce14f87a91f1fa62afb323b7cb34b11c3b76f6c7fcfab86ae00c4dbfedb6eef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:49 GMT
content-encoding: gzip
last-modified: Fri, 06 Jan 2023 13:44:12 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 777
expires: max-age=A10368000, public

GET
H2 200 3tqe.css
www.baldbrothersteam.com/wp-content/cache/wpfc-minified/ftw86rgh/ 386 KB
51 KB 198ms
191ms Stylesheet
text/css 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/cache/wpfc-minified/ftw86rgh/3tqe.css
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 64cabd30fbeb82d8428e3b921dddd75feb00d2ceccd9cd748d6b58614c25eef6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:49 GMT
content-encoding: gzip
last-modified: Fri, 06 Jan 2023 13:44:12 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
expires: max-age=A10368000, public

GET
H2 200 css
fonts.googleapis.com/ 11 KB
979 B 163ms
51ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A700%2Cregular%7CSource+Sans+Pro%3A300%2Cregular%7CMontserrat%3A700%2Cregular&subset=cyrillic%2Ccyrillic-ext%2Clatin%2Clatin-ext%2Cvietnamese%2Cgreek%2Cgreek-ext&ver=6.1.1

Requested by

Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2c6e278cbe0f5dc68432fe9adcf6be37c453760d1094f7e90ee230b522738fd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Feb 2023 08:25:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 08:25:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Feb 2023 08:25:49 GMT

GET
H2 200 3tqe.css
www.baldbrothersteam.com/wp-content/cache/wpfc-minified/d30a54ks/ 264 KB
35 KB 218ms
210ms Stylesheet
text/css 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/cache/wpfc-minified/d30a54ks/3tqe.css
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 2a50a85396df0a68aab6b74019149d81f362976f340b926a94e013d07297d63d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:49 GMT
content-encoding: gzip
last-modified: Fri, 06 Jan 2023 13:44:12 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
expires: max-age=A10368000, public

GET
H2 200 3tqe.css
www.baldbrothersteam.com/wp-content/cache/wpfc-minified/oxo6did/ 193 KB
25 KB 438ms
431ms Stylesheet
text/css 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/cache/wpfc-minified/oxo6did/3tqe.css
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: d5e240f7c6fb4ec47055511df3f4e5ee885c4fa0197ea9c0b6cd28ab2d073a18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:49 GMT
content-encoding: gzip
last-modified: Fri, 06 Jan 2023 13:44:12 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
expires: max-age=A10368000, public

GET
H2 200 post-20.css
www.baldbrothersteam.com/wp-content/uploads/elementor/css/ 1 KB
423 B 319ms
313ms Stylesheet
text/css 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/uploads/elementor/css/post-20.css?ver=1668106014
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 6641a57633c3302cdb8acd8b234b42a51f53350ca77fae0a41813b04e3258068

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:49 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 18:46:54 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 366
expires: max-age=A10368000, public

GET
H2 200 post-11.css
www.baldbrothersteam.com/wp-content/uploads/elementor/css/ 23 KB
2 KB 317ms
311ms Stylesheet
text/css 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/uploads/elementor/css/post-11.css?ver=1668640396
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 18aa1b4e0a479b963970ecbd037b67a321ac7b4ba1f48413650ba75a49bb8bba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:49 GMT
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 23:13:16 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 2125
expires: max-age=A10368000, public

GET
H2 200 css
fonts.googleapis.com/ 42 KB
2 KB 160ms
49ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1

Requested by

Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5dfdf00359b7743919a732ae8eb80536ff206faaf16a99fcdd3f967aca1f81e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Feb 2023 08:25:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 07:34:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Feb 2023 08:25:49 GMT

GET
H2 200 3tqe.js Show response
www.baldbrothersteam.com/wp-content/cache/wpfc-minified/k9dv4z80/ 99 KB
35 KB 317ms
311ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/cache/wpfc-minified/k9dv4z80/3tqe.js
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 1973d447056680a7a9d5c8996939d607cd44bc99073935a391e103ab979f4629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:49 GMT
content-encoding: gzip
last-modified: Fri, 06 Jan 2023 13:44:12 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
expires: max-age=A10368000, public

GET
H2 200 bundle.js Show response
www.idxhome.com/service/resources/dist/wordpress/ 967 KB
281 KB 1065ms
955ms Script
application/javascript 2606:4700::6812:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.idxhome.com/service/resources/dist/wordpress/bundle.js?1675507044895
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8348dbfa7e99150a9ea5a221a518b484ee0a9f4f4caa2ab5d1c54be10a6d47f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 08 Mar 2022 22:05:20 GMT
server: cloudflare
vary: Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT STA"
access-control-allow-origin: *
content-type: application/javascript;charset=UTF-8
cf-ray: 795abcb51f799107-FRA

GET
H2 200 btl2j.js Show response
www.baldbrothersteam.com/wp-content/cache/wpfc-minified/qsz61zwf/ 3 KB
1 KB 317ms
312ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/cache/wpfc-minified/qsz61zwf/btl2j.js
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 4f47e8ffd518d2ce60f684ab704b5816ad680d39d3edb439b00a274f9c0c803b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:49 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 20:34:17 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 984
expires: max-age=A10368000, public

GET
H2 200 3tqe.js Show response
www.baldbrothersteam.com/wp-content/cache/wpfc-minified/1dhs7k45/ 7 KB
2 KB 318ms
312ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/cache/wpfc-minified/1dhs7k45/3tqe.js
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: f3b3563c59dfbf9f931fb6cbae63f743d55af86771e51f49c575a6739079b3ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:49 GMT
content-encoding: gzip
last-modified: Fri, 06 Jan 2023 13:44:12 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 1902
expires: max-age=A10368000, public

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 168 KB
55 KB 179ms
68ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyDI9DcLsRUz5JvZkznDvX4BvaozGH1HuQk&session_token=3f5f508f-9521-4fc1-a40c-ef01a6ce73e0&libraries=places&ver=6.1.1

Requested by

Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

9945505d874dba655dbc8a6c6f939b50549b70efacbfdf757e74f1c49fd64e00

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:49 GMT
content-encoding: gzip
server: mafe
vary: Accept-Language
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=28
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56076
x-xss-protection: 0
expires: Tue, 07 Feb 2023 08:55:49 GMT

GET
H2 200 logo_f5344a5f306c78ab8940b6348738ea9e_1x.png
www.baldbrothersteam.com/wp-content/uploads/thegem-logos/ 11 KB
11 KB 210ms
203ms Image
image/png 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.baldbrothersteam.com/wp-content/uploads/thegem-logos/logo_f5344a5f306c78ab8940b6348738ea9e_1x.png
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 827e81a54c53552b9992fa91b861ccfb9082ed1fc29c9032f146681b77a0b5d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
last-modified: Mon, 02 Nov 2020 11:16:55 GMT
server: Apache
vary: User-Agent,Accept-Encoding
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 10819
expires: max-age=A10368000, public

GET
H2 200 KWAVE.png
www.baldbrothersteam.com/wp-content/uploads/2021/02/ 165 KB
166 KB 451ms
443ms Image
image/png 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.baldbrothersteam.com/wp-content/uploads/2021/02/KWAVE.png
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 8fbb787860a1d27d7d81daa24f190cd7e292bd97e2c1623729d8eafe8dd725c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
last-modified: Tue, 09 Feb 2021 22:13:21 GMT
server: Apache
vary: User-Agent,Accept-Encoding
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 169040
expires: max-age=A10368000, public

GET
H2 200 TheBaldBros_WebHeader-01-2048x670.png
www.baldbrothersteam.com/wp-content/uploads/2020/12/ 509 KB
512 KB 333ms
325ms Image
image/png 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.baldbrothersteam.com/wp-content/uploads/2020/12/TheBaldBros_WebHeader-01-2048x670.png
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: abd72e66e9a1041cf3b37b5ab7a263455d80a16c5c8a63e03d3991ebf38e88a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
last-modified: Fri, 18 Dec 2020 21:50:45 GMT
server: Apache
vary: User-Agent,Accept-Encoding
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 520820
expires: max-age=A10368000, public

GET
H2 200 aaron-zapata-e1603305415472-1024x871.png
www.baldbrothersteam.com/wp-content/uploads/2020/10/ 492 KB
493 KB 711ms
703ms Image
image/png 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.baldbrothersteam.com/wp-content/uploads/2020/10/aaron-zapata-e1603305415472-1024x871.png
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 6f92407f0eb2342db49e87280703491e0297c4a0ac0d3c141531da6627672464

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
last-modified: Wed, 21 Oct 2020 18:36:58 GMT
server: Apache
vary: User-Agent,Accept-Encoding
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 504273
expires: max-age=A10368000, public

GET
H2 200 todd-anderson-e1603305507313-1024x875.png
www.baldbrothersteam.com/wp-content/uploads/2020/10/ 326 KB
326 KB 594ms
587ms Image
image/png 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.baldbrothersteam.com/wp-content/uploads/2020/10/todd-anderson-e1603305507313-1024x875.png
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 22218b3b43883202bc6afb5802f2ec83be632303d22d22842c3d05c02bddfe72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
last-modified: Wed, 21 Oct 2020 18:38:33 GMT
server: Apache
vary: User-Agent,Accept-Encoding
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 333942
expires: max-age=A10368000, public

GET
H2 200 shutterstock_50097079-1-thegem-blog-justified-3x.jpg
www.baldbrothersteam.com/wp-content/uploads/2023/02/ 30 KB
30 KB 717ms
710ms Image
image/jpeg 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.baldbrothersteam.com/wp-content/uploads/2023/02/shutterstock_50097079-1-thegem-blog-justified-3x.jpg
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: cba06605f6eeb5eada7557007f1e454230745e6b65e040b4c54786e3d91e34f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
last-modified: Sun, 05 Feb 2023 00:43:27 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 30641
expires: max-age=A10368000, public

GET
H2 200 shutterstock_730774381-1-thegem-blog-justified-3x.jpg
www.baldbrothersteam.com/wp-content/uploads/2023/02/ 35 KB
35 KB 594ms
587ms Image
image/jpeg 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.baldbrothersteam.com/wp-content/uploads/2023/02/shutterstock_730774381-1-thegem-blog-justified-3x.jpg
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 29ef27a4fcdff070ed124839a5f1b44fbbc5085a82acf6ae13abf425facd8633

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
last-modified: Sun, 05 Feb 2023 00:40:15 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 35454
expires: max-age=A10368000, public

GET
H2 200 shutterstock_366266831-1-thegem-blog-justified-3x.jpg
www.baldbrothersteam.com/wp-content/uploads/2023/02/ 21 KB
21 KB 595ms
588ms Image
image/jpeg 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.baldbrothersteam.com/wp-content/uploads/2023/02/shutterstock_366266831-1-thegem-blog-justified-3x.jpg
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 36a24549832c0c31e8ae76ebde3f2c3c175035eaf94c330f2ae0f30d4a1102e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
last-modified: Sun, 05 Feb 2023 00:33:50 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 21645
expires: max-age=A10368000, public

GET
H2 200 impact-logo-oxn9zn4q89n2gi6v09alr2kj9tcge6uhbosl4nyn0g.png
www.baldbrothersteam.com/wp-content/uploads/elementor/thumbs/ 15 KB
15 KB 708ms
702ms Image
image/png 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.baldbrothersteam.com/wp-content/uploads/elementor/thumbs/impact-logo-oxn9zn4q89n2gi6v09alr2kj9tcge6uhbosl4nyn0g.png
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 2eee0d22a503968d268d4920c9951c3f670f5ba6a783cf776bbafa7596de731b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
last-modified: Thu, 29 Oct 2020 20:38:27 GMT
server: Apache
vary: User-Agent,Accept-Encoding
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 15507
expires: max-age=A10368000, public

GET
H2 200 top-rated-logo-pwear37k2nq2mh2bl2ic4wo8jewtd11ua5wsobqqeq.png
www.baldbrothersteam.com/wp-content/uploads/elementor/thumbs/ 11 KB
11 KB 710ms
703ms Image
image/png 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.baldbrothersteam.com/wp-content/uploads/elementor/thumbs/top-rated-logo-pwear37k2nq2mh2bl2ic4wo8jewtd11ua5wsobqqeq.png
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 142baf626c3675b31a8f6f25b89b5b3bfb94a16f62d5ffb6782dd5f3f689e249

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
last-modified: Tue, 18 Oct 2022 13:29:29 GMT
server: Apache
vary: User-Agent,Accept-Encoding
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 10992
expires: max-age=A10368000, public

GET
H2 200 3tqe.css
www.baldbrothersteam.com/wp-content/cache/wpfc-minified/m0vgixfq/ 69 KB
11 KB 161ms
161ms Stylesheet
text/css 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/cache/wpfc-minified/m0vgixfq/3tqe.css
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 52a9b8e1f17be848dd306a56b0103e9322d5ba2683982a9777c7a4fa59f9e393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Fri, 06 Jan 2023 13:44:12 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 10663
expires: max-age=A10368000, public

GET
H2 200 post-55.css
www.baldbrothersteam.com/wp-content/uploads/elementor/css/ 2 KB
465 B 142ms
142ms Stylesheet
text/css 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/uploads/elementor/css/post-55.css?ver=1668106013
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 59959be4c379e09737eb18d489e29c38674f614e8ceb5b25dbc1624e3fc3ae72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 18:46:53 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 408
expires: max-age=A10368000, public

GET
H2 200 3tqe.css
www.baldbrothersteam.com/wp-content/cache/wpfc-minified/frhc57al/ 75 KB
15 KB 155ms
155ms Stylesheet
text/css 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/cache/wpfc-minified/frhc57al/3tqe.css
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 8b342b2ec464f4a498c8e08fab9a022ddefc56268aafe49c25cc53b3a733617f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Fri, 06 Jan 2023 13:44:12 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
expires: max-age=A10368000, public

GET
H2 200 ihf-eureka.js Show response
www.idxhome.com/eureka/ 4 MB
808 KB 853ms
837ms Script
application/javascript 2606:4700::6812:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.idxhome.com/eureka/ihf-eureka.js?1675507044895
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a54fed4ecca4cf0cf6474832d62887a9f14ff29c5760045ff22c831c02220b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 May 2022 18:29:12 GMT
server: cloudflare
etag: W/"39e70e-5dfda3fee4e00-gzip"
vary: Accept-Encoding
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT STA", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT STA"
content-type: application/javascript
cf-ray: 795abcbc7e689107-FRA

GET
H2 200 thegem-menu_init.js Show response
www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/ 34 KB
7 KB 329ms
313ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/thegem-menu_init.js?ver=6.1.1
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 0e4fd88a355808541c1a43f9e30b89cd909c2fe35d9e30953dbc40d544496c36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 11:05:32 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 7495
expires: max-age=A10368000, public

GET
H2 200 svg4everybody.js Show response
www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/ 1 KB
576 B 340ms
324ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/svg4everybody.js?ver=6.1.1
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: dacfd6e3a4dba21c4477b41192719929ba989ad0536d681c31ec69d6aa336216

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 11:05:32 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 542
expires: max-age=A10368000, public

GET
H2 200 thegem-form-elements.js Show response
www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/ 2 KB
635 B 328ms
313ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/thegem-form-elements.js?ver=6.1.1
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 906fd77500d6ba9a3be43c86f8a599071174cd07747ee44809e4f112b0aac149

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 11:05:32 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 578
expires: max-age=A10368000, public

GET
H2 200 jquery.easing.js Show response
www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/ 8 KB
2 KB 339ms
324ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/jquery.easing.js?ver=6.1.1
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: e4273399cc0bc22e58b35f9f79fdf2705a39ddf4ad918ce852f2624e271d8248

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 11:05:31 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 2015
expires: max-age=A10368000, public

GET
H2 200 thegem-header.js Show response
www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/ 7 KB
2 KB 328ms
313ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/thegem-header.js?ver=6.1.1
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 27adb7ebda7e4de3331e2dc6d4c03b9de866dcf4ca9401f04127f04ff57c568e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 11:05:32 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 1837
expires: max-age=A10368000, public

GET
H2 200 functions.js Show response
www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/ 22 KB
5 KB 338ms
323ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/functions.js?ver=6.1.1
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 2c164e5b80ff786ddf570d7ddcb52c26223493ce521f19bb43cf208a88b5cb37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 11:05:32 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 5566
expires: max-age=A10368000, public

GET
H2 200 jquery.mousewheel.pack.js Show response
www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/fancyBox/ 1 KB
752 B 597ms
582ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/fancyBox/jquery.mousewheel.pack.js?ver=6.1.1
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 89063c896f3ff978cbecd97312879f288e207d519781425f0d7f9dd203dff653

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 11:05:31 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 718
expires: max-age=A10368000, public

GET
H2 200 jquery.fancybox.min.js Show response
www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/fancyBox/ 51 KB
17 KB 458ms
444ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/fancyBox/jquery.fancybox.min.js?ver=6.1.1
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: c33a2ad0fef0daa2f345c26c177d7dcba1bd3a2964de7539099f2d9d8f538c52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 11:05:31 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 16879
expires: max-age=A10368000, public

GET
H2 200 jquery.fancybox-init.js Show response
www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/fancyBox/ 2 KB
655 B 364ms
350ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/fancyBox/jquery.fancybox-init.js?ver=6.1.1
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 71f94e3e6eedf3ec23750c080cf2cacf7b53a09001d5cdabf4bc7ff2af688fef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 11:05:31 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 622
expires: max-age=A10368000, public

GET
H2 200 index.js Show response
www.baldbrothersteam.com/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 598ms
584ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 18:46:23 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 2961
expires: max-age=A10368000, public

GET
H2 200 index.js Show response
www.baldbrothersteam.com/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 338ms
324ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 18:46:23 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 3983
expires: max-age=A10368000, public

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
903 B 154ms
53ms Script
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LeB-8weAAAAAGpmaXDLGRJ1b-iQ-IJQVJMF4tP-&ver=3.0

Requested by

Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

246e8a666e6f6d74a4be8139504fc5c7ebec31e624c1fa6c884286fc34e512d7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 583
x-xss-protection: 1; mode=block
expires: Tue, 07 Feb 2023 08:25:50 GMT

GET
H2 200 regenerator-runtime.min.js Show response
www.baldbrothersteam.com/wp-includes/js/dist/vendor/ 6 KB
2 KB 602ms
589ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Thu, 02 Jun 2022 20:22:14 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 2458
expires: max-age=A10368000, public

GET
H2 200 wp-polyfill.min.js Show response
www.baldbrothersteam.com/wp-includes/js/dist/vendor/ 17 KB
7 KB 723ms
710ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 18:44:46 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 6642
expires: max-age=A10368000, public

GET
H2 200 index.js Show response
www.baldbrothersteam.com/wp-content/plugins/contact-form-7/modules/recaptcha/ 999 B
541 B 457ms
444ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 18:46:23 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 507
expires: max-age=A10368000, public

GET
H2 200 thegem-itemsAnimations.js Show response
www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/ 9 KB
2 KB 594ms
582ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/thegem-itemsAnimations.js?ver=6.1.1
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 1a673864a4a63ac4d82960b1e144d697c967a6ecb4b1cbbcb56e93cf00506e7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 11:05:32 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 2175
expires: max-age=A10368000, public

GET
H2 200 mediaelement-and-player.min.js Show response
www.baldbrothersteam.com/wp-includes/js/mediaelement/ 154 KB
39 KB 716ms
704ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 18:44:49 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
expires: max-age=A10368000, public

GET
H2 200 mediaelement-migrate.min.js Show response
www.baldbrothersteam.com/wp-includes/js/mediaelement/ 1 KB
597 B 598ms
587ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1.1
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Thu, 02 Jun 2022 20:22:16 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 540
expires: max-age=A10368000, public

GET
H2 200 thegem-mediaelement.js Show response
www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/ 2 KB
764 B 595ms
584ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/thegem-mediaelement.js?ver=6.1.1
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 1bb96ddce92b3bbd37cbd4d7a650b3d9ba9d687cb50a87afdb728cbbc840c557

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 11:05:32 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 730
expires: max-age=A10368000, public

GET
H2 200 thegem-scrollMonitor.js Show response
www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/ 11 KB
3 KB 593ms
581ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/thegem-scrollMonitor.js?ver=6.1.1
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: cb2946e07097db6564ba30abf4f363c76e6fa24f034a2b1890afe60c4a554766

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 11:05:32 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 2880
expires: max-age=A10368000, public

GET
H2 200 thegem-blog-core.js Show response
www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/ 5 KB
2 KB 595ms
585ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/thegem-blog-core.js?ver=6.1.1
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: d8dac0a0d52b36515112fb24842dd4ef7e17e59a3ad13a40003c6a0096b53064

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 11:05:32 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 1701
expires: max-age=A10368000, public

GET
H2 200 thegem-blog.js Show response
www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/ 2 KB
750 B 596ms
586ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/thegem-blog.js?ver=6.1.1
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: b2e084b53ae09201c31f66b4167ab5fe81e1aacac7ca84b2cdf4d07e7ef1f11d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 11:05:31 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 716
expires: max-age=A10368000, public

GET
H2 200 isotope.min.js Show response
www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/ 40 KB
11 KB 595ms
586ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/isotope.min.js?ver=6.1.1
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 57a45007f24b920e1cb59467217fd99f6b7aca9806c31fd2fbdf8ba38df471b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 11:05:32 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 11213
expires: max-age=A10368000, public

GET
H2 200 thegem-blog-isotope.js Show response
www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/ 2 KB
951 B 597ms
588ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/thegem-blog-isotope.js?ver=6.1.1
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: cf59775628088421391ebb62e332070e8d1342a36b115c6c2f11087602dbcef7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 11:05:32 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 917
expires: max-age=A10368000, public

GET
H2 200 jquery.touchSwipe.min.js Show response
www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/ 12 KB
4 KB 596ms
587ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/jquery.touchSwipe.min.js?ver=6.1.1
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 2457851c744cac5ef83b9485017d9d17242906f10f90071b8706b7c850e26343

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 11:05:32 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 4012
expires: max-age=A10368000, public

GET
H2 200 jquery.carouFredSel.js Show response
www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/ 54 KB
14 KB 710ms
701ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/themes/thegem-elementor/js/jquery.carouFredSel.js?ver=6.1.1
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 3cf03a6e87ef95d866c4715da2c9845b52c3569d7a1ac20935027fc017a430ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 11:05:32 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 13885
expires: max-age=A10368000, public

GET
H2 200 testimonials-carousel.js Show response
www.baldbrothersteam.com/wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/testimonials/assets/js/ 3 KB
950 B 596ms
588ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/plugins/thegem-elements-elementor/inc/elementor/widgets/testimonials/assets/js/testimonials-carousel.js
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: c4fecf173f9890849500e92a40afb5c020f43f4249d3078cb13c59f1846d4a86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 11:07:25 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 893
expires: max-age=A10368000, public

GET
H2 200 webpack.runtime.min.js Show response
www.baldbrothersteam.com/wp-content/plugins/elementor/assets/js/ 5 KB
2 KB 594ms
585ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.0
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: dca573f6831bcc39828ef0c435568a4ff0980edefdfbcf52e15ff8566befb529

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 18:46:45 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 2193
expires: max-age=A10368000, public

GET
H2 200 frontend-modules.min.js Show response
www.baldbrothersteam.com/wp-content/plugins/elementor/assets/js/ 32 KB
11 KB 710ms
702ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.0
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: ab3426e035a4ecbad44e1352a8f7433d0dba2f1a5b72382e2af9eb00a17a798c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 18:46:45 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 10900
expires: max-age=A10368000, public

GET
H2 200 waypoints.min.js Show response
www.baldbrothersteam.com/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 596ms
587ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 18:46:45 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 3016
expires: max-age=A10368000, public

GET
H2 200 core.min.js Show response
www.baldbrothersteam.com/wp-includes/js/jquery/ui/ 21 KB
7 KB 712ms
704ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 18:44:48 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 7137
expires: max-age=A10368000, public

GET
H2 200 swiper.min.js Show response
www.baldbrothersteam.com/wp-content/plugins/elementor/assets/lib/swiper/ 136 KB
35 KB 735ms
727ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 18:46:45 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
expires: max-age=A10368000, public

GET
H2 200 share-link.min.js Show response
www.baldbrothersteam.com/wp-content/plugins/elementor/assets/lib/share-link/ 3 KB
1 KB 593ms
585ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.8.0
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 18:46:45 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 1139
expires: max-age=A10368000, public

GET
H2 200 dialog.min.js Show response
www.baldbrothersteam.com/wp-content/plugins/elementor/assets/lib/dialog/ 10 KB
3 KB 596ms
588ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 18:46:45 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 3486
expires: max-age=A10368000, public

GET
H2 200 frontend.min.js Show response
www.baldbrothersteam.com/wp-content/plugins/elementor/assets/js/ 40 KB
12 KB 709ms
701ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.0
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 4276020d6f31a5d3116fde82520418b99a39cf1fc04d578b8eecab57894126a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 18:46:45 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 12178
expires: max-age=A10368000, public

GET
H2 200 preloaded-modules.min.js Show response
www.baldbrothersteam.com/wp-content/plugins/elementor/assets/js/ 42 KB
13 KB 710ms
702ms Script
application/javascript 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.8.0
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 59c3d3d0b50f56b9760ee59d09fdb21949b917015026542d88d9c22a070fc8d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 18:46:45 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 13152
expires: max-age=A10368000, public

GET
H2 200 ct Show response
sok.soapfighters.com/ 3 KB
1 KB 90ms
84ms Script
text/javascript 2a05:d018:56f:b800:f42c:e894:1fb0:3740
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sok.soapfighters.com/ct?id=40493&url=https%3A%2F%2Fwww.baldbrothersteam.com%2F&sf=0&tpi=&ch=&uvid=&tsf=0&tsfmi=&tsfu=&cb=1675758349940&hl=2&op=0&ag=2774517318&rand=032001810102199900155870896507120480513526127167210718607169835568670121796&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDI1MzldLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUpIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAgICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAgICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAgICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAgfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAgfV0iXSxbImNiIiwiMCwwLDAsMCwwLDAsMCwwLDAsNiwwLDAsMCw1LDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsNiwxLDAsMCwwLDMsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTEsIi0iXSxbLTIsIi0iXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcIm1oamZibWRnY2ZqYmJwYWVvam9mb2hvZWZnaWVoamFpXCIsXCJpbnRlcm5hbC1uYWNsLXBsdWdpblwiXSJdLFstNCwiLSJdLFstNSwiLSJdLFstNiwiLSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJkZXNjcmlwdGlvblwiLFwib2c6dGl0bGVcIixcIm9nOmRlc2NyaXB0aW9uXCJdfSJdLFstMTIsIm51bGwiXSxbLTEzLCItIl0sWy0xNCwiLSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywiNCJdLFstMTgsIlswLDAsMCwxXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiXSJdLFstMjAsIi0iXSxbLTIxLCItIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjMsIisiXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxbLTI2LCJ7XCJ0amhzXCI6MTAwMDAwMDAsXCJ1amhzXCI6MTAwMDAwMDAsXCJqaHNsXCI6Mzc2MDAwMDAwMH0iXSxbLTI3LCJbMCw5LjksMCxcIjRnXCIsbnVsbF0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMjksIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIi0iXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNjc1NzU4MzQ5OTMyLDBdIl0sWy0zNiwiW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTM4LCJsLC0xLC0xLDAsMCwxLDAsMTc0LDI0OSwyNjUsLTEsMCwsLDEwMjUsMTAyNSJdLFstMzksIltcIjIwMDMwMTA3XCIsNCxcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCwzXSJdLFstNDAsIjMzIl0sWy00MSwiLSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEwMCJdLFstNDQsIjAsMCwwLDUiXSxbLTQ1LCItIl0sWy00NiwiMCJdLFstNDcsIi0iXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWy01MCwiLSJdLFstNTEsIi0iXSxbLTUyLCItIl0sWy01MywiMTAwIl0sWy01NCwie1wiaFwiOltcIl8zXCIsXCIzMjk5OTEzNjlcIixcIjEyMjQzOTk3ODBcIixcIjE4MTQ2NzA1NjNcIixcIjIyNjU5NTYzNTNcIixcIjI0ODMwNDk2NDFcIl0sXCJkXCI6W10sXCJzXCI6MX0iXSxbLTU1LCIwIl0sWyJkZGIiLCIwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCw4LDAsMSwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMSwxLDAsMCwwLDAsMSwwLDIsMCwwLDAsMSwwLDAsMCwwLDAsMCwwIl0sWyJibmNoIiw0M10sWyJhYm5jaCIsNDNdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=OAznyLwsT0&pto=1031&ver=50&gac=-&mei=&ap=&duid=1.1675758349.XSrfGI29ilU4XlKM&suid=1.1675758349.BUCh9a2J4PbQulAA&tuid=1.1675758349.1bWr4vDqOPlaw8Jp&fbc=-&gtm=-&it=11%2C573%2C386&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0
Requested by: Host: sok.soapfighters.com
URL: https://sok.soapfighters.com/i/ec7840671e6217a592908ccf7bbd6ec6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1fda19582ba45715c312a754379be85402e87ea4d9ae069b770dc7bc7871b82c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Tue, 07 Feb 2023 08:25:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1038
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 139ms
58ms XHR
application/json 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDI9DcLsRUz5JvZkznDvX4BvaozGH1HuQk&session_token=3f5f508f-9521-4fc1-a40c-ef01a6ce73e0&libraries=places&ver=6.1.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.baldbrothersteam.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 156 KB
59 KB 227ms
93ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M8SWXFM

Requested by

Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

50bfa47f6353952d544a75bfa65803203a704b8294992e6bc4ef178fac061ebc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60200
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Feb 2023 08:25:50 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 117 KB
46 KB 214ms
80ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-55LTQCP

Requested by

Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9e41b24e1fff034551f5e729213e3ff221eefd7e285c16c5d9480f10676f3f05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46288
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Feb 2023 08:25:50 GMT

GET
H2 200 thegem-icons.woff
www.baldbrothersteam.com/wp-content/themes/thegem-elementor/fonts/ 19 KB
19 KB 318ms
312ms Font
x-font/woff 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/themes/thegem-elementor/fonts/thegem-icons.woff
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/wp-content/cache/wpfc-minified/ftw86rgh/3tqe.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: bbf782b4e5e12944b3b77e42b04e6bf9ea844c873a74d884d95e9dec98e18d58

Request headers

Referer: https://www.baldbrothersteam.com/wp-content/cache/wpfc-minified/ftw86rgh/3tqe.css
Origin: https://www.baldbrothersteam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
last-modified: Wed, 21 Oct 2020 11:05:30 GMT
server: Apache
vary: User-Agent
content-type: x-font/woff
cache-control: max-age=0
accept-ranges: bytes
content-length: 19076
expires: max-age=A10368000, public

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v49/ 17 KB
18 KB 264ms
130ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A700%2Cregular%7CSource+Sans+Pro%3A300%2Cregular%7CMontserrat%3A700%2Cregular&subset=cyrillic%2Ccyrillic-ext%2Clatin%2Clatin-ext%2Cvietnamese%2Cgreek%2Cgreek-ext&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.baldbrothersteam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 17:41:29 GMT
x-content-type-options: nosniff
age: 53061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17908
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 17:41:29 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 195ms
61ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.baldbrothersteam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:02:13 GMT
x-content-type-options: nosniff
age: 30217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 00:02:13 GMT

GET
H2 200 glyphicons-halflings-regular.woff
www.idxhome.com/service/resources/dist/wordpress/fonts/ 16 KB
17 KB 775ms
692ms Font
font/woff 2606:4700::6812:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.idxhome.com/service/resources/dist/wordpress/fonts/glyphicons-halflings-regular.woff
Requested by: Host: www.idxhome.com
URL: https://www.idxhome.com/service/resources/dist/wordpress/bundle.css?1675507044895
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a73662a42de059fbf6d2100463f0514a948c3b7158f6078efb44977539b803

Request headers

Referer: https://www.idxhome.com/service/resources/dist/wordpress/bundle.css?1675507044895
Origin: https://www.baldbrothersteam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:51 GMT
cf-cache-status: MISS
last-modified: Tue, 08 Mar 2022 22:05:20 GMT
server: cloudflare
vary: Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT STA"
access-control-allow-origin: *
content-type: font/woff;charset=UTF-8
cf-ray: 795abcbd1d979189-FRA

GET
H2 200 image_2021_05_20T12_56_15_686Z.png
www.baldbrothersteam.com/wp-content/uploads/2021/05/ 444 KB
444 KB 625ms
625ms Image
image/png 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.baldbrothersteam.com/wp-content/uploads/2021/05/image_2021_05_20T12_56_15_686Z.png
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/wp-content/uploads/elementor/css/post-11.css?ver=1668640396
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 39a0f8205f318cfc8a89b4351e56b6d01eb3a6fe7ae961328edba1eaa2e5843c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/wp-content/uploads/elementor/css/post-11.css?ver=1668640396
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
last-modified: Thu, 20 May 2021 15:40:33 GMT
server: Apache
vary: User-Agent,Accept-Encoding
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 454699
expires: max-age=A10368000, public

GET
H2 200 image_2021_05_20T12_56_55_403Z.png
www.baldbrothersteam.com/wp-content/uploads/2021/05/ 467 KB
467 KB 632ms
632ms Image
image/png 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.baldbrothersteam.com/wp-content/uploads/2021/05/image_2021_05_20T12_56_55_403Z.png
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/wp-content/uploads/elementor/css/post-11.css?ver=1668640396
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 551a4384fa041c9ad8bbbd6d8b78a143353caf11899b4738ad05f52a09b5e9c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/wp-content/uploads/elementor/css/post-11.css?ver=1668640396
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
last-modified: Thu, 20 May 2021 15:41:58 GMT
server: Apache
vary: User-Agent,Accept-Encoding
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 478075
expires: max-age=A10368000, public

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 108ms
63ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.baldbrothersteam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 16:49:14 GMT
x-content-type-options: nosniff
age: 401796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 16:49:14 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 195ms
150ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.baldbrothersteam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 01:59:02 GMT
x-content-type-options: nosniff
age: 455208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12956
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:54:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 01:59:02 GMT

GET
H2 200 montserrat-ultralight.woff
www.baldbrothersteam.com/wp-content/themes/thegem-elementor/fonts/ 53 KB
53 KB 499ms
498ms Font
x-font/woff 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/themes/thegem-elementor/fonts/montserrat-ultralight.woff
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/wp-content/cache/wpfc-minified/d30a54ks/3tqe.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 9956843e6bcd1ca47a15a97ccabeb09d5255c051829af54ad6d3c14bbc096fa2

Request headers

Referer: https://www.baldbrothersteam.com/wp-content/cache/wpfc-minified/d30a54ks/3tqe.css
Origin: https://www.baldbrothersteam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:50 GMT
last-modified: Wed, 21 Oct 2020 11:05:30 GMT
server: Apache
vary: User-Agent
content-type: x-font/woff
cache-control: max-age=0
accept-ranges: bytes
content-length: 54036
expires: max-age=A10368000, public

POST
H2 200 admin-ajax.php
www.baldbrothersteam.com/wp-admin/ 47 B
280 B 6995ms
6995ms XHR
text/html 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldbrothersteam.com/wp-admin/admin-ajax.php

Requested by

Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/wp-content/cache/wpfc-minified/qsz61zwf/btl2j.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

apache2-argon.sussex.dreamhost.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.baldbrothersteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 07 Feb 2023 08:25:51 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: Apache
x-frame-options: SAMEORIGIN
vary: User-Agent
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.baldbrothersteam.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 47
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 tc_imp.gif
sok.soapfighters.com/tracker/ 43 B
79 B 59ms
58ms Image
image/gif 2a05:d018:56f:b800:f42c:e894:1fb0:3740
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sok.soapfighters.com/tracker/tc_imp.gif?e=37dfbd8ee84e00136debc030e2448f9d9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5a1189642417071a10acf9f29f674dd0868f002a3a1ff77f7107823e8931c60c3504759b54535f600c0a93ef6d4877be26bb25cb43e2916af05365ac097c7a1bdb50ef4ef497d7d63fbb2807ff7ecaa8556d8e0e3143714493d60265f560b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a59d8677a0d8da5bef489d593772aeb9cce4b46d8fd9e16c893008c3e5db6e4d57e56b7daf991d30bd8af820db01ff43b2851b911cc2ce2ec03932c49d72db6399d3eef19df3f1477fe425b0b3fd2f4d26f9913f82be50eb0102419457459a9796dd8dfc863ece2ac093a3827ffe6d6d3387776795999e03679ea875ac41bfc003d667a87e5346588c6eee5c8789ee7ef8df78e13ba7c19cdb27d60a0a2dea5d540b28073ed7ab67b355c4cb9764fdde25b3d02dd0c2b1be3dc1f0eb5c72758dea484fd6bb490242f8acac74f36be9b605babe6acb28b23b874ec608c5fe6eb4467eb1f0d61f6b2d6a1137194005e8bd9e66b901ab464c4535fbb746c3851e0cffa4c2bcbc68def0e7fa86e4b2f74b4d51e755d2f3003a9149771ac9625b7669f17ea7751dcbf5a900c836a05c89a27591dd09f127745c321e6e50d999b0c936695484194392d6debeb8c9570c80c2d80ecec62279a2d6726e08bccda82733ab35c11ac64ef1358913c5c915ffbf35e7938bd6915963bd877967c402e7f2d0f747db644e5617887a0110e7b155e48108d8dbdf9146c7869b215a6603ef41f456fb11ebde37f46714781e646f75e3469cd8702cf91d9cf8a66e80911a9e7e25fe4d3f79d2&cri=OAznyLwsT0&ts=948&cb=1675758350888
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Tue, 07 Feb 2023 08:25:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 fa-brands-400.woff2
www.baldbrothersteam.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 75 KB
76 KB 481ms
480ms Font
application/font-woff2 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/wp-content/cache/wpfc-minified/frhc57al/3tqe.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Request headers

Referer: https://www.baldbrothersteam.com/wp-content/cache/wpfc-minified/frhc57al/3tqe.css
Origin: https://www.baldbrothersteam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:51 GMT
last-modified: Thu, 10 Nov 2022 18:46:45 GMT
server: Apache
vary: User-Agent,Accept-Encoding
content-type: application/font-woff2
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 76764
expires: max-age=A10368000, public

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 134ms
39ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55LTQCP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 06:54:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5461
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 07 Feb 2023 08:54:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
75 KB 84ms
81ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X53CNQ4PJW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55LTQCP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8b3425abeb13109a8955fe1d7db7201f8cfa62dcbd9edc861de652d5dd9deffd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77093
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 07 Feb 2023 08:25:51 GMT

GET
H2 200 loader.js Show response
www.gstatic.com/wcm/ 3 KB
2 KB 130ms
42ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8SWXFM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 07:53:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1947
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1339
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 16:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 07 Feb 2023 08:53:24 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 127ms
42ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 07 Feb 2023 08:25:51 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: hazEFIY6BJ8tbcW4p7ticTsIWd+xN+dvehoKRHG+5bIhCm+t1p5eHkXJ8g9xfjYS+tXcHIpbg5LOA8QjBUliCQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
74 KB 82ms
81ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KZGX6E8134&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8SWXFM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c21d2ff524af9de8a72aecc77513c2292440202626f25186b3a80bf02715e3bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75590
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 07 Feb 2023 08:25:51 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 149ms
48ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-X53CNQ4PJW&gtm=45je3210&_p=397824269&cid=311170732.1675758351&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675758351&sct=1&seg=0&dl=https%3A%2F%2Fwww.baldbrothersteam.com%2F&dt=Real%20Estate%20Selling%20Agent%20-%20Orange%20County%20Realtor%20%7C%20Bald%20Brothers%20Team&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X53CNQ4PJW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 08:25:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.baldbrothersteam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
260 B 122ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KZGX6E8134&gtm=45je3210&_p=397824269&cid=311170732.1675758351&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675758351&sct=1&seg=0&dl=https%3A%2F%2Fwww.baldbrothersteam.com%2F&dt=Real%20Estate%20Selling%20Agent%20-%20Orange%20County%20Realtor%20%7C%20Bald%20Brothers%20Team&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KZGX6E8134&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 08:25:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.baldbrothersteam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
213 B 48ms
46ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=397824269&t=pageview&_s=1&dl=https%3A%2F%2Fwww.baldbrothersteam.com%2F&ul=en-us&de=UTF-8&dt=Real%20Estate%20Selling%20Agent%20-%20Orange%20County%20Realtor%20%7C%20Bald%20Brothers%20Team&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1331072043&gjid=1273951951&cid=311170732.1675758351&tid=UA-221730601-1&_gid=1769837500.1675758351&_r=1&_slc=1&gtm=45He3210n8155LTQCP&z=257044054

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.baldbrothersteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 08:25:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.baldbrothersteam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
67 B 49ms
49ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=397824269&t=pageview&_s=1&dl=https%3A%2F%2Fwww.baldbrothersteam.com%2F&ul=en-us&de=UTF-8&dt=Real%20Estate%20Selling%20Agent%20-%20Orange%20County%20Realtor%20%7C%20Bald%20Brothers%20Team&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1333694248&gjid=2003748588&cid=311170732.1675758351&tid=UA-179266164-2&_gid=1769837500.1675758351&_r=1&_slc=1&gtm=45He3210n81M8SWXFM&z=179159810

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.baldbrothersteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 08:25:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.baldbrothersteam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 call-tracking_7.js Show response
www.gstatic.com/call-tracking/ 54 KB
21 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/call-tracking/call-tracking_7.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 10:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21020
x-xss-protection: 0
last-modified: Wed, 03 Feb 2021 22:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-telephony"
vary: Accept-Encoding
report-to: {"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Feb 2024 10:26:54 GMT

GET
H2 200 437669111843100 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 137ms
135ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/437669111843100?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c9f68ca79738d2e129e903c52e0a4620c3dc8169152c8542a3a98feba387f959

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 07 Feb 2023 08:25:51 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: vqyzCrQm1FJxXSf/13M1HIufjIZx0EXhbLJG58V7VB8QdA2ZoQzDoHhVhhL90rzBXRtQ8HrcexD0nxWQ1okBvA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

wcm Show response
www.google.de/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/779806856/wcm?cc=ZZ&dn=8333052253&cl=4KOcCNDi1OUDEIjR6_MC&ct_eid=2
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8333052253&cl=4KOcCNDi1OUDEIjR6_MC

80 B
472 B

140ms
49ms

XHR
application/json

2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8333052253&cl=4KOcCNDi1OUDEIjR6_MC

Requested by

Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/

Protocol

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: null
content-type: application/json; charset=UTF-8
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87
x-xss-protection: 0

Redirect headers

date: Tue, 07 Feb 2023 08:25:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8333052253&cl=4KOcCNDi1OUDEIjR6_MC
access-control-allow-origin: https://www.baldbrothersteam.com
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 123ms
41ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=437669111843100&ev=PageView&dl=https%3A%2F%2Fwww.baldbrothersteam.com%2F&rl=&if=false&ts=1675758351595&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1675758351594.1640886479&it=1675758351360&coo=false&rqm=GET

Requested by

Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 07 Feb 2023 08:25:51 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 css
fonts.googleapis.com/ 2 KB
635 B 54ms
53ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Feb 2023 08:25:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 08:06:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Feb 2023 08:25:52 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ 406 KB
162 KB 127ms
40ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeB-8weAAAAAGpmaXDLGRJ1b-iQ-IJQVJMF4tP-&ver=3.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baldbrothersteam.com/
Origin: https://www.baldbrothersteam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 07:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165540
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Feb 2024 07:50:42 GMT

GET
H2 200 chosen-sprite.png
www.idxhome.com/service/resources/dist/wordpress/ 646 B
751 B 53ms
49ms Image
image/png 2606:4700::6812:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.idxhome.com/service/resources/dist/wordpress/chosen-sprite.png
Requested by: Host: www.idxhome.com
URL: https://www.idxhome.com/service/resources/dist/wordpress/bundle.css?1675507044895
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e670fdcaf8cd467a9a1a67e9a5c1f73288089f59dc08031b118dc26fbd233c80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.idxhome.com/service/resources/dist/wordpress/bundle.css?1675507044895
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:52 GMT
cf-cache-status: HIT
last-modified: Tue, 08 Mar 2022 22:05:20 GMT
server: cloudflare
age: 6177
vary: Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT STA"
access-control-allow-origin: *
content-type: image/png;charset=UTF-8
cf-ray: 795abcc60eec9107-FRA

GET
H2 200 ui-bg_highlight-soft_100_eeeeee_1x100.png
www.idxhome.com/service/resources/dist/wordpress/images/ 278 B
333 B 54ms
50ms Image
image/png 2606:4700::6812:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.idxhome.com/service/resources/dist/wordpress/images/ui-bg_highlight-soft_100_eeeeee_1x100.png
Requested by: Host: www.idxhome.com
URL: https://www.idxhome.com/service/resources/dist/wordpress/bundle.css?1675507044895
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 327c2888147b8cb0d23491c03c0b10be98ce858363da08015c59332d32d1b265

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.idxhome.com/service/resources/dist/wordpress/bundle.css?1675507044895
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:52 GMT
cf-cache-status: HIT
last-modified: Tue, 08 Mar 2022 22:05:20 GMT
server: cloudflare
age: 6177
vary: Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT STA"
access-control-allow-origin: *
content-type: image/png;charset=UTF-8
cf-ray: 795abcc60ef09107-FRA

POST /
www.facebook.com/tr/ Frame D9A6 0
0

GET
H2 200 shutterstock_50097079-1-thegem-blog-justified.jpg
www.baldbrothersteam.com/wp-content/uploads/2023/02/ 59 KB
59 KB 307ms
306ms Image
image/jpeg 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.baldbrothersteam.com/wp-content/uploads/2023/02/shutterstock_50097079-1-thegem-blog-justified.jpg
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 5e9fd229042a9ccc8f39057ee1afcb98f3424850234bd5c65328a68b5e9bc328

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:52 GMT
last-modified: Sun, 05 Feb 2023 00:43:27 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 59925
expires: max-age=A10368000, public

GET
H2 200 shutterstock_730774381-1-thegem-blog-justified.jpg
www.baldbrothersteam.com/wp-content/uploads/2023/02/ 74 KB
74 KB 307ms
306ms Image
image/jpeg 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.baldbrothersteam.com/wp-content/uploads/2023/02/shutterstock_730774381-1-thegem-blog-justified.jpg
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 80942b37a26ee7d9e5068de8d9e03b4ce13d1deb8fca27a27a230e0e9802ac90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:52 GMT
last-modified: Sun, 05 Feb 2023 00:40:15 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 75952
expires: max-age=A10368000, public

GET
H2 200 shutterstock_366266831-1-thegem-blog-justified.jpg
www.baldbrothersteam.com/wp-content/uploads/2023/02/ 44 KB
44 KB 291ms
291ms Image
image/jpeg 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.baldbrothersteam.com/wp-content/uploads/2023/02/shutterstock_366266831-1-thegem-blog-justified.jpg
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash: 64e4e1ceada4f7544f6f355e0530bed4ed781b0a03eb40a795d1495b8ed8abf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:52 GMT
last-modified: Sun, 05 Feb 2023 00:33:50 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 44835
expires: max-age=A10368000, public

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 208ms
82ms Script
text/javascript 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/wp-content/cache/wpfc-minified/k9dv4z80/3tqe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

780e93a972826c21607437f3f44cb95c6204dda8634ecea9ba83c71dd80aad4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'report-sample' 'nonce-OxF045vv-O9Qlf5UOfwNEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Tue, 07 Feb 2023 08:25:52 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame E442 42 KB
22 KB 68ms
67ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeB-8weAAAAAGpmaXDLGRJ1b-iQ-IJQVJMF4tP-&co=aHR0cHM6Ly93d3cuYmFsZGJyb3RoZXJzdGVhbS5jb206NDQz&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=1gxzrxix454c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4ba966c9733f7c94c997c2c7bdb310f64ec2daa7713a12a1c014b50b0faabaa5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TNy0tD3RRsAyLKDQtZm5wQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.baldbrothersteam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22347
content-security-policy: script-src 'report-sample' 'nonce-TNy0tD3RRsAyLKDQtZm5wQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 08:25:52 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame E442 55 KB
24 KB 45ms
44ms Stylesheet
text/css 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeB-8weAAAAAGpmaXDLGRJ1b-iQ-IJQVJMF4tP-&co=aHR0cHM6Ly93d3cuYmFsZGJyb3RoZXJzdGVhbS5jb206NDQz&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=1gxzrxix454c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 11:54:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73864
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 11:54:48 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame E442 406 KB
162 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 07:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165540
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Feb 2024 07:50:42 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/f565d246/www-widgetapi.vflset/ 184 KB
62 KB 53ms
52ms Script
text/javascript 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f565d246/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7cdd02fc9786ea1bfd360a2f140c266d3800447ee65288c4347e73945c7a757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:59:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8764
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62923
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 01:13:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 07 Feb 2024 05:59:48 GMT

GET
H3 200 E_R3TNh2dBQ Show response
www.youtube.com/embed/ Frame ED34 68 KB
27 KB 157ms
157ms Document
text/html 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/E_R3TNh2dBQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f6fac4d4f8f02c792baf2cf642175684434650a99a27ec16612186213751ce34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baldbrothersteam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'report-sample' 'nonce-O95dBylRdnzREUtHGP2xLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 08:25:52 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1P1H4eQgXjU Show response
www.youtube.com/embed/ Frame 931C 68 KB
27 KB 128ms
127ms Document
text/html 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/1P1H4eQgXjU?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=3

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

30f6263399598f47b423b73fa2867016be90fe5292e3605f979a149513fb114c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baldbrothersteam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'report-sample' 'nonce-ZDWR1xUL4r5pC0ymu0SQkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 08:25:52 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame E442 2 KB
2 KB 40ms
39ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:40:39 GMT
x-content-type-options: nosniff
age: 24313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 14 Feb 2023 01:40:39 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E442 15 KB
15 KB 64ms
63ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 15:47:12 GMT
x-content-type-options: nosniff
age: 232720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Feb 2024 15:47:12 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E442 15 KB
15 KB 126ms
125ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 22:33:49 GMT
x-content-type-options: nosniff
age: 294723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 22:33:49 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame E442 102 B
133 B 65ms
65ms Other
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=gEr-ODersURoIfof1hiDm7R5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cfd288965d907162269e027312c7f64a05c1c4c360103c60c3daef3fe9298736

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeB-8weAAAAAGpmaXDLGRJ1b-iQ-IJQVJMF4tP-&co=aHR0cHM6Ly93d3cuYmFsZGJyb3RoZXJzdGVhbS5jb206NDQz&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=1gxzrxix454c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Tue, 07 Feb 2023 08:25:52 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/f565d246/ Frame 931C 360 KB
49 KB 66ms
65ms Stylesheet
text/css 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f565d246/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1P1H4eQgXjU?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f5b45df72d3deb51fe4da3bdb04c1b045a7056875acd482bda8232cfc2420a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1P1H4eQgXjU?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 15:52:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59609
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49987
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 01:13:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Feb 2024 15:52:23 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/f565d246/www-embed-player.vflset/ Frame 931C 345 KB
108 KB 121ms
120ms Script
text/javascript 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f565d246/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1P1H4eQgXjU?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee9388aac5b2856b642922b03bbcbef9d3f1e9313e3ab97c02118fec4487dd95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1P1H4eQgXjU?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 15:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59557
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110418
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 01:13:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Feb 2024 15:53:15 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/ Frame 931C 2 MB
602 KB 130ms
129ms Script
text/javascript 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1P1H4eQgXjU?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7155434ad7fc58d825d677c704b1e5976d3257f0231c005cf786555f675488dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1P1H4eQgXjU?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 15:53:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 616120
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 01:13:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Feb 2024 15:53:59 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/f565d246/fetch-polyfill.vflset/ Frame 931C 9 KB
3 KB 127ms
126ms Script
text/javascript 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f565d246/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1P1H4eQgXjU?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1P1H4eQgXjU?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 15:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59557
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 01:13:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Feb 2024 15:53:15 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/f565d246/ Frame ED34 360 KB
49 KB 66ms
65ms Stylesheet
text/css 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f565d246/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/E_R3TNh2dBQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f5b45df72d3deb51fe4da3bdb04c1b045a7056875acd482bda8232cfc2420a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/E_R3TNh2dBQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 15:52:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59609
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49987
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 01:13:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Feb 2024 15:52:23 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 931C 15 KB
15 KB 54ms
52ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1P1H4eQgXjU?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 15:47:12 GMT
x-content-type-options: nosniff
age: 232720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Feb 2024 15:47:12 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 931C 15 KB
15 KB 62ms
57ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1P1H4eQgXjU?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 22:33:49 GMT
x-content-type-options: nosniff
age: 294723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 22:33:49 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame ED34 15 KB
15 KB 82ms
78ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/E_R3TNh2dBQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 15:47:12 GMT
x-content-type-options: nosniff
age: 232720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Feb 2024 15:47:12 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame ED34 15 KB
15 KB 111ms
108ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/E_R3TNh2dBQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 22:33:49 GMT
x-content-type-options: nosniff
age: 294723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 22:33:49 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/f565d246/www-embed-player.vflset/ Frame ED34 345 KB
108 KB 114ms
111ms Script
text/javascript 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f565d246/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/E_R3TNh2dBQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee9388aac5b2856b642922b03bbcbef9d3f1e9313e3ab97c02118fec4487dd95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/E_R3TNh2dBQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 15:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59557
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110418
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 01:13:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Feb 2024 15:53:15 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/ Frame ED34 2 MB
602 KB 127ms
124ms Script
text/javascript 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/E_R3TNh2dBQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7155434ad7fc58d825d677c704b1e5976d3257f0231c005cf786555f675488dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/E_R3TNh2dBQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 15:53:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 616120
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 01:13:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Feb 2024 15:53:59 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/f565d246/fetch-polyfill.vflset/ Frame ED34 9 KB
3 KB 127ms
125ms Script
text/javascript 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f565d246/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/E_R3TNh2dBQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/E_R3TNh2dBQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 15:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59557
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 01:13:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Feb 2024 15:53:15 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame E442 32 KB
18 KB 97ms
96ms XHR
application/json 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LeB-8weAAAAAGpmaXDLGRJ1b-iQ-IJQVJMF4tP-

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ae6ec1c905b311cd42bb5da617e9d5e1e9424d10ae0eee8e8b7d718bd67705b2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeB-8weAAAAAGpmaXDLGRJ1b-iQ-IJQVJMF4tP-&co=aHR0cHM6Ly93d3cuYmFsZGJyb3RoZXJzdGVhbS5jb206NDQz&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=1gxzrxix454c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 07 Feb 2023 08:25:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18715
x-xss-protection: 1; mode=block
expires: Tue, 07 Feb 2023 08:25:53 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame ED34
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

55ms
50ms

XHR
application/json

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/E_R3TNh2dBQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=1

Protocol

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8fe8caef39e29c27a6fafdde324939896ca0fcf01386d66aff6293cf85bdf0f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 07 Feb 2023 08:25:53 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame ED34 29 B
494 B 143ms
44ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:22:02 GMT
x-content-type-options: nosniff
age: 231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Feb 2023 08:37:02 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 931C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
189 B

59ms
54ms

XHR
application/json

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1P1H4eQgXjU?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=3

Protocol

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46c4b188ec6213361b2dc33c6ce0e35c97a9ec5296e0002497b23ac6901c1eae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 07 Feb 2023 08:25:53 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 931C 29 B
89 B 124ms
44ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:22:02 GMT
x-content-type-options: nosniff
age: 231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Feb 2023 08:37:02 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 223ms
77ms Preflight
text/html 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 07 Feb 2023 08:25:53 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame ED34 66 KB
30 KB 135ms
133ms XHR
application/json+protobuf 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

040ce3f7b3541e1980bc881afe70e8a48f74b5f6cb4bbd3b3fab17d071c2409d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 07 Feb 2023 08:25:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30745
x-xss-protection: 0

GET
H3 200 x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js Show response
www.google.com/js/th/ Frame ED34 36 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c785098fc813e82b53e7f3d9481dac324593ee84f738d62f621788fd597f91bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 03:36:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 449387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14250
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Feb 2024 03:36:06 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/ Frame ED34 26 KB
8 KB 53ms
53ms Script
text/javascript 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43a4dab324ec03c22ab2186d1f95aff280ca9e5faeae1f37121e94b49c8169c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/E_R3TNh2dBQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 15:54:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59487
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8403
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 01:13:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Feb 2024 15:54:26 GMT

GET
DATA 200
OK truncated
/ Frame ED34 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AL5GRJWhb4lFnCoHvsJPJf9ykOlbWW5FvfIrAmMFMRxP=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame ED34 3 KB
4 KB 157ms
56ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AL5GRJWhb4lFnCoHvsJPJf9ykOlbWW5FvfIrAmMFMRxP=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/E_R3TNh2dBQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

445d43832186ac7fdd50975d22e3e31509246bd21ef02c23b410cfe672f0e326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:53 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3330
x-xss-protection: 0
server: fife
etag: "v5"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 07 Feb 2023 16:33:48 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/E_R3TNh2dBQ/ Frame ED34 42 KB
42 KB 177ms
77ms Image
image/webp 2a00:1450:4001:801::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/E_R3TNh2dBQ/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/E_R3TNh2dBQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c7bdaa320fc6f4abaee7219bbe1565e7f2c337aea4415d0dfed6504edebf8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:53 GMT
x-content-type-options: nosniff
server: sffe
etag: "1651180048"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42884
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Feb 2023 10:25:53 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 135ms
76ms Preflight
text/html 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 07 Feb 2023 08:25:53 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 931C 66 KB
30 KB 82ms
79ms XHR
application/json+protobuf 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f67cb05800e77abc7f6096b37cf3b432ce7520e8619965458529f2fc48d150f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 07 Feb 2023 08:25:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30868
x-xss-protection: 0

GET
H3 200 x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js Show response
www.google.com/js/th/ Frame 931C 36 KB
14 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c785098fc813e82b53e7f3d9481dac324593ee84f738d62f621788fd597f91bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 03:36:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 449387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14250
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Feb 2024 03:36:06 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/ Frame 931C 26 KB
8 KB 55ms
55ms Script
text/javascript 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43a4dab324ec03c22ab2186d1f95aff280ca9e5faeae1f37121e94b49c8169c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1P1H4eQgXjU?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 15:54:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59487
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8403
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 01:13:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Feb 2024 15:54:26 GMT

GET
DATA 200
OK truncated
/ Frame 931C 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AL5GRJWhb4lFnCoHvsJPJf9ykOlbWW5FvfIrAmMFMRxP=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 931C 3 KB
3 KB 99ms
71ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AL5GRJWhb4lFnCoHvsJPJf9ykOlbWW5FvfIrAmMFMRxP=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1P1H4eQgXjU?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

445d43832186ac7fdd50975d22e3e31509246bd21ef02c23b410cfe672f0e326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:53 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3330
x-xss-protection: 0
server: fife
etag: "v5"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 07 Feb 2023 16:33:48 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/1P1H4eQgXjU/ Frame 931C 229 KB
229 KB 156ms
129ms Image
image/jpeg 2a00:1450:4001:801::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/1P1H4eQgXjU/maxresdefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1P1H4eQgXjU?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2bb6dbd89627beba9f65c46438bb65d13e020cdbb8a5996862ba8ac2b505cfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:53 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234499
x-xss-protection: 0
server: sffe
etag: "1634590814"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Feb 2023 10:25:53 GMT

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame ED34 60 KB
21 KB 170ms
169ms XHR
application/json 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

c2c832e463ca874ae1200f7481d1953db126d87a941c15599cd4fa4b14969e73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/E_R3TNh2dBQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230205.00.00
X-Goog-Visitor-Id: Cgs4d2ZWMExseFY2ayiQloifBg%3D%3D

Response headers

date: Tue, 07 Feb 2023 08:25:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21536
x-xss-protection: 0
expires: Tue, 07 Feb 2023 08:25:53 GMT

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame 931C 51 KB
20 KB 141ms
140ms XHR
application/json 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

6033466ec95dba3bc0b7c0d677a0af0ae3d8e4dca34e30077b8517aa4c783a84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/1P1H4eQgXjU?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=3
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230205.00.00
X-Goog-Visitor-Id: Cgs4d2ZWMExseFY2ayiQloifBg%3D%3D

Response headers

date: Tue, 07 Feb 2023 08:25:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20797
x-xss-protection: 0
expires: Tue, 07 Feb 2023 08:25:53 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 931C 90 B
134 B 78ms
77ms XHR
application/json+protobuf 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

68078dbf058744e2b3ddd8bdec800f2b8574ff94f553fbeb2f05ee4e698eb138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 07 Feb 2023 08:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 75ms
74ms Preflight
text/html 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 07 Feb 2023 08:25:53 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame 931C 0
20 B 81ms
81ms XHR
text/html 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=134&afmt=251&cpn=lXaZSL0NkabZmRSI&el=embedded&ns=yt&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24255165%2C24415864%2C24439361%2C24441240%2C24450366%2C24451033%2C24454357%2C24457884%2C24463912%2C24469897&cl=507324366&seq=1&docid=1P1H4eQgXjU&ei=EQviY4CtKsPQgAexzIzgCw&event=streamingstats&plid=AAX0F-VnMzk4Jv-d&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F1P1H4eQgXjU%3Fcontrols%3D0%26rel%3D0%26playsinline%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fwww.baldbrothersteam.com%26widgetid%3D3&cbr=Chrome&cbrver=109.0.5414.119&c=WEB_EMBEDDED_PLAYER&cver=1.20230205.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.012:B,0.017:S,0.318:S,0.318:S&cmt=0.012:0.000,0.017:0.000,0.318:0.000&afs=0.318:251::i&vfs=0.318:134:134::r&view=0.318:889:500&bwe=0.318:130000&bat=0.318:1:1&vis=0.318:0&bh=0.318:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/1P1H4eQgXjU?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=3
X-YouTube-Client-Version: 1.20230205.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs4d2ZWMExseFY2ayiQloifBg%3D%3D
X-YouTube-Ad-Signals: dt=1675758353377&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C889%2C500&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 08:25:54 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK videoplayback Show response
rr2---sn-4g5edndr.googlevideo.com/ Frame 931C 165 KB
166 KB 194ms
75ms Fetch
video/mp4 2a00:1450:4001:24::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5edndr.googlevideo.com/videoplayback?expire=1675779953&ei=EQviY4CtKsPQgAexzIzgCw&ip=2a01%3A4a0%3A1338%3A92%3A%3A10&id=o-AESRPlY_u56Ia0-mazAK5T6RkAQe-WeBlmnlHcu7QGod&itag=134&aitags=134%2C136%2C137%2C160%2C243&source=youtube&requiressl=yes&mh=rS&mm=31%2C26&mn=sn-4g5edndr%2Csn-h0jelnes&ms=au%2Conr&mv=u&mvi=2&pl=36&spc=H3gIhl_n4hkOw0iDSU7cOoa3Oz2D2bw&vprv=1&mime=video%2Fmp4&ns=U1nMMtBdHrWZd3M6Jw5ON0cL&gir=yes&clen=10842299&dur=165.832&lmt=1674356570917033&mt=1675757988&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6216224&n=Fv--rQGBvbt8kQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAO7k_Rn09ucluTlfYtm-6JqXz4npCzmgehgHPn3OsnlMAiEA1xMb7yoHH7eIlDqyfMc6ElqmLWFaW4Sl-7a0dVuE768%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAKYhCfdnV6uD1x_KxihOE4IRqFm1Mej_hWOi4arxM_raAiEAqlSMiSJz_QDNLP1q_PVE3bt7NeV2JH7-6TEKhEBuuFg%3D&alr=yes&cpn=lXaZSL0NkabZmRSI&cver=1.20230205.00.00&range=0-169138&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:24::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

6a815e77508f3425ba2b66cd03df33bb02325fed6720996b73ff8e81c4c81317

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 08:25:54 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 169139
Last-Modified: Sun, 22 Jan 2023 03:02:50 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Tue, 07 Feb 2023 08:25:54 GMT

POST
H/1.1 200
OK videoplayback Show response
rr2---sn-4g5edndr.googlevideo.com/ Frame 931C 65 KB
66 KB 176ms
60ms Fetch
audio/webm 2a00:1450:4001:24::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5edndr.googlevideo.com/videoplayback?expire=1675779953&ei=EQviY4CtKsPQgAexzIzgCw&ip=2a01%3A4a0%3A1338%3A92%3A%3A10&id=o-AESRPlY_u56Ia0-mazAK5T6RkAQe-WeBlmnlHcu7QGod&itag=251&source=youtube&requiressl=yes&mh=rS&mm=31%2C26&mn=sn-4g5edndr%2Csn-h0jelnes&ms=au%2Conr&mv=u&mvi=2&pl=36&spc=H3gIhl_n4hkOw0iDSU7cOoa3Oz2D2bw&vprv=1&mime=audio%2Fwebm&ns=U1nMMtBdHrWZd3M6Jw5ON0cL&gir=yes&clen=2504529&dur=165.821&lmt=1628192730108446&mt=1675757988&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=Fv--rQGBvbt8kQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIga4eT-UfEmVEb2D0RCAnGVozZm3DzvosFNYXAImu7sWcCIHIIgPIL5hSYq1dwd8m0DUm35GEEpMhwj9WccBjSELlY&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAKYhCfdnV6uD1x_KxihOE4IRqFm1Mej_hWOi4arxM_raAiEAqlSMiSJz_QDNLP1q_PVE3bt7NeV2JH7-6TEKhEBuuFg%3D&alr=yes&cpn=lXaZSL0NkabZmRSI&cver=1.20230205.00.00&range=0-66087&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:24::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

78b338d9e8c48dc6b9c36d04a910ccc7196b917d193c51e0ebaab7367e148405

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 08:25:54 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 66088
Last-Modified: Thu, 05 Aug 2021 19:45:30 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Tue, 07 Feb 2023 08:25:54 GMT

GET
H3 200 captions.js Show response
www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/ Frame 931C 69 KB
25 KB 54ms
54ms Script
text/javascript 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c23bcfdcea811a7a5679c45d668f308a301c4478634d49b9d6e48f20104d3d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1P1H4eQgXjU?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 16:00:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59121
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25910
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 01:13:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Feb 2024 16:00:33 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/ Frame 931C 32 KB
9 KB 56ms
55ms Script
text/javascript 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b63d1c697bca22f0efe1b275f7529de0e633ae3247967808d032a80ee000ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1P1H4eQgXjU?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 16:00:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59121
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8942
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 01:13:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Feb 2024 16:00:33 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame 931C 6 KB
2 KB 207ms
206ms XHR
application/json 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

a2fc7779923ce259b5a07891f1541765634fdc4c4aedc1e08f6a5ca9d611644d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/1P1H4eQgXjU?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=3
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230205.00.00
X-Goog-Visitor-Id: Cgs4d2ZWMExseFY2ayiQloifBg%3D%3D

Response headers

date: Tue, 07 Feb 2023 08:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1940
x-xss-protection: 0
expires: Tue, 07 Feb 2023 08:25:54 GMT

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame ED34 0
20 B 74ms
73ms XHR
text/html 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=134&afmt=251&cpn=QRDPgVAl8MaIxeQ6&el=embedded&ns=yt&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24255165%2C24415864%2C24439361%2C24441240%2C24450366%2C24451033%2C24454357%2C24457884%2C24463912%2C24469897&cl=507324366&seq=1&docid=E_R3TNh2dBQ&ei=EQviY-zJKY-QgAeS3p3oAw&event=streamingstats&plid=AAX0F-VnQshmE8as&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FE_R3TNh2dBQ%3Fcontrols%3D0%26rel%3D0%26playsinline%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fwww.baldbrothersteam.com%26widgetid%3D1&cbr=Chrome&cbrver=109.0.5414.119&c=WEB_EMBEDDED_PLAYER&cver=1.20230205.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.008:B,0.011:S,0.364:S,0.364:S&cmt=0.008:0.000,0.011:0.000,0.364:0.000&afs=0.364:251::i&vfs=0.364:134:135::r&view=0.364:889:500&bwe=0.364:130000&bat=0.364:1:1&vis=0.364:0&bh=0.364:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/E_R3TNh2dBQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=1
X-YouTube-Client-Version: 1.20230205.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs4d2ZWMExseFY2ayiQloifBg%3D%3D
X-YouTube-Ad-Signals: dt=1675758353354&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C889%2C500&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 08:25:54 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK videoplayback Show response
rr3---sn-4g5lznek.googlevideo.com/ Frame ED34 142 KB
144 KB 176ms
64ms Fetch
video/mp4 2a00:1450:4001:14::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-4g5lznek.googlevideo.com/videoplayback?expire=1675779953&ei=EQviY-zJKY-QgAeS3p3oAw&ip=2a01%3A4a0%3A1338%3A92%3A%3A10&id=o-ABEEIh6suOWvj58kus2lYyhWnzWlgPSKsXdKeGN8_8QU&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=iU&mm=31%2C26&mn=sn-4g5lznek%2Csn-h0jeenek&ms=au%2Conr&mv=u&mvi=3&pl=36&spc=H3gIhgqmqeXf_shiielpjYCnlDwEdu0&vprv=1&mime=video%2Fmp4&ns=G7y5YX4-dN6-JZyrRLh0BVkL&gir=yes&clen=24518375&otfp=1&dur=516.566&lmt=1646675586522715&mt=1675757988&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6216224&n=zmDH-9AVksEV6Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMs62VSjax11nv1h3hd4vnGya_yzvh0dHQoc70FAcNbaAiEAjCJzSr6y8jZASXUBxWiQ0gVWQY7LYrao4s6i7HyHzZ8%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhANj9muPNkKdC6oYML2hJj8OrjCe0AggiVR6qGzBd6iBfAiAYjV5GP9TTwOJMukffqpSSuMOPLUIripVBFh8mhbIAeA%3D%3D&alr=yes&cpn=QRDPgVAl8MaIxeQ6&cver=1.20230205.00.00&range=0-145861&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:14::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

05e595d04617775432bfe04c52269e1f4621887353aa45db7732e52bcecf2b89

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 08:25:54 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 145862
Last-Modified: Mon, 07 Mar 2022 17:53:06 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Tue, 07 Feb 2023 08:25:54 GMT

POST
H/1.1 200
OK videoplayback Show response
rr3---sn-4g5lznek.googlevideo.com/ Frame ED34 65 KB
66 KB 177ms
67ms Fetch
audio/webm 2a00:1450:4001:14::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-4g5lznek.googlevideo.com/videoplayback?expire=1675779953&ei=EQviY-zJKY-QgAeS3p3oAw&ip=2a01%3A4a0%3A1338%3A92%3A%3A10&id=o-ABEEIh6suOWvj58kus2lYyhWnzWlgPSKsXdKeGN8_8QU&itag=251&source=youtube&requiressl=yes&mh=iU&mm=31%2C26&mn=sn-4g5lznek%2Csn-h0jeenek&ms=au%2Conr&mv=u&mvi=3&pl=36&spc=H3gIhgqmqeXf_shiielpjYCnlDwEdu0&vprv=1&mime=audio%2Fwebm&ns=G7y5YX4-dN6-JZyrRLh0BVkL&gir=yes&clen=7833320&otfp=1&dur=516.641&lmt=1646675607444234&mt=1675757988&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=zmDH-9AVksEV6Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAP-lkb1uzW_e5hfLgXO09I6MHRK-HRxKdWvShKM1j3JZAiEAzwisydImvZG26S6YSxLmi3op8ddHmjgF7uMFe3SDY4M%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhANj9muPNkKdC6oYML2hJj8OrjCe0AggiVR6qGzBd6iBfAiAYjV5GP9TTwOJMukffqpSSuMOPLUIripVBFh8mhbIAeA%3D%3D&alr=yes&cpn=QRDPgVAl8MaIxeQ6&cver=1.20230205.00.00&range=0-66675&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:14::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

d3de9b827d931f88f7923f1de96368146aadcab2d887035ff0f72210a2953669

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 08:25:54 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 66676
Last-Modified: Mon, 07 Mar 2022 17:53:27 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Tue, 07 Feb 2023 08:25:54 GMT

GET
H3 200 captions.js Show response
www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/ Frame ED34 69 KB
25 KB 53ms
52ms Script
text/javascript 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c23bcfdcea811a7a5679c45d668f308a301c4478634d49b9d6e48f20104d3d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/E_R3TNh2dBQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 16:00:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59121
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25910
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 01:13:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Feb 2024 16:00:33 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/ Frame ED34 32 KB
9 KB 53ms
53ms Script
text/javascript 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b63d1c697bca22f0efe1b275f7529de0e633ae3247967808d032a80ee000ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/E_R3TNh2dBQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 16:00:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59121
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8942
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 01:13:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Feb 2024 16:00:33 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame ED34 10 KB
3 KB 283ms
283ms XHR
application/json 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

95395038f5ad23a63a9745cded97fe319f8c36b1acfe92cafff16e0239a3fd89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/E_R3TNh2dBQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230205.00.00
X-Goog-Visitor-Id: Cgs4d2ZWMExseFY2ayiQloifBg%3D%3D

Response headers

date: Tue, 07 Feb 2023 08:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2818
x-xss-protection: 0
expires: Tue, 07 Feb 2023 08:25:54 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame ED34 90 B
134 B 76ms
76ms XHR
application/json+protobuf 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7a55b704c44e6091f3fb9c44aa149233bc90f461cf4ebd4bd955421e4671ffd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 07 Feb 2023 08:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 74ms
73ms Preflight
text/html 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 07 Feb 2023 08:25:54 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 AL5GRJWhb4lFnCoHvsJPJf9ykOlbWW5FvfIrAmMFMRxP=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 931C 4 KB
4 KB 240ms
239ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AL5GRJWhb4lFnCoHvsJPJf9ykOlbWW5FvfIrAmMFMRxP=s88-c-k-c0x00ffffff-no-rj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

db8a76fcafa695cb71c9b7f8ae64a8871f1d633b7f1308412a2efafbc390160b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:54 GMT
x-content-type-options: nosniff
server: fife
etag: "v5"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4373
x-xss-protection: 0
expires: Wed, 08 Feb 2023 08:25:54 GMT

POST
H3 200 videoplayback Show response
rr3---sn-4g5lznek.googlevideo.com/ Frame ED34 1 KB
1 KB 142ms
98ms Fetch
video/mp4 2a00:1450:4001:14::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-4g5lznek.googlevideo.com/videoplayback?expire=1675779953&ei=EQviY-zJKY-QgAeS3p3oAw&ip=2a01%3A4a0%3A1338%3A92%3A%3A10&id=o-ABEEIh6suOWvj58kus2lYyhWnzWlgPSKsXdKeGN8_8QU&itag=135&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=iU&mm=31%2C26&mn=sn-4g5lznek%2Csn-h0jeenek&ms=au%2Conr&mv=u&mvi=3&pl=36&spc=H3gIhgqmqeXf_shiielpjYCnlDwEdu0&vprv=1&mime=video%2Fmp4&ns=G7y5YX4-dN6-JZyrRLh0BVkL&otf=1&otfp=1&dur=0.000&lmt=1646675595572427&mt=1675757988&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=zmDH-9AVksEV6Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAJ6B6ob3wpUDTGH2-gdk4Qgeo9Xr9iIuy1We8l0NqaN7AiAl2ve9ERNBc25AExZVsho7NWM_3-m95uYE1EmYznGbVw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhANj9muPNkKdC6oYML2hJj8OrjCe0AggiVR6qGzBd6iBfAiAYjV5GP9TTwOJMukffqpSSuMOPLUIripVBFh8mhbIAeA%3D%3D&alr=yes&cpn=QRDPgVAl8MaIxeQ6&cver=1.20230205.00.00&sq=0&rn=3&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:14::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

d28abbe0baf711b60ef8baf47792df1f5de8578e2c704ceb15c667adaae86e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

client-protocol: quic
date: Tue, 07 Feb 2023 08:25:54 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1336
last-modified: Fri, 13 Jan 2023 19:27:31 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Tue, 07 Feb 2023 08:25:54 GMT

POST
H3 200 videoplayback Show response
rr2---sn-4g5edndr.googlevideo.com/ Frame 931C 164 KB
164 KB 88ms
43ms Fetch
video/mp4 2a00:1450:4001:24::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:24::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

41d63accfc9f380c7d6a919e1226654789ec97d2b9f9f4c4d6bb3146b3faf8b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

client-protocol: quic
date: Tue, 07 Feb 2023 08:25:54 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 167996
last-modified: Sun, 22 Jan 2023 03:02:50 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Tue, 07 Feb 2023 08:25:54 GMT

POST
H3 200 videoplayback Show response
rr3---sn-4g5lznek.googlevideo.com/ Frame ED34 77 KB
77 KB 43ms
43ms Fetch
video/mp4 2a00:1450:4001:14::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:14::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

7bad19c348b3ebd1ba0f529b543bf2e45c6b3fe7c9f713271408629411d5667e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

client-protocol: quic
date: Tue, 07 Feb 2023 08:25:54 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79105
last-modified: Mon, 07 Mar 2022 17:53:06 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Tue, 07 Feb 2023 08:25:54 GMT

GET
H3 204 playback Show response
www.youtube.com/api/stats/ Frame 931C 0
18 B 80ms
76ms XHR
text/html 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=lXaZSL0NkabZmRSI&ver=2&cmt=0.017&fmt=134&fs=0&rt=0.688&euri=https%3A%2F%2Fwww.baldbrothersteam.com%2F&lact=247&cl=507324366&mos=1&volume=100&cbr=Chrome&cbrver=109.0.5414.119&c=WEB_EMBEDDED_PLAYER&cver=1.20230205.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&splay=1&hl=de_DE&cr=DE&len=165.832&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24255165%2C24415864%2C24439361%2C24441240%2C24450366%2C24451033%2C24454357%2C24457884%2C24463912%2C24469897&rtn=6&afmt=251&size=889%3A500&inview=0&muted=1&docid=1P1H4eQgXjU&ei=EQviY4CtKsPQgAexzIzgCw&plid=AAX0F-VnMzk4Jv-d&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F1P1H4eQgXjU%3Fcontrols%3D0%26rel%3D0%26playsinline%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fwww.baldbrothersteam.com%26widgetid%3D3&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBRlNkMkZ2ZGpqdGJ5V3p1NDZVV2s5SFcyWlJoaFM2RGFMaE91N09BM3VmNjdHdlE1Z2JTQVBta0tESUN0T1VQWFU1QlpGN3hSVG9zZzVsejFEUjlIMkwxQW5TMjNUSjgxRFc2Rzh2WEU1TjRmS2FEcGdpeHFTbmlybDBhWGx0dFJaOGd4SUVoAQ

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/1P1H4eQgXjU?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=3
X-YouTube-Client-Version: 1.20230205.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs4d2ZWMExseFY2ayiQloifBg%3D%3D
X-YouTube-Ad-Signals: dt=1675758353377&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C889%2C500&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 08:25:54 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking Show response
www.youtube.com/ Frame 931C 0
20 B 75ms
75ms XHR
text/html 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=1P1H4eQgXjU&cpn=lXaZSL0NkabZmRSI&ei=EQviY4CtKsPQgAexzIzgCw&ptk=youtube_none&pltype=contentugc

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/1P1H4eQgXjU?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=3
X-YouTube-Client-Version: 1.20230205.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs4d2ZWMExseFY2ayiQloifBg%3D%3D
X-YouTube-Ad-Signals: dt=1675758353377&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C889%2C500&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 08:25:54 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 playback Show response
www.youtube.com/api/stats/ Frame ED34 0
18 B 74ms
74ms XHR
text/html 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=QRDPgVAl8MaIxeQ6&ver=2&cmt=0.028&fmt=134&fs=0&rt=0.713&euri=https%3A%2F%2Fwww.baldbrothersteam.com%2F&lact=259&cl=507324366&mos=1&volume=100&cbr=Chrome&cbrver=109.0.5414.119&c=WEB_EMBEDDED_PLAYER&cver=1.20230205.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&splay=1&hl=de_DE&cr=DE&len=517&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24255165%2C24415864%2C24439361%2C24441240%2C24450366%2C24451033%2C24454357%2C24457884%2C24463912%2C24469897&rtn=11&afmt=251&size=889%3A500&inview=0&muted=1&docid=E_R3TNh2dBQ&ei=EQviY-zJKY-QgAeS3p3oAw&plid=AAX0F-VnQshmE8as&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FE_R3TNh2dBQ%3Fcontrols%3D0%26rel%3D0%26playsinline%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fwww.baldbrothersteam.com%26widgetid%3D1&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBRlNkMkZ2WW05TmgwXzlsNy1RMl9NejlSLTRjSnJFeUo4a1lqTTlUR3EyZlBYdWtVUWJTQVBta0tESUE4TEt3UDNjWFNTWVpQSlhFQUtBYm0zT3IwRlItOHEyb1UzeWJSaHliMGRnRUQ5Mi1yY3pVMTcyTEotaENWdWhsNWUtS0czYzRXVzhoAQ

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/E_R3TNh2dBQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=1
X-YouTube-Client-Version: 1.20230205.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs4d2ZWMExseFY2ayiQloifBg%3D%3D
X-YouTube-Ad-Signals: dt=1675758353354&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C889%2C500&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 08:25:54 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking Show response
www.youtube.com/ Frame ED34 0
20 B 75ms
74ms XHR
text/html 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=E_R3TNh2dBQ&cpn=QRDPgVAl8MaIxeQ6&ei=EQviY-zJKY-QgAeS3p3oAw&ptk=youtube_none&pltype=contentugc

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/E_R3TNh2dBQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=1
X-YouTube-Client-Version: 1.20230205.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs4d2ZWMExseFY2ayiQloifBg%3D%3D
X-YouTube-Ad-Signals: dt=1675758353354&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C889%2C500&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 08:25:54 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame ED34 0
20 B 75ms
74ms XHR
text/html 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=135&afmt=251&cpn=QRDPgVAl8MaIxeQ6&el=embedded&ns=yt&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24255165%2C24415864%2C24439361%2C24441240%2C24450366%2C24451033%2C24454357%2C24457884%2C24463912%2C24469897&cl=507324366&seq=2&docid=E_R3TNh2dBQ&ei=EQviY-zJKY-QgAeS3p3oAw&event=streamingstats&plid=AAX0F-VnQshmE8as&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FE_R3TNh2dBQ%3Fcontrols%3D0%26rel%3D0%26playsinline%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fwww.baldbrothersteam.com%26widgetid%3D1&cbr=Chrome&cbrver=109.0.5414.119&c=WEB_EMBEDDED_PLAYER&cver=1.20230205.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&cat=otfp&user_intent=0&vfs=0.762:135:135:134:r&view=0.762:889:500&vps=0.762:S,0.762:S&bwm=0.762:242177:0.729&bwe=0.762:421947&bat=0.762:1:1&cmt=0.762:0.076&bh=0.762:3.100&df=0.762:0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/E_R3TNh2dBQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=1
X-YouTube-Client-Version: 1.20230205.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs4d2ZWMExseFY2ayiQloifBg%3D%3D
X-YouTube-Ad-Signals: dt=1675758353354&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C889%2C500&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 08:25:54 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 videoplayback Show response
rr3---sn-4g5lznek.googlevideo.com/ Frame ED34 472 KB
472 KB 443ms
443ms Fetch
video/mp4 2a00:1450:4001:14::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-4g5lznek.googlevideo.com/videoplayback?expire=1675779953&ei=EQviY-zJKY-QgAeS3p3oAw&ip=2a01%3A4a0%3A1338%3A92%3A%3A10&id=o-ABEEIh6suOWvj58kus2lYyhWnzWlgPSKsXdKeGN8_8QU&itag=135&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=iU&mm=31%2C26&mn=sn-4g5lznek%2Csn-h0jeenek&ms=au%2Conr&mv=u&mvi=3&pl=36&spc=H3gIhgqmqeXf_shiielpjYCnlDwEdu0&vprv=1&mime=video%2Fmp4&ns=G7y5YX4-dN6-JZyrRLh0BVkL&otf=1&otfp=1&dur=0.000&lmt=1646675595572427&mt=1675757988&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=zmDH-9AVksEV6Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAJ6B6ob3wpUDTGH2-gdk4Qgeo9Xr9iIuy1We8l0NqaN7AiAl2ve9ERNBc25AExZVsho7NWM_3-m95uYE1EmYznGbVw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhANj9muPNkKdC6oYML2hJj8OrjCe0AggiVR6qGzBd6iBfAiAYjV5GP9TTwOJMukffqpSSuMOPLUIripVBFh8mhbIAeA%3D%3D&alr=yes&cpn=QRDPgVAl8MaIxeQ6&cver=1.20230205.00.00&sq=2&rn=5&rbuf=5333&pot=D-dUl0dpSU_D52x1sRGoo_HORxG_wcxoiRU6h80T4KKb0PNyuTz34qeA7MiJy1JIgrb-DyuXIaGvXAZnFfMEVcZSCsYlW5SORf4FK4VIxVPlxK06I9vBqzQU8eedsh5Zj9PmQxo=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:14::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

aadeff585d6d4e5616a719f446de93ca17f709a1d0b57ad642ce2767875f8602

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Tue, 07 Feb 2023 08:25:54 GMT
date: Tue, 07 Feb 2023 08:25:54 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified: Fri, 13 Jan 2023 19:27:30 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

POST
H3 200 videoplayback Show response
rr2---sn-4g5edndr.googlevideo.com/ Frame 931C 66 KB
66 KB 40ms
40ms Fetch
audio/webm 2a00:1450:4001:24::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5edndr.googlevideo.com/videoplayback?expire=1675779953&ei=EQviY4CtKsPQgAexzIzgCw&ip=2a01%3A4a0%3A1338%3A92%3A%3A10&id=o-AESRPlY_u56Ia0-mazAK5T6RkAQe-WeBlmnlHcu7QGod&itag=251&source=youtube&requiressl=yes&mh=rS&mm=31%2C26&mn=sn-4g5edndr%2Csn-h0jelnes&ms=au%2Conr&mv=u&mvi=2&pl=36&spc=H3gIhl_n4hkOw0iDSU7cOoa3Oz2D2bw&vprv=1&mime=audio%2Fwebm&ns=U1nMMtBdHrWZd3M6Jw5ON0cL&gir=yes&clen=2504529&dur=165.821&lmt=1628192730108446&mt=1675757988&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=Fv--rQGBvbt8kQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIga4eT-UfEmVEb2D0RCAnGVozZm3DzvosFNYXAImu7sWcCIHIIgPIL5hSYq1dwd8m0DUm35GEEpMhwj9WccBjSELlY&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAKYhCfdnV6uD1x_KxihOE4IRqFm1Mej_hWOi4arxM_raAiEAqlSMiSJz_QDNLP1q_PVE3bt7NeV2JH7-6TEKhEBuuFg%3D&alr=yes&cpn=lXaZSL0NkabZmRSI&cver=1.20230205.00.00&range=66088-133992&rn=4&rbuf=4133&pot=Dy5NGAgZnbM7LnUKYbMGDvv_gEkDFq5pWbNy8FwaSCvu6bxtktPpYbOYbyN9kgcDPv_gG2wTRPmRLD5y51XnTw5uqEOoClqdXRHxAFHB2Ed-FFebOroe4XIxFB1jdwRvC4F6Mf8=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:24::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

56e94b19d1211d761ef8f762345bfe8d3bb92a1e8bf7086f944df1f620a17f6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

client-protocol: quic
date: Tue, 07 Feb 2023 08:25:54 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67905
last-modified: Thu, 05 Aug 2021 19:45:30 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Tue, 07 Feb 2023 08:25:54 GMT

POST
H3 200 videoplayback Show response
rr2---sn-4g5edndr.googlevideo.com/ Frame 931C 379 KB
379 KB 40ms
39ms Fetch
video/mp4 2a00:1450:4001:24::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:24::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

6b122a59ffce37b19cf4d7e10089c0be336deaa6b4a28bc0a6737c1f10978df1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

client-protocol: quic
date: Tue, 07 Feb 2023 08:25:54 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 388476
last-modified: Sun, 22 Jan 2023 03:02:50 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Tue, 07 Feb 2023 08:25:54 GMT

POST
H3 200 videoplayback Show response
rr2---sn-4g5edndr.googlevideo.com/ Frame 931C 137 KB
137 KB 40ms
40ms Fetch
audio/webm 2a00:1450:4001:24::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5edndr.googlevideo.com/videoplayback?expire=1675779953&ei=EQviY4CtKsPQgAexzIzgCw&ip=2a01%3A4a0%3A1338%3A92%3A%3A10&id=o-AESRPlY_u56Ia0-mazAK5T6RkAQe-WeBlmnlHcu7QGod&itag=251&source=youtube&requiressl=yes&mh=rS&mm=31%2C26&mn=sn-4g5edndr%2Csn-h0jelnes&ms=au%2Conr&mv=u&mvi=2&pl=36&spc=H3gIhl_n4hkOw0iDSU7cOoa3Oz2D2bw&vprv=1&mime=audio%2Fwebm&ns=U1nMMtBdHrWZd3M6Jw5ON0cL&gir=yes&clen=2504529&dur=165.821&lmt=1628192730108446&mt=1675757988&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=Fv--rQGBvbt8kQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIga4eT-UfEmVEb2D0RCAnGVozZm3DzvosFNYXAImu7sWcCIHIIgPIL5hSYq1dwd8m0DUm35GEEpMhwj9WccBjSELlY&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAKYhCfdnV6uD1x_KxihOE4IRqFm1Mej_hWOi4arxM_raAiEAqlSMiSJz_QDNLP1q_PVE3bt7NeV2JH7-6TEKhEBuuFg%3D&alr=yes&cpn=lXaZSL0NkabZmRSI&cver=1.20230205.00.00&range=133993-274111&rn=6&rbuf=8527&pot=Dy5NGAgZnbM7LnUKYbMGDvv_gEkDFq5pWbNy8FwaSCvu6bxtktPpYbOYbyN9kgcDPv_gG2wTRPmRLD5y51XnTw5uqEOoClqdXRHxAFHB2Ed-FFebOroe4XIxFB1jdwRvC4F6Mf8=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:24::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

b6ce46f08e22fef0d425f5a82b445aad0e82715211462b1acd3b1858ac2cbd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

client-protocol: quic
date: Tue, 07 Feb 2023 08:25:54 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 140119
last-modified: Thu, 05 Aug 2021 19:45:30 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Tue, 07 Feb 2023 08:25:54 GMT

POST
H3 200 videoplayback Show response
rr2---sn-4g5edndr.googlevideo.com/ Frame 931C 757 KB
757 KB 41ms
41ms Fetch
video/mp4 2a00:1450:4001:24::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:24::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

82cf57b98025ce6f245aef268ad0b6c3437e5926700d35f780497bc84cb558e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

client-protocol: quic
date: Tue, 07 Feb 2023 08:25:55 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 775500
last-modified: Sun, 22 Jan 2023 03:02:50 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21298
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Tue, 07 Feb 2023 08:25:55 GMT

POST
H3 200 videoplayback Show response
rr3---sn-4g5lznek.googlevideo.com/ Frame ED34 67 KB
67 KB 41ms
41ms Fetch
audio/webm 2a00:1450:4001:14::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-4g5lznek.googlevideo.com/videoplayback?expire=1675779953&ei=EQviY-zJKY-QgAeS3p3oAw&ip=2a01%3A4a0%3A1338%3A92%3A%3A10&id=o-ABEEIh6suOWvj58kus2lYyhWnzWlgPSKsXdKeGN8_8QU&itag=251&source=youtube&requiressl=yes&mh=iU&mm=31%2C26&mn=sn-4g5lznek%2Csn-h0jeenek&ms=au%2Conr&mv=u&mvi=3&pl=36&spc=H3gIhgqmqeXf_shiielpjYCnlDwEdu0&vprv=1&mime=audio%2Fwebm&ns=G7y5YX4-dN6-JZyrRLh0BVkL&gir=yes&clen=7833320&otfp=1&dur=516.641&lmt=1646675607444234&mt=1675757988&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=zmDH-9AVksEV6Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAP-lkb1uzW_e5hfLgXO09I6MHRK-HRxKdWvShKM1j3JZAiEAzwisydImvZG26S6YSxLmi3op8ddHmjgF7uMFe3SDY4M%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhANj9muPNkKdC6oYML2hJj8OrjCe0AggiVR6qGzBd6iBfAiAYjV5GP9TTwOJMukffqpSSuMOPLUIripVBFh8mhbIAeA%3D%3D&alr=yes&cpn=QRDPgVAl8MaIxeQ6&cver=1.20230205.00.00&range=66676-135407&rn=6&rbuf=4115&pot=D-dUl0dpSU_D52x1sRGoo_HORxG_wcxoiRU6h80T4KKb0PNyuTz34qeA7MiJy1JIgrb-DyuXIaGvXAZnFfMEVcZSCsYlW5SORf4FK4VIxVPlxK06I9vBqzQU8eedsh5Zj9PmQxo=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:14::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

00519eb817e6bb5fbac509edbe6b8f816dc896b9d26f3cf608bc3b8bf8022946

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

client-protocol: quic
date: Tue, 07 Feb 2023 08:25:55 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68732
last-modified: Mon, 07 Mar 2022 17:53:27 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21298
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Tue, 07 Feb 2023 08:25:55 GMT

POST
H3 200 videoplayback Show response
rr3---sn-4g5lznek.googlevideo.com/ Frame ED34 150 KB
150 KB 41ms
40ms Fetch
audio/webm 2a00:1450:4001:14::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-4g5lznek.googlevideo.com/videoplayback?expire=1675779953&ei=EQviY-zJKY-QgAeS3p3oAw&ip=2a01%3A4a0%3A1338%3A92%3A%3A10&id=o-ABEEIh6suOWvj58kus2lYyhWnzWlgPSKsXdKeGN8_8QU&itag=251&source=youtube&requiressl=yes&mh=iU&mm=31%2C26&mn=sn-4g5lznek%2Csn-h0jeenek&ms=au%2Conr&mv=u&mvi=3&pl=36&spc=H3gIhgqmqeXf_shiielpjYCnlDwEdu0&vprv=1&mime=audio%2Fwebm&ns=G7y5YX4-dN6-JZyrRLh0BVkL&gir=yes&clen=7833320&otfp=1&dur=516.641&lmt=1646675607444234&mt=1675757988&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=zmDH-9AVksEV6Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAP-lkb1uzW_e5hfLgXO09I6MHRK-HRxKdWvShKM1j3JZAiEAzwisydImvZG26S6YSxLmi3op8ddHmjgF7uMFe3SDY4M%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhANj9muPNkKdC6oYML2hJj8OrjCe0AggiVR6qGzBd6iBfAiAYjV5GP9TTwOJMukffqpSSuMOPLUIripVBFh8mhbIAeA%3D%3D&alr=yes&cpn=QRDPgVAl8MaIxeQ6&cver=1.20230205.00.00&range=135408-288525&rn=7&rbuf=9168&pot=D-dUl0dpSU_D52x1sRGoo_HORxG_wcxoiRU6h80T4KKb0PNyuTz34qeA7MiJy1JIgrb-DyuXIaGvXAZnFfMEVcZSCsYlW5SORf4FK4VIxVPlxK06I9vBqzQU8eedsh5Zj9PmQxo=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:14::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

1b6b314121f7459efae4008f18cda5d59293191be83575c5e126a1e8817b7742

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

client-protocol: quic
date: Tue, 07 Feb 2023 08:25:55 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 153118
last-modified: Mon, 07 Mar 2022 17:53:27 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21298
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Tue, 07 Feb 2023 08:25:55 GMT

POST
H3 200 videoplayback Show response
rr3---sn-4g5lznek.googlevideo.com/ Frame ED34 761 KB
761 KB 560ms
559ms Fetch
video/mp4 2a00:1450:4001:14::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-4g5lznek.googlevideo.com/videoplayback?expire=1675779953&ei=EQviY-zJKY-QgAeS3p3oAw&ip=2a01%3A4a0%3A1338%3A92%3A%3A10&id=o-ABEEIh6suOWvj58kus2lYyhWnzWlgPSKsXdKeGN8_8QU&itag=135&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=iU&mm=31%2C26&mn=sn-4g5lznek%2Csn-h0jeenek&ms=au%2Conr&mv=u&mvi=3&pl=36&spc=H3gIhgqmqeXf_shiielpjYCnlDwEdu0&vprv=1&mime=video%2Fmp4&ns=G7y5YX4-dN6-JZyrRLh0BVkL&otf=1&otfp=1&dur=0.000&lmt=1646675595572427&mt=1675757988&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=zmDH-9AVksEV6Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAJ6B6ob3wpUDTGH2-gdk4Qgeo9Xr9iIuy1We8l0NqaN7AiAl2ve9ERNBc25AExZVsho7NWM_3-m95uYE1EmYznGbVw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhANj9muPNkKdC6oYML2hJj8OrjCe0AggiVR6qGzBd6iBfAiAYjV5GP9TTwOJMukffqpSSuMOPLUIripVBFh8mhbIAeA%3D%3D&alr=yes&cpn=QRDPgVAl8MaIxeQ6&cver=1.20230205.00.00&sq=3&rn=8&rbuf=9809&pot=D-dUl0dpSU_D52x1sRGoo_HORxG_wcxoiRU6h80T4KKb0PNyuTz34qeA7MiJy1JIgrb-DyuXIaGvXAZnFfMEVcZSCsYlW5SORf4FK4VIxVPlxK06I9vBqzQU8eedsh5Zj9PmQxo=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:14::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

236124c0431c7015ab37ee02322e9b83347b6bc5e79a59667ac8141c1a4449a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Tue, 07 Feb 2023 08:25:55 GMT
date: Tue, 07 Feb 2023 08:25:55 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified: Fri, 13 Jan 2023 19:27:30 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21298
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/8/intl/de_ALL/ 271 KB
76 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/8/intl/de_ALL/common.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89f4bfb243c64700034205f9f502828188a1d79af038797e4ea5eb8a58501883

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:41:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77338
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 18:44:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Feb 2024 18:41:06 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/8/intl/de_ALL/ 159 KB
58 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/8/intl/de_ALL/util.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4075b8fb3933f638735fc6d574639bc1aa950fe9dee5f9c5e35e6d085086026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baldbrothersteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:41:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59703
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 18:44:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Feb 2024 18:41:06 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame ED34 28 B
55 B 83ms
79ms XHR
application/json 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
X-Goog-Request-Time: 1675758355785
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/E_R3TNh2dBQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=1
X-YouTube-Client-Version: 1.20230205.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs4d2ZWMExseFY2ayiQloifBg%3D%3D
X-YouTube-Ad-Signals: dt=1675758353198&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C889%2C500&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 07 Feb 2023 08:25:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Tue, 07 Feb 2023 08:25:55 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 931C 28 B
56 B 81ms
78ms XHR
application/json 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
X-Goog-Request-Time: 1675758355890
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/1P1H4eQgXjU?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.baldbrothersteam.com&widgetid=3
X-YouTube-Client-Version: 1.20230205.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs4d2ZWMExseFY2ayiQloifBg%3D%3D
X-YouTube-Ad-Signals: dt=1675758353192&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C889%2C500&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 07 Feb 2023 08:25:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Tue, 07 Feb 2023 08:25:55 GMT

POST
H3 200 videoplayback
rr3---sn-4g5lznek.googlevideo.com/ Frame ED34 504 KB
0 65ms
64ms Fetch
video/mp4 2a00:1450:4001:14::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-4g5lznek.googlevideo.com/videoplayback?expire=1675779953&ei=EQviY-zJKY-QgAeS3p3oAw&ip=2a01%3A4a0%3A1338%3A92%3A%3A10&id=o-ABEEIh6suOWvj58kus2lYyhWnzWlgPSKsXdKeGN8_8QU&itag=135&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=iU&mm=31%2C26&mn=sn-4g5lznek%2Csn-h0jeenek&ms=au%2Conr&mv=u&mvi=3&pl=36&spc=H3gIhgqmqeXf_shiielpjYCnlDwEdu0&vprv=1&mime=video%2Fmp4&ns=G7y5YX4-dN6-JZyrRLh0BVkL&otf=1&otfp=1&dur=0.000&lmt=1646675595572427&mt=1675757988&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=zmDH-9AVksEV6Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAJ6B6ob3wpUDTGH2-gdk4Qgeo9Xr9iIuy1We8l0NqaN7AiAl2ve9ERNBc25AExZVsho7NWM_3-m95uYE1EmYznGbVw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhANj9muPNkKdC6oYML2hJj8OrjCe0AggiVR6qGzBd6iBfAiAYjV5GP9TTwOJMukffqpSSuMOPLUIripVBFh8mhbIAeA%3D%3D&alr=yes&cpn=QRDPgVAl8MaIxeQ6&cver=1.20230205.00.00&sq=4&rn=9&rbuf=12909&pot=D-dUl0dpSU_D52x1sRGoo_HORxG_wcxoiRU6h80T4KKb0PNyuTz34qeA7MiJy1JIgrb-DyuXIaGvXAZnFfMEVcZSCsYlW5SORf4FK4VIxVPlxK06I9vBqzQU8eedsh5Zj9PmQxo=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f565d246/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:14::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

client-protocol: quic
date: Tue, 07 Feb 2023 08:25:57 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 889831
last-modified: Fri, 13 Jan 2023 19:27:33 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21296
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Tue, 07 Feb 2023 08:25:57 GMT

POST atr
www.youtube.com/api/stats/ Frame ED34 0
0

POST qoe
www.youtube.com/api/stats/ Frame ED34 0
0

GET watchtime
www.youtube.com/api/stats/ Frame ED34 0
0

POST atr
www.youtube.com/api/stats/ Frame 931C 0
0

POST qoe
www.youtube.com/api/stats/ Frame 931C 0
0

GET watchtime
www.youtube.com/api/stats/ Frame 931C 0
0

GET
H2 403 /
www.baldbrothersteam.com/ 0
0 2608ms
2608ms Document
text/html 208.113.171.199
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baldbrothersteam.com/?clickcease=block
Requested by: Host: www.baldbrothersteam.com
URL: https://www.baldbrothersteam.com/wp-content/cache/wpfc-minified/qsz61zwf/btl2j.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.171.199 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-argon.sussex.dreamhost.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www.baldbrothersteam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 07 Feb 2023 08:25:58 GMT
server: Apache
vary: User-Agent

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 47ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-X53CNQ4PJW&gtm=45je3210&_p=397824269&cid=311170732.1675758351&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1675758351&sct=1&seg=0&dl=https%3A%2F%2Fwww.baldbrothersteam.com%2F&dt=Real%20Estate%20Selling%20Agent%20-%20Orange%20County%20Realtor%20%7C%20Bald%20Brothers%20Team&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X53CNQ4PJW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.baldbrothersteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 08:25:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.baldbrothersteam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 48ms
48ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KZGX6E8134&gtm=45je3210&_p=397824269&cid=311170732.1675758351&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1675758351&sct=1&seg=0&dl=https%3A%2F%2Fwww.baldbrothersteam.com%2F&dt=Real%20Estate%20Selling%20Agent%20-%20Orange%20County%20Realtor%20%7C%20Bald%20Brothers%20Team&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KZGX6E8134&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.baldbrothersteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 08:25:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.baldbrothersteam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST collect
region1.google-analytics.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/tr/

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=QRDPgVAl8MaIxeQ6&ver=2&cmt=3.59&fmt=135&fs=0&rt=4.273&euri=https%3A%2F%2Fwww.baldbrothersteam.com%2F&lact=3819&cl=507324366&mos=1&volume=100&cbr=Chrome&cbrver=109.0.5414.119&c=WEB_EMBEDDED_PLAYER&cver=1.20230205.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&splay=1&hl=de_DE&cr=DE&len=517&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24255165%2C24415864%2C24439361%2C24441240%2C24450366%2C24451033%2C24454357%2C24457884%2C24463912%2C24469897&afmt=251&muted=1&docid=E_R3TNh2dBQ&ei=EQviY-zJKY-QgAeS3p3oAw&plid=AAX0F-VnQshmE8as&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FE_R3TNh2dBQ%3Fcontrols%3D0%26rel%3D0%26playsinline%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fwww.baldbrothersteam.com%26widgetid%3D1&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBRlNkMkZ2WW05TmgwXzlsNy1RMl9NejlSLTRjSnJFeUo4a1lqTTlUR3EyZlBYdWtVUWJTQVBta0tESUE4TEt3UDNjWFNTWVpQSlhFQUtBYm0zT3IwRlItOHEyb1UzeWJSaHliMGRnRUQ5Mi1yY3pVMTcyTEotaENWdWhsNWUtS0czYzRXVzhoAQ

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/qoe?fmt=135&afmt=251&cpn=QRDPgVAl8MaIxeQ6&el=embedded&ns=yt&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24255165%2C24415864%2C24439361%2C24441240%2C24450366%2C24451033%2C24454357%2C24457884%2C24463912%2C24469897&cl=507324366&seq=3&docid=E_R3TNh2dBQ&ei=EQviY-zJKY-QgAeS3p3oAw&event=streamingstats&plid=AAX0F-VnQshmE8as&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FE_R3TNh2dBQ%3Fcontrols%3D0%26rel%3D0%26playsinline%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fwww.baldbrothersteam.com%26widgetid%3D1&cbr=Chrome&cbrver=109.0.5414.119&c=WEB_EMBEDDED_PLAYER&cver=1.20230205.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&bh=0.855:4.090,4.275:12.643&cmt=0.855:0.171,1.605:0.922,4.275:3.590&vps=0.855:PL,4.275:N&bwm=4.275:1958469:1.974&bwe=4.275:1255768&bat=4.275:1:1

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=QRDPgVAl8MaIxeQ6&ver=2&cmt=3.59&fmt=135&fs=0&rt=4.276&euri=https%3A%2F%2Fwww.baldbrothersteam.com%2F&lact=3823&cl=507324366&state=paused&volume=100%2C100&cbr=Chrome&cbrver=109.0.5414.119&c=WEB_EMBEDDED_PLAYER&cver=1.20230205.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&final=1&splay=1&hl=de_DE&cr=DE&len=517&afmt=251&idpj=0&ldpj=-29&rti=11&size=889%3A500&inview=0&st=0%2C0.138&et=0.028%2C3.59&muted=1%2C1&docid=E_R3TNh2dBQ&ei=EQviY-zJKY-QgAeS3p3oAw&plid=AAX0F-VnQshmE8as&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FE_R3TNh2dBQ%3Fcontrols%3D0%26rel%3D0%26playsinline%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fwww.baldbrothersteam.com%26widgetid%3D1&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBRlNkMkZ2WW05TmgwXzlsNy1RMl9NejlSLTRjSnJFeUo4a1lqTTlUR3EyZlBYdWtVUWJTQVBta0tESUE4TEt3UDNjWFNTWVpQSlhFQUtBYm0zT3IwRlItOHEyb1UzeWJSaHliMGRnRUQ5Mi1yY3pVMTcyTEotaENWdWhsNWUtS0czYzRXVzhoAQ

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=lXaZSL0NkabZmRSI&ver=2&cmt=3.628&fmt=134&fs=0&rt=4.297&euri=https%3A%2F%2Fwww.baldbrothersteam.com%2F&lact=3857&cl=507324366&mos=1&volume=100&cbr=Chrome&cbrver=109.0.5414.119&c=WEB_EMBEDDED_PLAYER&cver=1.20230205.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&splay=1&hl=de_DE&cr=DE&len=165.832&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24255165%2C24415864%2C24439361%2C24441240%2C24450366%2C24451033%2C24454357%2C24457884%2C24463912%2C24469897&afmt=251&muted=1&docid=1P1H4eQgXjU&ei=EQviY4CtKsPQgAexzIzgCw&plid=AAX0F-VnMzk4Jv-d&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F1P1H4eQgXjU%3Fcontrols%3D0%26rel%3D0%26playsinline%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fwww.baldbrothersteam.com%26widgetid%3D3&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBRlNkMkZ2ZGpqdGJ5V3p1NDZVV2s5SFcyWlJoaFM2RGFMaE91N09BM3VmNjdHdlE1Z2JTQVBta0tESUN0T1VQWFU1QlpGN3hSVG9zZzVsejFEUjlIMkwxQW5TMjNUSjgxRFc2Rzh2WEU1TjRmS2FEcGdpeHFTbmlybDBhWGx0dFJaOGd4SUVoAQ

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/qoe?fmt=134&afmt=251&cpn=lXaZSL0NkabZmRSI&el=embedded&ns=yt&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24255165%2C24415864%2C24439361%2C24441240%2C24450366%2C24451033%2C24454357%2C24457884%2C24463912%2C24469897&cl=507324366&seq=2&docid=1P1H4eQgXjU&ei=EQviY4CtKsPQgAexzIzgCw&event=streamingstats&plid=AAX0F-VnMzk4Jv-d&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F1P1H4eQgXjU%3Fcontrols%3D0%26rel%3D0%26playsinline%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fwww.baldbrothersteam.com%26widgetid%3D3&cbr=Chrome&cbrver=109.0.5414.119&c=WEB_EMBEDDED_PLAYER&cver=1.20230205.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&user_intent=0&bh=0.840:4.132,4.299:14.524&cmt=0.840:0.169,1.590:0.920,4.299:3.628&vps=0.840:PL,4.299:N&bwm=4.299:1775223:1.403&bwe=4.299:833313&bat=4.299:1:1&df=4.299:0

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=lXaZSL0NkabZmRSI&ver=2&cmt=3.628&fmt=134&fs=0&rt=4.302&euri=https%3A%2F%2Fwww.baldbrothersteam.com%2F&lact=3861&cl=507324366&state=paused&volume=100%2C100&cbr=Chrome&cbrver=109.0.5414.119&c=WEB_EMBEDDED_PLAYER&cver=1.20230205.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&final=1&splay=1&hl=de_DE&cr=DE&len=165.832&afmt=251&idpj=-5&ldpj=-8&rti=6&size=889%3A500&inview=0&st=0%2C0.119&et=0.017%2C3.628&muted=1%2C1&docid=1P1H4eQgXjU&ei=EQviY4CtKsPQgAexzIzgCw&plid=AAX0F-VnMzk4Jv-d&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F1P1H4eQgXjU%3Fcontrols%3D0%26rel%3D0%26playsinline%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fwww.baldbrothersteam.com%26widgetid%3D3&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBRlNkMkZ2ZGpqdGJ5V3p1NDZVV2s5SFcyWlJoaFM2RGFMaE91N09BM3VmNjdHdlE1Z2JTQVBta0tESUN0T1VQWFU1QlpGN3hSVG9zZzVsejFEUjlIMkwxQW5TMjNUSjgxRFc2Rzh2WEU1TjRmS2FEcGdpeHFTbmlybDBhWGx0dFJaOGd4SUVoAQ

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-X53CNQ4PJW&gtm=45je3210&_p=397824269&cid=311170732.1675758351&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1675758351&sct=1&seg=0&dl=https%3A%2F%2Fwww.baldbrothersteam.com%2F&dt=&en=user_engagement&_et=6273

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KZGX6E8134&gtm=45je3210&_p=397824269&cid=311170732.1675758351&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1675758351&sct=1&seg=0&dl=https%3A%2F%2Fwww.baldbrothersteam.com%2F&dt=&en=user_engagement&_et=6271

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 13:48:30	Name: _GRECAPTCHA Value: 09AO3N79ffz9i86IGuxA-KAeYG0o3C8pxfAcDk41SbWmwEhzLFzLmSv5HMJ_WDd5Xmzf3Kg9nsN1kkdEQ2P98envg
.baldbrothersteam.com/	1970-01-20 11:40:42	Name: _cq_duid Value: 1.1675758349.XSrfGI29ilU4XlKM
.baldbrothersteam.com/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1675758349.BUCh9a2J4PbQulAA
.idxhome.com/	1970-01-20 09:29:20	Name: __cf_bm Value: NJj.JJHkZutyqijc2wDMkdt.eQTWYM7vaGXSpBh3ohc-1675758350-0-ASN0smrEH/ZcrJWxrOrNLyIaSm9d50S5Lo3OLf0Fe+rHZgIW60sgtX0Xp2jSkFSFTXduwbqUH/CSxhKyI+Ihz6U=
sok.soapfighters.com/	1970-01-20 17:33:08	Name: cg_uuid Value: 4b567654976355fc1851f86c0e8eea67
.baldbrothersteam.com/	1970-01-20 11:38:54	Name: _gcl_au Value: 1.1.817156228.1675758351
.baldbrothersteam.com/	1970-01-20 19:05:18	Name: _ga Value: GA1.2.311170732.1675758351
.baldbrothersteam.com/	1970-01-20 09:30:44	Name: _gid Value: GA1.2.1769837500.1675758351
.baldbrothersteam.com/	1970-01-20 09:29:18	Name: _gat_UA-221730601-1 Value: 1
.baldbrothersteam.com/	1970-01-20 09:29:18	Name: _gat_UA-179266164-2 Value: 1
.baldbrothersteam.com/	1970-01-20 11:38:54	Name: _fbp Value: fb.1.1675758351594.1640886479
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: V6dIwn1qZog
.youtube.com/	1970-01-20 13:48:30	Name: DEVICE_INFO Value: ChxOekU1TnpNeU56TXhPVGd6TVRZMk9UY3hOUT09EJCWiJ8GGJCWiJ8G
.youtube.com/	1970-01-20 13:48:30	Name: VISITOR_INFO1_LIVE Value: 8wfV0LlxV6k
.baldbrothersteam.com/	1970-01-20 19:05:18	Name: _ga_X53CNQ4PJW Value: GS1.1.1675758351.1.0.1675758354.0.0.0
.baldbrothersteam.com/	1970-01-20 19:05:18	Name: _ga_KZGX6E8134 Value: GS1.1.1675758351.1.0.1675758354.0.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.youtube.com/s/player/f565d246/www-widgetapi.vflset/www-widgetapi.js(Line 1117) Message: Unrecognized feature: 'web-share'.
network	error	URL: https://www.baldbrothersteam.com/?clickcease=block Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
maps.googleapis.com
region1.google-analytics.com
rr2---sn-4g5edndr.googlevideo.com
rr3---sn-4g5lznek.googlevideo.com
sok.soapfighters.com
static.doubleclick.net
www.baldbrothersteam.com
www.clickcease.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.idxhome.com
www.youtube.com
yt3.ggpht.com
region1.google-analytics.com
www.facebook.com
www.youtube.com
142.250.74.194
2001:4860:4802:32::36
208.113.171.199
2600:9000:223e:a600:15:a0d3:77c0:93a1
2606:4700::6812:414
2a00:1450:4001:14::8
2a00:1450:4001:24::7
2a00:1450:4001:800::2003
2a00:1450:4001:801::2016
2a00:1450:4001:802::2003
2a00:1450:4001:803::2004
2a00:1450:4001:808::2002
2a00:1450:4001:808::2006
2a00:1450:4001:811::2001
2a00:1450:4001:813::200a
2a00:1450:4001:829::200e
2a00:1450:4001:830::200a
2a00:1450:400d:805::200e
2a00:1450:400d:808::200a
2a00:1450:400d:80a::2003
2a00:1450:400d:80d::2008
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d018:56f:b800:f42c:e894:1fb0:3740
00519eb817e6bb5fbac509edbe6b8f816dc896b9d26f3cf608bc3b8bf8022946
040ce3f7b3541e1980bc881afe70e8a48f74b5f6cb4bbd3b3fab17d071c2409d
05e595d04617775432bfe04c52269e1f4621887353aa45db7732e52bcecf2b89
0e4fd88a355808541c1a43f9e30b89cd909c2fe35d9e30953dbc40d544496c36
122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade
138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47
142baf626c3675b31a8f6f25b89b5b3bfb94a16f62d5ffb6782dd5f3f689e249
18aa1b4e0a479b963970ecbd037b67a321ac7b4ba1f48413650ba75a49bb8bba
1973d447056680a7a9d5c8996939d607cd44bc99073935a391e103ab979f4629
1a673864a4a63ac4d82960b1e144d697c967a6ecb4b1cbbcb56e93cf00506e7e
1b6b314121f7459efae4008f18cda5d59293191be83575c5e126a1e8817b7742
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bb96ddce92b3bbd37cbd4d7a650b3d9ba9d687cb50a87afdb728cbbc840c557
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
1c23bcfdcea811a7a5679c45d668f308a301c4478634d49b9d6e48f20104d3d9
1fda19582ba45715c312a754379be85402e87ea4d9ae069b770dc7bc7871b82c
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
22218b3b43883202bc6afb5802f2ec83be632303d22d22842c3d05c02bddfe72
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
236124c0431c7015ab37ee02322e9b83347b6bc5e79a59667ac8141c1a4449a4
2457851c744cac5ef83b9485017d9d17242906f10f90071b8706b7c850e26343
246e8a666e6f6d74a4be8139504fc5c7ebec31e624c1fa6c884286fc34e512d7
2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c
27adb7ebda7e4de3331e2dc6d4c03b9de866dcf4ca9401f04127f04ff57c568e
29ef27a4fcdff070ed124839a5f1b44fbbc5085a82acf6ae13abf425facd8633
2a50a85396df0a68aab6b74019149d81f362976f340b926a94e013d07297d63d
2b80c57b1f6b508eba9f024bc1324b75d8e71f845f4432f4e84c397e08f29ad5
2c164e5b80ff786ddf570d7ddcb52c26223493ce521f19bb43cf208a88b5cb37
2c6e278cbe0f5dc68432fe9adcf6be37c453760d1094f7e90ee230b522738fd9
2eee0d22a503968d268d4920c9951c3f670f5ba6a783cf776bbafa7596de731b
30f6263399598f47b423b73fa2867016be90fe5292e3605f979a149513fb114c
327c2888147b8cb0d23491c03c0b10be98ce858363da08015c59332d32d1b265
36a24549832c0c31e8ae76ebde3f2c3c175035eaf94c330f2ae0f30d4a1102e1
39a0f8205f318cfc8a89b4351e56b6d01eb3a6fe7ae961328edba1eaa2e5843c
3c8fc5c40f95a6852b43a8eb5914ec248ce3fd4fd00ba72fb46abdd0b1006872
3cf03a6e87ef95d866c4715da2c9845b52c3569d7a1ac20935027fc017a430ac
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e973adb9daf872aeaa62c6360e32766a9acfb0b7e75afb39e4bf218df6f0b30
41d63accfc9f380c7d6a919e1226654789ec97d2b9f9f4c4d6bb3146b3faf8b1
4276020d6f31a5d3116fde82520418b99a39cf1fc04d578b8eecab57894126a1
43a4dab324ec03c22ab2186d1f95aff280ca9e5faeae1f37121e94b49c8169c4
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
445d43832186ac7fdd50975d22e3e31509246bd21ef02c23b410cfe672f0e326
46c4b188ec6213361b2dc33c6ce0e35c97a9ec5296e0002497b23ac6901c1eae
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4ba966c9733f7c94c997c2c7bdb310f64ec2daa7713a12a1c014b50b0faabaa5
4f47e8ffd518d2ce60f684ab704b5816ad680d39d3edb439b00a274f9c0c803b
4f9687af855e3702920c9feedcf07596807bf43bcd8de0b543ffee66f98e1a22
50bfa47f6353952d544a75bfa65803203a704b8294992e6bc4ef178fac061ebc
52a9b8e1f17be848dd306a56b0103e9322d5ba2683982a9777c7a4fa59f9e393
551a4384fa041c9ad8bbbd6d8b78a143353caf11899b4738ad05f52a09b5e9c8
56e94b19d1211d761ef8f762345bfe8d3bb92a1e8bf7086f944df1f620a17f6f
57a45007f24b920e1cb59467217fd99f6b7aca9806c31fd2fbdf8ba38df471b4
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59959be4c379e09737eb18d489e29c38674f614e8ceb5b25dbc1624e3fc3ae72
59c3d3d0b50f56b9760ee59d09fdb21949b917015026542d88d9c22a070fc8d8
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b63d1c697bca22f0efe1b275f7529de0e633ae3247967808d032a80ee000ef8
5dfdf00359b7743919a732ae8eb80536ff206faaf16a99fcdd3f967aca1f81e7
5e9fd229042a9ccc8f39057ee1afcb98f3424850234bd5c65328a68b5e9bc328
6033466ec95dba3bc0b7c0d677a0af0ae3d8e4dca34e30077b8517aa4c783a84
64cabd30fbeb82d8428e3b921dddd75feb00d2ceccd9cd748d6b58614c25eef6
64e4e1ceada4f7544f6f355e0530bed4ed781b0a03eb40a795d1495b8ed8abf6
6641a57633c3302cdb8acd8b234b42a51f53350ca77fae0a41813b04e3258068
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68078dbf058744e2b3ddd8bdec800f2b8574ff94f553fbeb2f05ee4e698eb138
6a54fed4ecca4cf0cf6474832d62887a9f14ff29c5760045ff22c831c02220b9
6a815e77508f3425ba2b66cd03df33bb02325fed6720996b73ff8e81c4c81317
6b122a59ffce37b19cf4d7e10089c0be336deaa6b4a28bc0a6737c1f10978df1
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f
6f92407f0eb2342db49e87280703491e0297c4a0ac0d3c141531da6627672464
7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9
7155434ad7fc58d825d677c704b1e5976d3257f0231c005cf786555f675488dc
71f94e3e6eedf3ec23750c080cf2cacf7b53a09001d5cdabf4bc7ff2af688fef
780e93a972826c21607437f3f44cb95c6204dda8634ecea9ba83c71dd80aad4f
78b338d9e8c48dc6b9c36d04a910ccc7196b917d193c51e0ebaab7367e148405
7bad19c348b3ebd1ba0f529b543bf2e45c6b3fe7c9f713271408629411d5667e
80942b37a26ee7d9e5068de8d9e03b4ce13d1deb8fca27a27a230e0e9802ac90
827e81a54c53552b9992fa91b861ccfb9082ed1fc29c9032f146681b77a0b5d7
82cf57b98025ce6f245aef268ad0b6c3437e5926700d35f780497bc84cb558e8
8348dbfa7e99150a9ea5a221a518b484ee0a9f4f4caa2ab5d1c54be10a6d47f3
85a73662a42de059fbf6d2100463f0514a948c3b7158f6078efb44977539b803
89063c896f3ff978cbecd97312879f288e207d519781425f0d7f9dd203dff653
89f4bfb243c64700034205f9f502828188a1d79af038797e4ea5eb8a58501883
8b3425abeb13109a8955fe1d7db7201f8cfa62dcbd9edc861de652d5dd9deffd
8b342b2ec464f4a498c8e08fab9a022ddefc56268aafe49c25cc53b3a733617f
8f5b45df72d3deb51fe4da3bdb04c1b045a7056875acd482bda8232cfc2420a5
8fbb787860a1d27d7d81daa24f190cd7e292bd97e2c1623729d8eafe8dd725c1
8fe8caef39e29c27a6fafdde324939896ca0fcf01386d66aff6293cf85bdf0f8
906fd77500d6ba9a3be43c86f8a599071174cd07747ee44809e4f112b0aac149
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
95395038f5ad23a63a9745cded97fe319f8c36b1acfe92cafff16e0239a3fd89
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9945505d874dba655dbc8a6c6f939b50549b70efacbfdf757e74f1c49fd64e00
9956843e6bcd1ca47a15a97ccabeb09d5255c051829af54ad6d3c14bbc096fa2
9c7bdaa320fc6f4abaee7219bbe1565e7f2c337aea4415d0dfed6504edebf8c8
9e41b24e1fff034551f5e729213e3ff221eefd7e285c16c5d9480f10676f3f05
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a2fc7779923ce259b5a07891f1541765634fdc4c4aedc1e08f6a5ca9d611644d
aadeff585d6d4e5616a719f446de93ca17f709a1d0b57ad642ce2767875f8602
ab3426e035a4ecbad44e1352a8f7433d0dba2f1a5b72382e2af9eb00a17a798c
abd72e66e9a1041cf3b37b5ab7a263455d80a16c5c8a63e03d3991ebf38e88a8
ae6ec1c905b311cd42bb5da617e9d5e1e9424d10ae0eee8e8b7d718bd67705b2
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
b2e084b53ae09201c31f66b4167ab5fe81e1aacac7ca84b2cdf4d07e7ef1f11d
b6ce46f08e22fef0d425f5a82b445aad0e82715211462b1acd3b1858ac2cbd45
b7cdd02fc9786ea1bfd360a2f140c266d3800447ee65288c4347e73945c7a757
b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe
bbf782b4e5e12944b3b77e42b04e6bf9ea844c873a74d884d95e9dec98e18d58
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c21d2ff524af9de8a72aecc77513c2292440202626f25186b3a80bf02715e3bf
c2c832e463ca874ae1200f7481d1953db126d87a941c15599cd4fa4b14969e73
c33a2ad0fef0daa2f345c26c177d7dcba1bd3a2964de7539099f2d9d8f538c52
c4075b8fb3933f638735fc6d574639bc1aa950fe9dee5f9c5e35e6d085086026
c4fecf173f9890849500e92a40afb5c020f43f4249d3078cb13c59f1846d4a86
c785098fc813e82b53e7f3d9481dac324593ee84f738d62f621788fd597f91bd
c9f68ca79738d2e129e903c52e0a4620c3dc8169152c8542a3a98feba387f959
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651
cb2946e07097db6564ba30abf4f363c76e6fa24f034a2b1890afe60c4a554766
cba06605f6eeb5eada7557007f1e454230745e6b65e040b4c54786e3d91e34f3
cf59775628088421391ebb62e332070e8d1342a36b115c6c2f11087602dbcef7
cfd288965d907162269e027312c7f64a05c1c4c360103c60c3daef3fe9298736
d28abbe0baf711b60ef8baf47792df1f5de8578e2c704ceb15c667adaae86e85
d3de9b827d931f88f7923f1de96368146aadcab2d887035ff0f72210a2953669
d5e240f7c6fb4ec47055511df3f4e5ee885c4fa0197ea9c0b6cd28ab2d073a18
d7a55b704c44e6091f3fb9c44aa149233bc90f461cf4ebd4bd955421e4671ffd
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
d8dac0a0d52b36515112fb24842dd4ef7e17e59a3ad13a40003c6a0096b53064
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
dacfd6e3a4dba21c4477b41192719929ba989ad0536d681c31ec69d6aa336216
db8a76fcafa695cb71c9b7f8ae64a8871f1d633b7f1308412a2efafbc390160b
dca573f6831bcc39828ef0c435568a4ff0980edefdfbcf52e15ff8566befb529
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4273399cc0bc22e58b35f9f79fdf2705a39ddf4ad918ce852f2624e271d8248
e670fdcaf8cd467a9a1a67e9a5c1f73288089f59dc08031b118dc26fbd233c80
ee9388aac5b2856b642922b03bbcbef9d3f1e9313e3ab97c02118fec4487dd95
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49
f2bb6dbd89627beba9f65c46438bb65d13e020cdbb8a5996862ba8ac2b505cfe
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f3b3563c59dfbf9f931fb6cbae63f743d55af86771e51f49c575a6739079b3ce
f67cb05800e77abc7f6096b37cf3b432ce7520e8619965458529f2fc48d150f5
f6fac4d4f8f02c792baf2cf642175684434650a99a27ec16612186213751ce34
fce14f87a91f1fa62afb323b7cb34b11c3b76f6c7fcfab86ae00c4dbfedb6eef
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

www.baldbrothersteam.com Open in urlscan Pro 208.113.171.199 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

195 Requests

94 %HTTPS

92 %IPv6

18 Domains

24 Subdomains

24 IPs

3 Countries

11316 kBTransfer

24186 kBSize

16 Cookies

0 Outgoing links

Redirected requests

195 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.baldbrothersteam.com Open in urlscan Pro
208.113.171.199 Public Scan

Screenshot
Live screenshot

Full Image

195
Requests

94 %
HTTPS

92 %
IPv6

18
Domains

24
Subdomains

24
IPs

3
Countries

11316 kB
Transfer

24186 kB
Size

16
Cookies

195 HTTP transactions
2 data transactions