urlscan.io logo urlscan.io
SecurityTrails logo

bestwin-for-u.life Open in urlscan Pro
141.94.212.230  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.windsorrsl.com.au/
Effective URL: https://bestwin-for-u.life/?u=4dkpaew&o=81yk607&cid=v4k8l981g5fr
Submission: On October 22 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 12 domains to perform 114 HTTP transactions. The main IP is 141.94.212.230, located in and belongs to . The main domain is bestwin-for-u.life.
TLS certificate: Issued by R3 on October 10th 2022. Valid for: 3 months.
This is the only time bestwin-for-u.life was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 35 35.189.21.116 15169 (GOOGLE)
4 8 104.16.123.175 13335 (CLOUDFLAR...)
2 172.217.194.95 15169 (GOOGLE)
7 74.125.68.106 15169 (GOOGLE)
1 2 62.233.50.75 57523 (CHANGWAY-AS)
16 74.125.200.93 15169 (GOOGLE)
8 74.125.24.94 15169 (GOOGLE)
9 172.253.118.94 15169 (GOOGLE)
2 141.94.212.230 ()
1 2 74.125.24.155 15169 (GOOGLE)
1 142.250.4.149 15169 (GOOGLE)
4 74.125.200.95 15169 (GOOGLE)
2 74.125.200.132 15169 (GOOGLE)
11 173.194.28.72 15169 (GOOGLE)
114 15
35    35.189.21.116 (Sydney, Australia)

ASN15169 (GOOGLE, US)
PTR: 116.21.189.35.bc.googleusercontent.com
www.windsorrsl.com.au
windsorrsl.com.au
8    104.16.123.175 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    172.217.194.95 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f95.1e100.net
fonts.googleapis.com
7    74.125.68.106 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f106.1e100.net
www.google.com
2    62.233.50.75 (Russian Federation)

ASN57523 (CHANGWAY-AS, HK)
jquery0.com
16    74.125.200.93 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f93.1e100.net
www.youtube.com
8    74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net
fonts.gstatic.com
9    172.253.118.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f94.1e100.net
www.gstatic.com
2    141.94.212.230 (None, )

ASN- ()
bestwin-for-u.life
2    74.125.24.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net
googleads.g.doubleclick.net
1    142.250.4.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f149.1e100.net
static.doubleclick.net
4    74.125.200.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f95.1e100.net
jnn-pa.googleapis.com
2    74.125.200.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f132.1e100.net
yt3.ggpht.com
11    173.194.28.72 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s18-in-f8.1e100.net
rr3---sn-ntq7yner.googlevideo.com
Apex Domain
Subdomains		 Transfer
35 windsorrsl.com.au
www.windsorrsl.com.au
windsorrsl.com.au
1 MB
17 gstatic.com
fonts.gstatic.com
www.gstatic.com
657 KB
16 youtube.com
www.youtube.com — Cisco Umbrella Rank: 96
813 KB
11 googlevideo.com
rr3---sn-ntq7yner.googlevideo.com
2 MB
8 unpkg.com
unpkg.com — Cisco Umbrella Rank: 801
114 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 2
89 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
jnn-pa.googleapis.com — Cisco Umbrella Rank: 276
33 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
static.doubleclick.net — Cisco Umbrella Rank: 323
1 KB
2 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 231
5 KB
2 bestwin-for-u.life
bestwin-for-u.life
89 KB
2 jquery0.com
jquery0.com
31 KB
0 misstarbone.live Failed
2219.misstarbone.live Failed
114 12
Domain Requested by
33 windsorrsl.com.au windsorrsl.com.au
16 www.youtube.com windsorrsl.com.au
www.youtube.com
11 rr3---sn-ntq7yner.googlevideo.com www.youtube.com
9 www.gstatic.com www.google.com
www.gstatic.com
8 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
www.google.com
8 unpkg.com 4 redirects windsorrsl.com.au
7 www.google.com windsorrsl.com.au
www.gstatic.com
www.youtube.com
www.google.com
4 jnn-pa.googleapis.com www.youtube.com
2 yt3.ggpht.com www.youtube.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 bestwin-for-u.life jquery0.com
bestwin-for-u.life
2 jquery0.com 1 redirects windsorrsl.com.au
jquery0.com
2 fonts.googleapis.com windsorrsl.com.au
2 www.windsorrsl.com.au 2 redirects
1 static.doubleclick.net www.youtube.com
0 2219.misstarbone.live Failed bestwin-for-u.life
114 16

This site contains no links.

Subject Issuer Validity Valid
windsorrsl.com.au
R3		 2022-08-16 -
2022-11-14		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
jquery0.com
R3		 2022-09-07 -
2022-12-06		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
bestwin-for-u.life
R3		 2022-10-10 -
2023-01-08		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2022-09-27 -
2022-12-06		 2 months crt.sh

This page contains 6 frames:

Frame: https://2219.misstarbone.live/fabblbqy/?u=4dkpaew&o=81yk607&cid=v4k8l981g5fr&f=1&sid=t3~zq434a5xaewcnh4dk5i30wjj&fp=N4w8WmiHFU2UxA4VgeqhfyS%2BqY97VzhH8T3O3AAgZFLJGUGceAxkYmRHgU0zgIA254bM6wYEqyjj65YhUZQHd8%2BCNwhPARwrjB30EA2ad7IA8KK9VQNp2IJYts%2FEbka%2B5n2F7KEs0y7uS9tZGMhTfKoWuKnW0CkkmAOeF0Iiy3869AP0gZ1TSlQSTfryR2GI%2F1iFDwyWxKMtEGKbCZXrd9aXTQHFfcBAzDFOSmmyfAwqCLqgeBUW6UCOCBPHwZAZWM6uR7WBvGwR1xp7TN%2FIBo73zO72pna64k7XUdVFm8TdTq7lCw3DvxFm70CUr427%2BFPYsK0GY%2BZtzApxkF4S3Wa2xHcHx8v4NoNFq%2BcE7UU0dnkPhkRGOmtgXzBlwCXwLpYuGb9w4oxBrpzdGQj1yQ2msU21rYO3saD4s%2BRFxI28kDHKN8YcCtsa8ejsevq7Sip2SC5d90uTpmzVeZwmi%2FNRgA%2FUVBWxzEZ6gsGoXaNr%2F0Lacu4I2ieIDYg3zJg0%2FU%2FozBrka5mBpki5kzavi2M2X%2BU5KnVBoodv5E0l9paN1jzBLkyvJCof3eBdyKzsWdnE8zrphRM55Mhd0gAiUj75hE%2FwAieJvuJNApy8LSmDhe3Hbc5TuI%2BKQg7OXV%2FMpGLdPJnG77ezOfPrs5SYbzXZpxmXkwKgwC3NYLWQJ5t4F5VbqieSlzKsoU0ieTnyevjPj88AaZU1mTL5GSb%2FofMUexqWqNAYdL542qToVTjjFCS2nGp9gsBXMdfRxTH%2BOcyQrJP8xS00L4LAsJffB4LUoWmKuNQim9t0qa%2BBqPhTnt75btVU%2F9S%2BE2cBFQdabjfljFEsqbVd02HS9hqMfwt6YSsZRdn2%2B0Epoz8AtCRQNirk25X6eK95%2BjnLZ6TT9fjXw9UTGG589mF0PvY%2Fs8u%2Bw8Jx9ryJLDXkJTOzhcuR%2BH%2BIEmqDblYlZ1Jyzfmw7UaBe1PcfOU0TEpvE8WbQThSzZngzksywzgqKGNJ3hoP%2B1z4CFuAsz37oCmNB1BZ3gJ87hlwS1%2F7I4i9yhU7pvFkcGm9iKy1IY%2BQwWVkAfxviXSanlXH%2BXT8siG5kkBHI9QKlOSJ0AX81GG2kWBbZNvIW1ixmc2Xuq7ZqXX35itAGM77cMBAYHI%2FqQThDFJdBzIgchAG7CPJxTWRUJkWIB8dIM1AzKkbYFnswpw6IT%2FSXwfTE2lOIra362e6Mju4wMLPMVjRNC%2Buqld4axrDza6Qc1KDWhDuV3zVz3pwNujC%2BQBmFrCkbIYIKe84xoeXl2tSJx4uBQWXzA03NToeOkde9zi2WpkN0t6DwWBrizWpK7j7%2FADPffuOU%2BqmPyEGL%2Bg9xjW6%2B2BY6Blnkk6Q7vJuP2pH2Ij229Py435yHHBsB9ajqZL145oPftP6Zs%2BEYt%2FxYsZKkrOApxJwX7vEiHmICCe1dNc%2FLDbBh3dS5KfGd3uUp2Gvz2Olqe%2BHInGW1SsBVouxRSCt620646RWtOhIM%2B0RkvzwbDMPp%2FCGoJVoA95qXh4ntA3apgmEo6eY9aoDQ64fp1vr%2FHdDOhCvB9gmNl3ZiiYVb42uSHgiu10qRVRzrRaz7Xb6J7vxGzu1rrXrji7qziobI3NZi7hCucSIOhXHPNNLHCrZNA0fhQrp%2FbuBvWT1v6AeQWVWpUAUqT4orUpk0%2BGyoy2dzevl9NotDgCCzQ%2BEC%2BMRNdUrVTvPUfR73aKDn1Y2N%2BGDyydjcY9rqaZrObqYJZ2v96xmmVnGVm4NiRpp%2BxcHNHY6vPgUQNKXJgXt4%2Bs6u4PJSa1kagSG%2Bbms9C7j4ulMvpqMa%2FfgmI4nGE%2FTs0m1H5ba2iDsmETsvPJfsA4bkBn%2F%2BEUQ1znBYF9DW6xbBJ0jYcnWuzXkJrM%2BUiKShwdr6iev3p%2BlPNLEnOQ%2Bpc%2FXH6LVM3XYsfD64poY3EizsNJIUVV%2BJwcM6eybRQJSaHWC4aK96V7eR77PZxYht1%2Fioivi2QULvozxytQf8Q9Aft50JLh8H9M6a3RshnhZVURbLV9Wr2M%3D
Frame ID: F3C30C1DDBF08A0B0EB08D02A56D50C1
Requests: 46 HTTP requests in this frame

Frame: https://www.youtube.com/embed/qLddUY0Isdg?autoplay=1&mute=1&enablejsapi=1&showinfo=0&controls=0&fs=0&iv_load_policy=3&rel=0&showinfo=0&loop=1&playlist=qLddUY0Isdg&start=1
Frame ID: 55961CA58BDDCB617FE4B24468DBA18D
Requests: 7 HTTP requests in this frame

Frame: https://www.youtube.com/embed/qLddUY0Isdg?autoplay=1&mute=1&enablejsapi=1&showinfo=0&controls=0&fs=0&iv_load_policy=3&rel=0&showinfo=0&loop=1&playlist=qLddUY0Isdg&start=1
Frame ID: 6EE71D7B85EEB0356869C965E51F36B3
Requests: 41 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSUN4gAAAAAFAuIzwDdWGVGRqP91mN3cGmZcxR&co=aHR0cHM6Ly93aW5kc29ycnNsLmNvbS5hdTo0NDM.&hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&theme=light&size=invisible&badge=bottomright&cb=m155kempfz5n
Frame ID: CF74DABAA7943A7F74091E52F1C773AB
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6LcSUN4gAAAAAFAuIzwDdWGVGRqP91mN3cGmZcxR
Frame ID: CCE55FF24CB175E36495760454E1C3C3
Requests: 11 HTTP requests in this frame

Frame: https://bestwin-for-u.life/media/mainstream/frame.html
Frame ID: 9F41471E0C409703AB257997A6B5E500
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.windsorrsl.com.au/ HTTP 301
    https://www.windsorrsl.com.au/ HTTP 301
    https://windsorrsl.com.au/ Page URL
  2. https://jquery0.com/jWXxbH HTTP 302
    https://bestwin-for-u.life/?u=4dkpaew&o=81yk607&cid=v4k8l981g5fr Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

114
Requests

84 %
HTTPS

0 %
IPv6

12
Domains

16
Subdomains

15
IPs

4
Countries

5363 kB
Transfer

9405 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.windsorrsl.com.au/ HTTP 301
    https://www.windsorrsl.com.au/ HTTP 301
    https://windsorrsl.com.au/ Page URL
  2. https://jquery0.com/jWXxbH HTTP 302
    https://bestwin-for-u.life/?u=4dkpaew&o=81yk607&cid=v4k8l981g5fr Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.windsorrsl.com.au/ HTTP 301
  • https://www.windsorrsl.com.au/ HTTP 301
  • https://windsorrsl.com.au/
Request Chain 1
  • https://unpkg.com/swiper/swiper-bundle.css HTTP 302
  • https://unpkg.com/swiper@8.4.4/swiper-bundle.css
Request Chain 2
  • https://unpkg.com/swiper/swiper-bundle.min.css HTTP 302
  • https://unpkg.com/swiper@8.4.4/swiper-bundle.min.css
Request Chain 3
  • https://unpkg.com/swiper/swiper-bundle.js HTTP 302
  • https://unpkg.com/swiper@8.4.4/swiper-bundle.js
Request Chain 4
  • https://unpkg.com/swiper/swiper-bundle.min.js HTTP 302
  • https://unpkg.com/swiper@8.4.4/swiper-bundle.min.js
Request Chain 59
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

114 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
windsorrsl.com.au/
Redirect Chain
  • http://www.windsorrsl.com.au/
  • https://www.windsorrsl.com.au/
  • https://windsorrsl.com.au/
54 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
ccda26b6480a6e1649d3402f8e948d6cd0795aaf68ffe3bb156ffac301dc28a2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 22 Oct 2022 19:44:11 GMT
link
<https://windsorrsl.com.au/wp-json/>; rel="https://api.w.org/" <https://windsorrsl.com.au/wp-json/wp/v2/pages/651>; rel="alternate"; type="application/json" <https://windsorrsl.com.au/>; rel=shortlink
server
nginx
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 1
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine
x-tec-api-origin
https://windsorrsl.com.au
x-tec-api-root
https://windsorrsl.com.au/wp-json/tribe/events/v1/
x-tec-api-version
v1

Redirect headers

cache-control
max-age=600, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 22 Oct 2022 19:44:10 GMT
location
https://windsorrsl.com.au/
server
nginx
x-cache
MISS
x-cache-group
normal
x-cacheable
non200
x-powered-by
WP Engine
x-redirect-by
WordPress
swiper-bundle.css
unpkg.com/swiper@8.4.4/
Redirect Chain
  • https://unpkg.com/swiper/swiper-bundle.css
  • https://unpkg.com/swiper@8.4.4/swiper-bundle.css
19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@8.4.4/swiper-bundle.css
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Server
104.16.123.175 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd6e9d324ac44c4bc092ab406f311377f1d2f27196f93298f0ee892d90de1e81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:11 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
890689
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GF62559EJ0D4ZJ845FP6189P-syd
server
cloudflare
etag
W/"4b64-Eb9J5R5G1pbPmr/iZ2+iTeIiz4k"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
75e4b9e81888a7ed-SYD

Redirect headers

date
Sat, 22 Oct 2022 19:44:11 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GG0K2C4FH7TW4Y2C4Z9H86TK-syd
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
540
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/swiper@8.4.4/swiper-bundle.css
cache-control
public, s-maxage=600, max-age=60
cf-ray
75e4b9e77801a7ed-SYD
swiper-bundle.min.css
unpkg.com/swiper@8.4.4/
Redirect Chain
  • https://unpkg.com/swiper/swiper-bundle.min.css
  • https://unpkg.com/swiper@8.4.4/swiper-bundle.min.css
16 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@8.4.4/swiper-bundle.min.css
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Server
104.16.123.175 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5e75a6b6761afacf1cd0fa8c0063321b61434773ac5275c7fa7ec666d8d5c3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:11 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
890745
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GF623EGF3Z7B5E2R901240PH-syd
server
cloudflare
etag
W/"4055-NO0aJFyY09PDjggrGHtjGhONWC4"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
75e4b9e8188aa7ed-SYD

Redirect headers

date
Sat, 22 Oct 2022 19:44:11 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GG0KGEQ7KNQDKV6BBFAJ06G1-syd
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
78
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/swiper@8.4.4/swiper-bundle.min.css
cache-control
public, s-maxage=600, max-age=60
cf-ray
75e4b9e77803a7ed-SYD
swiper-bundle.js
unpkg.com/swiper@8.4.4/
Redirect Chain
  • https://unpkg.com/swiper/swiper-bundle.js
  • https://unpkg.com/swiper@8.4.4/swiper-bundle.js
331 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@8.4.4/swiper-bundle.js
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Server
104.16.123.175 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f351003a795b02dd533c25bbfa92f57c605e6dd8a9812f46167f45f8976b9ada
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:11 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
890689
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GF6255K1NRTY70KEDS3YCYZ4-syd
server
cloudflare
etag
W/"52c02-OlBfqn027tULD/uf3f6sed3MmZA"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
75e4b9e8188da7ed-SYD

Redirect headers

date
Sat, 22 Oct 2022 19:44:11 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GG0K2C4KT9PG80VSGAB93JMB-syd
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
540
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/swiper@8.4.4/swiper-bundle.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
75e4b9e77804a7ed-SYD
swiper-bundle.min.js
unpkg.com/swiper@8.4.4/
Redirect Chain
  • https://unpkg.com/swiper/swiper-bundle.min.js
  • https://unpkg.com/swiper@8.4.4/swiper-bundle.min.js
140 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@8.4.4/swiper-bundle.min.js
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Server
104.16.123.175 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b05beb5a9a40307eb0228cca06a6426d2501485abcf448e8a31fedfb70e87e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:11 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
890818
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GF6217VCWB27SGQBQ02Y1THC-syd
server
cloudflare
etag
W/"2310e-YgoXHzBgFVHspCsWstmF72fEP1g"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
75e4b9e8188ca7ed-SYD

Redirect headers

date
Sat, 22 Oct 2022 19:44:11 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GG0KDYN520ET6AWGS9AZKKVA-syd
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
159
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/swiper@8.4.4/swiper-bundle.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
75e4b9e77805a7ed-SYD
css2
fonts.googleapis.com/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,900;1,800&display=swap
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
1dda5627946b4e1b9b2d6c8af2e49330b8fa2e690a2df466844b55e12fd0e242
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 22 Oct 2022 19:44:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 22 Oct 2022 19:44:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 22 Oct 2022 19:44:11 GMT
tribe-events-pro-mini-calendar-block.min.css
windsorrsl.com.au/wp-content/plugins/events-calendar-pro/src/resources/css/ 		655 B
466 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://windsorrsl.com.au/wp-content/plugins/events-calendar-pro/src/resources/css/tribe-events-pro-mini-calendar-block.min.css?ver=5.14.3
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
d2d330f53cdfd25a188faebfc07535a76190bcc529946b09c74d0971e84b53cd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:11 GMT
content-encoding
br
last-modified
Mon, 11 Jul 2022 00:33:04 GMT
server
nginx
etag
W/"62cb6fc0-28f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.min.css
windsorrsl.com.au/wp-includes/css/dist/block-library/ 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://windsorrsl.com.au/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:11 GMT
content-encoding
br
last-modified
Mon, 04 Jul 2022 12:10:37 GMT
server
nginx
etag
W/"62c2d8bd-15b64"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
windsorrsl.com.au/wp-content/themes/DailyPress/assets/styles/ 		86 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://windsorrsl.com.au/wp-content/themes/DailyPress/assets/styles/style.css?ver=1617248241
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2fab268aae1b0ab09e098e22a06536dd3a589e1a01b4a9d3f0ce56e06d9a6bae

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:11 GMT
content-encoding
br
last-modified
Tue, 27 Apr 2021 02:01:28 GMT
server
nginx
etag
W/"60877078-159a7"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.min.js
windsorrsl.com.au/wp-includes/js/jquery/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windsorrsl.com.au/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
926aacf9aee9d59a6f0496f9c0a8a5fd5984a9aaac678296620c1a95d74c5f1d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:11 GMT
content-encoding
br
last-modified
Thu, 06 Oct 2022 22:34:55 GMT
server
nginx
etag
W/"633f580f-15e52"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery-migrate.min.js
windsorrsl.com.au/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windsorrsl.com.au/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:11 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
etag
W/"5fb4e3fe-2bd8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
header-scripts.js
windsorrsl.com.au/wp-content/themes/DailyPress/assets/scripts/ 		744 B
659 B 		Script
General
Check archive.org
Download Go to
Full URL
https://windsorrsl.com.au/wp-content/themes/DailyPress/assets/scripts/header-scripts.js?ver=6.0.2
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6b33a79d8f907195d1a9962cf11cf154eb13254e1b60f2d14e72450cbde70e38

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:11 GMT
content-encoding
br
last-modified
Thu, 01 Apr 2021 05:37:42 GMT
server
nginx
etag
W/"60655c26-2e8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
logo.png
windsorrsl.com.au/wp-content/uploads/2021/03/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windsorrsl.com.au/wp-content/uploads/2021/03/logo.png
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
60d5d830f8a9f387340ef1617646ce03cc8e03e2aa85760975dde0675af45875

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:12 GMT
last-modified
Thu, 01 Apr 2021 04:25:03 GMT
server
nginx
etag
"60654b1f-2e07"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
11783
fb_icon.png
windsorrsl.com.au/wp-content/themes/DailyPress/assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windsorrsl.com.au/wp-content/themes/DailyPress/assets/images/fb_icon.png
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1c8df37e0952bf004a38a3e03b92ba7230dc6ab7710d74aca2d2b46d11d50e75

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:12 GMT
last-modified
Thu, 01 Apr 2021 03:36:52 GMT
server
nginx
etag
"60653fd4-ee2"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
3810
map_marker_black.png
windsorrsl.com.au/wp-content/themes/DailyPress/assets/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windsorrsl.com.au/wp-content/themes/DailyPress/assets/images/map_marker_black.png
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
17eccde9ee22d2cbc6de539f81be7be8681ead346867235dbe730508e0fd37d7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:12 GMT
last-modified
Thu, 01 Apr 2021 03:36:54 GMT
server
nginx
etag
"60653fd6-cee"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
3310
phone_black.png
windsorrsl.com.au/wp-content/themes/DailyPress/assets/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windsorrsl.com.au/wp-content/themes/DailyPress/assets/images/phone_black.png
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
85ef04807c239e3cd31dba513750001f0b4785784b3743abaae86d544df35eae

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:12 GMT
last-modified
Thu, 01 Apr 2021 03:36:55 GMT
server
nginx
etag
"60653fd7-ccb"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
3275
more_btn_arrow.png
windsorrsl.com.au/wp-content/themes/DailyPress/assets/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windsorrsl.com.au/wp-content/themes/DailyPress/assets/images/more_btn_arrow.png
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6bd07a0074c193ea4c258a45d57e9d0fc61ce182b83af26c2ab20dc9324968f0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:12 GMT
last-modified
Thu, 01 Apr 2021 03:36:54 GMT
server
nginx
etag
"60653fd6-c7e"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
3198
logo_white.png
windsorrsl.com.au/wp-content/uploads/2021/03/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windsorrsl.com.au/wp-content/uploads/2021/03/logo_white.png
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2b79ddacbaf2bf2f867c41d9f855757c7acd262e6738b83db0cc278c91424916

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:12 GMT
last-modified
Thu, 01 Apr 2021 04:25:04 GMT
server
nginx
etag
"60654b20-1643"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
5699
map_marker.png
windsorrsl.com.au/wp-content/themes/DailyPress/assets/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windsorrsl.com.au/wp-content/themes/DailyPress/assets/images/map_marker.png
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb2bab50b2d9a5dfc14cbc78d673f9e18cbdc51d50f7b81b571e09c6877c2099

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:12 GMT
last-modified
Thu, 01 Apr 2021 03:36:53 GMT
server
nginx
etag
"60653fd5-cab"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
3243
mail.png
windsorrsl.com.au/wp-content/themes/DailyPress/assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windsorrsl.com.au/wp-content/themes/DailyPress/assets/images/mail.png
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2e8e62d6851dcaec83882d9c8001492de23c63148853660c01606d067e45b2ef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:12 GMT
last-modified
Thu, 01 Apr 2021 03:36:53 GMT
server
nginx
etag
"60653fd5-e8d"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
3725
phone.png
windsorrsl.com.au/wp-content/themes/DailyPress/assets/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windsorrsl.com.au/wp-content/themes/DailyPress/assets/images/phone.png
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
201fb55e7fb612155742c44021a128ea0400abb59036c6b9a6979ec57f8acd45

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:12 GMT
last-modified
Thu, 01 Apr 2021 03:36:54 GMT
server
nginx
etag
"60653fd6-cbb"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
3259
logo-2.png
windsorrsl.com.au/wp-content/uploads/2022/07/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windsorrsl.com.au/wp-content/uploads/2022/07/logo-2.png
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
a4154499f1b9c2921d66c362414dd47c3baa9a95c5783a66c8a9598768fa782a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:12 GMT
last-modified
Thu, 14 Jul 2022 02:34:30 GMT
server
nginx
etag
"62cf80b6-1465"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
5221
formreset.min.css
windsorrsl.com.au/wp-content/plugins/gravityforms/legacy/css/ 		4 KB
618 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://windsorrsl.com.au/wp-content/plugins/gravityforms/legacy/css/formreset.min.css?ver=2.6.7
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
d70d9853ff87464d69a8174e3a76633bf29e45aaafcbccb214c10722b2b9714c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:11 GMT
content-encoding
br
last-modified
Thu, 22 Sep 2022 10:31:40 GMT
server
nginx
etag
W/"632c398c-f14"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
formsmain.min.css
windsorrsl.com.au/wp-content/plugins/gravityforms/legacy/css/ 		79 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://windsorrsl.com.au/wp-content/plugins/gravityforms/legacy/css/formsmain.min.css?ver=2.6.7
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
3a1072fc5e60a404c249f32eef7ebbeec0722a2fc6ecce393926a39ba8075293

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:11 GMT
content-encoding
br
last-modified
Thu, 22 Sep 2022 10:31:40 GMT
server
nginx
etag
W/"632c398c-13aba"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
readyclass.min.css
windsorrsl.com.au/wp-content/plugins/gravityforms/legacy/css/ 		30 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://windsorrsl.com.au/wp-content/plugins/gravityforms/legacy/css/readyclass.min.css?ver=2.6.7
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
7536f0df059eb4232aeb10fa05bd89b6da621240062499542da570d39fb833ba

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:11 GMT
content-encoding
br
last-modified
Thu, 22 Sep 2022 10:31:40 GMT
server
nginx
etag
W/"632c398c-781d"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
browsers.min.css
windsorrsl.com.au/wp-content/plugins/gravityforms/legacy/css/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://windsorrsl.com.au/wp-content/plugins/gravityforms/legacy/css/browsers.min.css?ver=2.6.7
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
81556f38ccd763884270a287d8602759ecca85ec4f93548631550b4514393d46

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:12 GMT
content-encoding
br
last-modified
Thu, 22 Sep 2022 10:31:40 GMT
server
nginx
etag
W/"632c398c-20d7"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
scripts.js
windsorrsl.com.au/wp-content/themes/DailyPress/assets/scripts/ 		140 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windsorrsl.com.au/wp-content/themes/DailyPress/assets/scripts/scripts.js?ver=1617248228
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4f1cb4b2be7b83d0215330856522d8f04bd2f7fe0eaf853a620933e490a50992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:12 GMT
content-encoding
br
last-modified
Thu, 01 Apr 2021 05:37:45 GMT
server
nginx
etag
W/"60655c29-22e47"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
regenerator-runtime.min.js
windsorrsl.com.au/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windsorrsl.com.au/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:12 GMT
content-encoding
br
last-modified
Mon, 11 Apr 2022 12:04:30 GMT
server
nginx
etag
W/"6254194e-194b"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
wp-polyfill.min.js
windsorrsl.com.au/wp-includes/js/dist/vendor/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windsorrsl.com.au/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5d68050d7f431dce4907514675252e46343be65889107c8655a8f08252c42827

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:12 GMT
content-encoding
br
last-modified
Mon, 11 Apr 2022 12:06:30 GMT
server
nginx
etag
W/"625419c6-4b67"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
dom-ready.min.js
windsorrsl.com.au/wp-includes/js/dist/ 		498 B
554 B 		Script
General
Check archive.org
Download Go to
Full URL
https://windsorrsl.com.au/wp-includes/js/dist/dom-ready.min.js?ver=d996b53411d1533a84951212ab6ac4ff
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:12 GMT
content-encoding
br
last-modified
Mon, 11 Apr 2022 12:04:30 GMT
server
nginx
etag
W/"6254194e-1f2"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
hooks.min.js
windsorrsl.com.au/wp-includes/js/dist/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windsorrsl.com.au/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:12 GMT
content-encoding
br
last-modified
Mon, 11 Apr 2022 12:04:30 GMT
server
nginx
etag
W/"6254194e-132e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
i18n.min.js
windsorrsl.com.au/wp-includes/js/dist/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windsorrsl.com.au/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:12 GMT
content-encoding
br
last-modified
Tue, 12 Apr 2022 15:12:47 GMT
server
nginx
etag
W/"625596ef-27ee"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
a11y.min.js
windsorrsl.com.au/wp-includes/js/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windsorrsl.com.au/wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5df2942db2352e49e00bcf3393b875a71d0acee986e48fbdcc5879846f5c3689

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:12 GMT
content-encoding
br
last-modified
Mon, 11 Apr 2022 12:04:30 GMT
server
nginx
etag
W/"6254194e-9cc"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.json.min.js
windsorrsl.com.au/wp-content/plugins/gravityforms/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windsorrsl.com.au/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.6.7
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
693c8b61667ac94847264924178702a190c5113b41b82085dad0641f89e3f864

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:12 GMT
content-encoding
br
last-modified
Thu, 22 Sep 2022 10:31:40 GMT
server
nginx
etag
W/"632c398c-730"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
gravityforms.min.js
windsorrsl.com.au/wp-content/plugins/gravityforms/js/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windsorrsl.com.au/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.6.7
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
7524d490c61134e066b3cb0c7ee65a5d791c0f2ad7bfe20f64cae9025eb88c95

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:12 GMT
content-encoding
br
last-modified
Thu, 22 Sep 2022 10:31:40 GMT
server
nginx
etag
W/"632c398c-ad29"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
api.js
www.google.com/recaptcha/ 		850 B
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=en&ver=6.0.2
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f106.1e100.net
Software
GSE /
Resource Hash
4bfc4c1c553cd28d54f909def2b3c9981b02aa40a537873a257fd8cc9713343f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Sat, 22 Oct 2022 19:44:12 GMT
wp-emoji-release.min.js
windsorrsl.com.au/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windsorrsl.com.au/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:12 GMT
content-encoding
br
last-modified
Tue, 12 Apr 2022 05:56:23 GMT
server
nginx
etag
W/"62551487-48b9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
css2
fonts.googleapis.com/ 		10 KB
868 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;500;600;700&display=swap
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/wp-content/themes/DailyPress/assets/styles/style.css?ver=1617248241
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
ff42302a77bcdef5d113b26248084bd8e2aa37efe11ee2365b91e8648d526d77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 22 Oct 2022 19:44:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 22 Oct 2022 19:44:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 22 Oct 2022 19:44:11 GMT
JkrJYcvQ
jquery0.com/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jquery0.com/JkrJYcvQ
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.233.50.75 , Russian Federation, ASN57523 (CHANGWAY-AS, HK),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 Oct 2022 19:44:13 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
qLddUY0Isdg
www.youtube.com/embed/ Frame 5596 		71 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/qLddUY0Isdg?autoplay=1&mute=1&enablejsapi=1&showinfo=0&controls=0&fs=0&iv_load_policy=3&rel=0&showinfo=0&loop=1&playlist=qLddUY0Isdg&start=1
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f93.1e100.net
Software
ESF /
Resource Hash
4b6b4a150ca923b9f64d9ac7cec20cb77c8c422b8578ff2c639b0b470775461b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://windsorrsl.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Sat, 22 Oct 2022 19:44:12 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
DP108978-min-e1636064293348.jpg
windsorrsl.com.au/wp-content/uploads/2021/11/ 		214 KB
215 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windsorrsl.com.au/wp-content/uploads/2021/11/DP108978-min-e1636064293348.jpg
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
432535d9cace238b86c74501e95e5a3141401f4d3a554c354a090e9e214e5e39

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:12 GMT
last-modified
Thu, 04 Nov 2021 22:18:13 GMT
server
nginx
etag
"61845c25-3588d"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
219277
DP108809-min-1.jpg
windsorrsl.com.au/wp-content/uploads/2021/11/ 		610 KB
611 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windsorrsl.com.au/wp-content/uploads/2021/11/DP108809-min-1.jpg
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.189.21.116 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
116.21.189.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
9379d5934b79faa1354503ea315854f3c01f17af14584871dea4bf6c5102ede7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://windsorrsl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:12 GMT
last-modified
Mon, 01 Nov 2021 07:02:39 GMT
server
nginx
etag
"617f910f-98907"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
624903
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,900;1,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://windsorrsl.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 18:01:59 GMT
x-content-type-options
nosniff
age
178933
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Oct 2023 18:01:59 GMT
www-player.css
www.youtube.com/s/player/24c6f8bd/ Frame 5596 		0
0
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5596 		0
0
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5596 		0
0
www-embed-player.js
www.youtube.com/s/player/24c6f8bd/www-embed-player.vflset/ Frame 5596 		0
0
base.js
www.youtube.com/s/player/24c6f8bd/player_ias.vflset/en_GB/ Frame 5596 		0
0
fetch-polyfill.js
www.youtube.com/s/player/24c6f8bd/fetch-polyfill.vflset/ Frame 5596 		0
0
recaptcha__en.js
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ 		392 KB
157 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en&ver=6.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f94.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://windsorrsl.com.au/
Origin
https://windsorrsl.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 02:38:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61567
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
159789
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 22 Oct 2023 02:38:06 GMT
qLddUY0Isdg
www.youtube.com/embed/ Frame 6EE7 		71 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/qLddUY0Isdg?autoplay=1&mute=1&enablejsapi=1&showinfo=0&controls=0&fs=0&iv_load_policy=3&rel=0&showinfo=0&loop=1&playlist=qLddUY0Isdg&start=1
Requested by
Host: windsorrsl.com.au
URL: https://windsorrsl.com.au/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f93.1e100.net
Software
ESF /
Resource Hash
cb6ee6a6282488c320dcfc19ec32b7fc7d05f1d57bbc5ef521e5c9ffeac71f10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://windsorrsl.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Sat, 22 Oct 2022 19:44:13 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
www-player.css
www.youtube.com/s/player/24c6f8bd/ Frame 6EE7 		360 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/24c6f8bd/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/qLddUY0Isdg?autoplay=1&mute=1&enablejsapi=1&showinfo=0&controls=0&fs=0&iv_load_policy=3&rel=0&showinfo=0&loop=1&playlist=qLddUY0Isdg&start=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f93.1e100.net
Software
sffe /
Resource Hash
1ae0dfcf25c2f9834d99115b516449f16275e9519dd35dfcd22a620a68ae829f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/embed/qLddUY0Isdg?autoplay=1&mute=1&enablejsapi=1&showinfo=0&controls=0&fs=0&iv_load_policy=3&rel=0&showinfo=0&loop=1&playlist=qLddUY0Isdg&start=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 16:07:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
272205
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49894
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 00:20:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 19 Oct 2023 16:07:28 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6EE7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/qLddUY0Isdg?autoplay=1&mute=1&enablejsapi=1&showinfo=0&controls=0&fs=0&iv_load_policy=3&rel=0&showinfo=0&loop=1&playlist=qLddUY0Isdg&start=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:34:22 GMT
x-content-type-options
nosniff
age
475791
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 07:34:22 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6EE7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/qLddUY0Isdg?autoplay=1&mute=1&enablejsapi=1&showinfo=0&controls=0&fs=0&iv_load_policy=3&rel=0&showinfo=0&loop=1&playlist=qLddUY0Isdg&start=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 16:39:11 GMT
x-content-type-options
nosniff
age
11102
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 22 Oct 2023 16:39:11 GMT
www-embed-player.js
www.youtube.com/s/player/24c6f8bd/www-embed-player.vflset/ Frame 6EE7 		306 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/24c6f8bd/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/qLddUY0Isdg?autoplay=1&mute=1&enablejsapi=1&showinfo=0&controls=0&fs=0&iv_load_policy=3&rel=0&showinfo=0&loop=1&playlist=qLddUY0Isdg&start=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f93.1e100.net
Software
sffe /
Resource Hash
983d82e2cfa45caf0e5b0850815744c4d6e8c26a96b8dcb38d186450dd8c5627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/embed/qLddUY0Isdg?autoplay=1&mute=1&enablejsapi=1&showinfo=0&controls=0&fs=0&iv_load_policy=3&rel=0&showinfo=0&loop=1&playlist=qLddUY0Isdg&start=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 16:07:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
272201
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97428
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 00:20:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 19 Oct 2023 16:07:32 GMT
base.js
www.youtube.com/s/player/24c6f8bd/player_ias.vflset/en_GB/ Frame 6EE7 		2 MB
571 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/24c6f8bd/player_ias.vflset/en_GB/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/qLddUY0Isdg?autoplay=1&mute=1&enablejsapi=1&showinfo=0&controls=0&fs=0&iv_load_policy=3&rel=0&showinfo=0&loop=1&playlist=qLddUY0Isdg&start=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f93.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/embed/qLddUY0Isdg?autoplay=1&mute=1&enablejsapi=1&showinfo=0&controls=0&fs=0&iv_load_policy=3&rel=0&showinfo=0&loop=1&playlist=qLddUY0Isdg&start=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 16:12:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
271886
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
584608
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 00:20:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 19 Oct 2023 16:12:47 GMT
fetch-polyfill.js
www.youtube.com/s/player/24c6f8bd/fetch-polyfill.vflset/ Frame 6EE7 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/24c6f8bd/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/qLddUY0Isdg?autoplay=1&mute=1&enablejsapi=1&showinfo=0&controls=0&fs=0&iv_load_policy=3&rel=0&showinfo=0&loop=1&playlist=qLddUY0Isdg&start=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f93.1e100.net
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/embed/qLddUY0Isdg?autoplay=1&mute=1&enablejsapi=1&showinfo=0&controls=0&fs=0&iv_load_policy=3&rel=0&showinfo=0&loop=1&playlist=qLddUY0Isdg&start=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 16:07:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
272201
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 00:20:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 19 Oct 2023 16:07:32 GMT
jWXxbH
jquery0.com/ 		0
0
Primary Request /
bestwin-for-u.life/
Redirect Chain
  • https://jquery0.com/jWXxbH
  • https://bestwin-for-u.life/?u=4dkpaew&o=81yk607&cid=v4k8l981g5fr
88 KB
88 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bestwin-for-u.life/?u=4dkpaew&o=81yk607&cid=v4k8l981g5fr
Requested by
Host: jquery0.com
URL: https://jquery0.com/JkrJYcvQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.94.212.230 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
769f017376381a3a381c29cb179dc6b145ccd69ccbd597ee81c999ebede8c9d0

Request headers

Referer
https://windsorrsl.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-transform
Connection
keep-alive
Content-Length
90144
Content-Type
text/html
Date
Sat, 22 Oct 2022 19:44:16 GMT
Server
nginx
cache-control
private

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Sat, 22 Oct 2022 19:44:14 GMT
Expires
0
Location
https://bestwin-for-u.life/?u=4dkpaew&o=81yk607&cid=v4k8l981g5fr
Pragma
no-cache
Server
nginx
Vary
Accept-Encoding
anchor
www.google.com/recaptcha/api2/ Frame CF74 		43 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSUN4gAAAAAFAuIzwDdWGVGRqP91mN3cGmZcxR&co=aHR0cHM6Ly93aW5kc29ycnNsLmNvbS5hdTo0NDM.&hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&theme=light&size=invisible&badge=bottomright&cb=m155kempfz5n
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f106.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-680paoAZBtqBSiTAUEHwwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windsorrsl.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
23178
content-security-policy
script-src 'report-sample' 'nonce-680paoAZBtqBSiTAUEHwwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 19:44:14 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
id
googleads.g.doubleclick.net/pagead/ Frame 6EE7
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/qLddUY0Isdg?autoplay=1&mute=1&enablejsapi=1&showinfo=0&controls=0&fs=0&iv_load_policy=3&rel=0&showinfo=0&loop=1&playlist=qLddUY0Isdg&start=1
Protocol
H2
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 22 Oct 2022 19:44:14 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 6EE7 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/24c6f8bd/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:35:23 GMT
x-content-type-options
nosniff
age
531
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Oct 2022 19:50:23 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 6EE7 		66 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/24c6f8bd/player_ias.vflset/en_GB/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f95.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 22 Oct 2022 19:44:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30908
x-xss-protection
0
player
www.youtube.com/youtubei/v1/ Frame 6EE7 		57 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/24c6f8bd/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f93.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/qLddUY0Isdg?autoplay=1&mute=1&enablejsapi=1&showinfo=0&controls=0&fs=0&iv_load_policy=3&rel=0&showinfo=0&loop=1&playlist=qLddUY0Isdg&start=1
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20221018.01.00
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
X-Goog-Visitor-Id
CgtrNkE1R1NaNkg5USiNkNGaBg%3D%3D
Content-Type
application/json

Response headers

date
Sat, 22 Oct 2022 19:44:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20406
x-xss-protection
0
2jr0eHp02ItFWQ5x-XHzcF5Qh6GPPdrMF7WL5Xw4nSU.js
www.google.com/js/th/ Frame 6EE7 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/2jr0eHp02ItFWQ5x-XHzcF5Qh6GPPdrMF7WL5Xw4nSU.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/24c6f8bd/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f106.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 09:41:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
122550
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14247
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Oct 2023 09:41:44 GMT
embed.js
www.youtube.com/s/player/24c6f8bd/player_ias.vflset/en_GB/ Frame 6EE7 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/24c6f8bd/player_ias.vflset/en_GB/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/24c6f8bd/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f93.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/embed/qLddUY0Isdg?autoplay=1&mute=1&enablejsapi=1&showinfo=0&controls=0&fs=0&iv_load_policy=3&rel=0&showinfo=0&loop=1&playlist=qLddUY0Isdg&start=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 16:10:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
272023
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8176
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 00:20:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 19 Oct 2023 16:10:31 GMT
truncated
/ Frame 6EE7 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
AMLnZu_qNg-WwZE9knTBLX5CU9w1coFclVqvu7_QqEhn=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 6EE7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AMLnZu_qNg-WwZE9knTBLX5CU9w1coFclVqvu7_QqEhn=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/qLddUY0Isdg?autoplay=1&mute=1&enablejsapi=1&showinfo=0&controls=0&fs=0&iv_load_policy=3&rel=0&showinfo=0&loop=1&playlist=qLddUY0Isdg&start=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
fife /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:15 GMT
x-content-type-options
nosniff
server
fife
etag
"v5"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1948
x-xss-protection
0
expires
Sun, 23 Oct 2022 19:44:15 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f95.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sat, 22 Oct 2022 19:44:14 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
qoe
www.youtube.com/api/stats/ Frame 6EE7 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?fmt=244&afmt=251&cpn=flV6OPU5cT7hQbFQ&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24135692%2C24169501%2C24175559%2C24219382%2C24248385%2C24255165%2C24276618%2C24279628%2C24289901%2C24290131%2C24292955%2C24297309%2C24298640%2C24396235%2C24396435%2C24397192%2C24398487%2C39322399&cl=481927134&seq=1&docid=qLddUY0Isdg&ei=DkhUY5z9Ic3OvASnl5rABw&event=streamingstats&plid=AAXrpMiAmLeCbx1Z&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FqLddUY0Isdg%3Fautoplay%3D1%26mute%3D1%26enablejsapi%3D1%26showinfo%3D0%26controls%3D0%26fs%3D0%26iv_load_policy%3D3%26rel%3D0%26showinfo%3D0%26loop%3D1%26playlist%3DqLddUY0Isdg%26start%3D1&cbr=Chrome&cbrver=106.0.5249.119&c=WEB_EMBEDDED_PLAYER&cver=1.20221018.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.009:B,0.281:B,0.281:B&cmt=0.009:0.000,0.281:1.000&afs=0.281:251::i&vfs=0.281:244:247::r&view=0.281:1600:900&bwe=0.281:130000&bat=0.281:1:1&vis=0.281:0&bh=0.281:0.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/24c6f8bd/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f93.1e100.net
Software
Video Stats Server /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/qLddUY0Isdg?autoplay=1&mute=1&enablejsapi=1&showinfo=0&controls=0&fs=0&iv_load_policy=3&rel=0&showinfo=0&loop=1&playlist=qLddUY0Isdg&start=1
X-YouTube-Client-Version
1.20221018.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtrNkE1R1NaNkg5USiNkNGaBg%3D%3D
X-YouTube-Ad-Signals
dt=1666467854375&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C900&vis=1&wgl=true&ca_type=image

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 19:44:14 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr3---sn-ntq7yner.googlevideo.com/ Frame 6EE7 		416 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rr3---sn-ntq7yner.googlevideo.com/videoplayback?expire=1666489454&ei=DkhUY5z9Ic3OvASnl5rABw&ip=173.245.209.70&id=o-ALVAlYI209jQVY8LpUvWKBAdGWhAFsKnzeJkjwtw1dtw&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=dz&mm=31%2C26&mn=sn-ntq7yner%2Csn-npoe7nek&ms=au%2Conr&mv=m&mvi=3&pl=24&initcwndbps=1106250&spc=yR2vpw-v5-P17genqvnKnf_VhnMEmu0&vprv=1&mime=video%2Fwebm&ns=wJFCFu6bGCffNRf6L6VvHrwI&gir=yes&clen=4694554&dur=59.040&lmt=1656561406928917&mt=1666467452&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=PvbpnjrYptOcrA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAOSIB8SgfSAXGes8UDSoBYUTDG-uZ6rqkYZu8Y1EONWiAiBwMV0E_mAys3aXrWc4DEqokbhN-8x9SBP69UEpT6KTog%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAKbc12oUPHfRzqsESyPgUwrT22w1LDbXoDCtdNQoHuUfAiBDo5VSQNOA0reNWrheW50OXsc6uF0W29-InRzg6UFXQg%3D%3D&alr=yes&cpn=flV6OPU5cT7hQbFQ&cver=1.20221018.01.00&range=0-415&rn=1&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/24c6f8bd/player_ias.vflset/en_GB/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
173.194.28.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s18-in-f8.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sat, 22 Oct 2022 19:44:15 GMT
X-Restrict-Formats-Hint
None
X-Content-Type-Options
nosniff
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
416
Last-Modified
Thu, 30 Jun 2022 03:56:46 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/webm
Access-Control-Allow-Origin
https://www.youtube.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=21299
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
Expires
Sat, 22 Oct 2022 19:44:15 GMT
videoplayback
rr3---sn-ntq7yner.googlevideo.com/ Frame 6EE7 		358 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rr3---sn-ntq7yner.googlevideo.com/videoplayback?expire=1666489454&ei=DkhUY5z9Ic3OvASnl5rABw&ip=173.245.209.70&id=o-ALVAlYI209jQVY8LpUvWKBAdGWhAFsKnzeJkjwtw1dtw&itag=251&source=youtube&requiressl=yes&mh=dz&mm=31%2C26&mn=sn-ntq7yner%2Csn-npoe7nek&ms=au%2Conr&mv=m&mvi=3&pl=24&initcwndbps=1106250&spc=yR2vpw-v5-P17genqvnKnf_VhnMEmu0&vprv=1&mime=audio%2Fwebm&ns=wJFCFu6bGCffNRf6L6VvHrwI&gir=yes&clen=977632&dur=59.061&lmt=1656561425087971&mt=1666467452&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=PvbpnjrYptOcrA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMoCcb6aIJ9WC1o218lwmI43OzXYe4lv3FN8kvRdJ_KtAiEA7olrdePpFTux313DxoRYTfthumj5gXXQvxcDBPQD7gU%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAKbc12oUPHfRzqsESyPgUwrT22w1LDbXoDCtdNQoHuUfAiBDo5VSQNOA0reNWrheW50OXsc6uF0W29-InRzg6UFXQg%3D%3D&alr=yes&cpn=flV6OPU5cT7hQbFQ&cver=1.20221018.01.00&range=0-357&rn=2&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/24c6f8bd/player_ias.vflset/en_GB/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
173.194.28.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s18-in-f8.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sat, 22 Oct 2022 19:44:15 GMT
X-Content-Type-Options
nosniff
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
358
Last-Modified
Thu, 30 Jun 2022 03:57:05 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
audio/webm
Access-Control-Allow-Origin
https://www.youtube.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=21299
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
Expires
Sat, 22 Oct 2022 19:44:15 GMT
endscreen.js
www.youtube.com/s/player/24c6f8bd/player_ias.vflset/en_GB/ Frame 6EE7 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/24c6f8bd/player_ias.vflset/en_GB/endscreen.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/24c6f8bd/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f93.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/embed/qLddUY0Isdg?autoplay=1&mute=1&enablejsapi=1&showinfo=0&controls=0&fs=0&iv_load_policy=3&rel=0&showinfo=0&loop=1&playlist=qLddUY0Isdg&start=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 07:37:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
43588
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8727
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 00:20:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 22 Oct 2023 07:37:46 GMT
next
www.youtube.com/youtubei/v1/ Frame 6EE7 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/24c6f8bd/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f93.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/qLddUY0Isdg?autoplay=1&mute=1&enablejsapi=1&showinfo=0&controls=0&fs=0&iv_load_policy=3&rel=0&showinfo=0&loop=1&playlist=qLddUY0Isdg&start=1
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20221018.01.00
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
X-Goog-Visitor-Id
CgtrNkE1R1NaNkg5USiNkNGaBg%3D%3D
Content-Type
application/json

Response headers

date
Sat, 22 Oct 2022 19:44:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2175
x-xss-protection
0
styles__ltr.css
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame CF74 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSUN4gAAAAAFAuIzwDdWGVGRqP91mN3cGmZcxR&co=aHR0cHM6Ly93aW5kc29ycnNsLmNvbS5hdTo0NDM.&hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&theme=light&size=invisible&badge=bottomright&cb=m155kempfz5n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f94.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:50:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
251652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 21:50:03 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame CF74 		392 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSUN4gAAAAAFAuIzwDdWGVGRqP91mN3cGmZcxR&co=aHR0cHM6Ly93aW5kc29ycnNsLmNvbS5hdTo0NDM.&hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&theme=light&size=invisible&badge=bottomright&cb=m155kempfz5n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f94.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 02:38:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61569
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
159789
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 22 Oct 2023 02:38:06 GMT
generate_204
www.youtube.com/ Frame 6EE7 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?Ji76uA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/qLddUY0Isdg?autoplay=1&mute=1&enablejsapi=1&showinfo=0&controls=0&fs=0&iv_load_policy=3&rel=0&showinfo=0&loop=1&playlist=qLddUY0Isdg&start=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f93.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/embed/qLddUY0Isdg?autoplay=1&mute=1&enablejsapi=1&showinfo=0&controls=0&fs=0&iv_load_policy=3&rel=0&showinfo=0&loop=1&playlist=qLddUY0Isdg&start=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:14 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
videoplayback
rr3---sn-ntq7yner.googlevideo.com/ Frame 6EE7 		64 KB
64 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rr3---sn-ntq7yner.googlevideo.com/videoplayback?expire=1666489454&ei=DkhUY5z9Ic3OvASnl5rABw&ip=173.245.209.70&id=o-ALVAlYI209jQVY8LpUvWKBAdGWhAFsKnzeJkjwtw1dtw&itag=251&source=youtube&requiressl=yes&mh=dz&mm=31%2C26&mn=sn-ntq7yner%2Csn-npoe7nek&ms=au%2Conr&mv=m&mvi=3&pl=24&initcwndbps=1106250&spc=yR2vpw-v5-P17genqvnKnf_VhnMEmu0&vprv=1&mime=audio%2Fwebm&ns=wJFCFu6bGCffNRf6L6VvHrwI&gir=yes&clen=977632&dur=59.061&lmt=1656561425087971&mt=1666467452&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=PvbpnjrYptOcrA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMoCcb6aIJ9WC1o218lwmI43OzXYe4lv3FN8kvRdJ_KtAiEA7olrdePpFTux313DxoRYTfthumj5gXXQvxcDBPQD7gU%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAKbc12oUPHfRzqsESyPgUwrT22w1LDbXoDCtdNQoHuUfAiBDo5VSQNOA0reNWrheW50OXsc6uF0W29-InRzg6UFXQg%3D%3D&alr=yes&cpn=flV6OPU5cT7hQbFQ&cver=1.20221018.01.00&range=358-65893&rn=3&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/24c6f8bd/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.28.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s18-in-f8.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

client-protocol
quic
date
Sat, 22 Oct 2022 19:44:15 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65536
last-modified
Thu, 30 Jun 2022 03:57:05 GMT
server
gvs 1.0
vary
Origin
content-type
audio/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21299
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Sat, 22 Oct 2022 19:44:15 GMT
AMLnZu_qNg-WwZE9knTBLX5CU9w1coFclVqvu7_QqEhn=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 6EE7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AMLnZu_qNg-WwZE9knTBLX5CU9w1coFclVqvu7_QqEhn=s88-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/qLddUY0Isdg?autoplay=1&mute=1&enablejsapi=1&showinfo=0&controls=0&fs=0&iv_load_policy=3&rel=0&showinfo=0&loop=1&playlist=qLddUY0Isdg&start=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
fife /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:15 GMT
x-content-type-options
nosniff
server
fife
etag
"v5"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2413
x-xss-protection
0
expires
Sun, 23 Oct 2022 19:44:15 GMT
videoplayback
rr3---sn-ntq7yner.googlevideo.com/ Frame 6EE7 		200 KB
200 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rr3---sn-ntq7yner.googlevideo.com/videoplayback?expire=1666489454&ei=DkhUY5z9Ic3OvASnl5rABw&ip=173.245.209.70&id=o-ALVAlYI209jQVY8LpUvWKBAdGWhAFsKnzeJkjwtw1dtw&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=dz&mm=31%2C26&mn=sn-ntq7yner%2Csn-npoe7nek&ms=au%2Conr&mv=m&mvi=3&pl=24&initcwndbps=1106250&spc=yR2vpw-v5-P17genqvnKnf_VhnMEmu0&vprv=1&mime=video%2Fwebm&ns=wJFCFu6bGCffNRf6L6VvHrwI&gir=yes&clen=4694554&dur=59.040&lmt=1656561406928917&mt=1666467452&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=PvbpnjrYptOcrA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAOSIB8SgfSAXGes8UDSoBYUTDG-uZ6rqkYZu8Y1EONWiAiBwMV0E_mAys3aXrWc4DEqokbhN-8x9SBP69UEpT6KTog%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAKbc12oUPHfRzqsESyPgUwrT22w1LDbXoDCtdNQoHuUfAiBDo5VSQNOA0reNWrheW50OXsc6uF0W29-InRzg6UFXQg%3D%3D&alr=yes&cpn=flV6OPU5cT7hQbFQ&cver=1.20221018.01.00&range=416-204995&rn=4&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/24c6f8bd/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.28.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s18-in-f8.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

client-protocol
quic
date
Sat, 22 Oct 2022 19:44:15 GMT
x-restrict-formats-hint
None
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
204580
last-modified
Thu, 30 Jun 2022 03:56:46 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21299
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Sat, 22 Oct 2022 19:44:15 GMT
videoplayback
rr3---sn-ntq7yner.googlevideo.com/ Frame 6EE7 		416 B
442 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rr3---sn-ntq7yner.googlevideo.com/videoplayback?expire=1666489454&ei=DkhUY5z9Ic3OvASnl5rABw&ip=173.245.209.70&id=o-ALVAlYI209jQVY8LpUvWKBAdGWhAFsKnzeJkjwtw1dtw&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=dz&mm=31%2C26&mn=sn-ntq7yner%2Csn-npoe7nek&ms=au%2Conr&mv=m&mvi=3&pl=24&initcwndbps=1106250&spc=yR2vpw-v5-P17genqvnKnf_VhnMEmu0&vprv=1&mime=video%2Fwebm&ns=wJFCFu6bGCffNRf6L6VvHrwI&gir=yes&clen=9318031&dur=59.040&lmt=1656561430168823&mt=1666467452&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=PvbpnjrYptOcrA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgUeh8iYY6PIDxxqMUA3hF9hmbyu_sARi9O0V2P6ZMSSsCIQDC2d5J2Cly_nZJcnvw9ksCmoRtfvoP5JLQU6CsrfADkQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAKbc12oUPHfRzqsESyPgUwrT22w1LDbXoDCtdNQoHuUfAiBDo5VSQNOA0reNWrheW50OXsc6uF0W29-InRzg6UFXQg%3D%3D&alr=yes&cpn=flV6OPU5cT7hQbFQ&cver=1.20221018.01.00&range=0-415&rn=5&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/24c6f8bd/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.28.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s18-in-f8.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

client-protocol
quic
date
Sat, 22 Oct 2022 19:44:15 GMT
x-restrict-formats-hint
None
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
416
last-modified
Thu, 30 Jun 2022 03:57:10 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21299
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Sat, 22 Oct 2022 19:44:15 GMT
videoplayback
rr3---sn-ntq7yner.googlevideo.com/ Frame 6EE7 		200 KB
200 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rr3---sn-ntq7yner.googlevideo.com/videoplayback?expire=1666489454&ei=DkhUY5z9Ic3OvASnl5rABw&ip=173.245.209.70&id=o-ALVAlYI209jQVY8LpUvWKBAdGWhAFsKnzeJkjwtw1dtw&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=dz&mm=31%2C26&mn=sn-ntq7yner%2Csn-npoe7nek&ms=au%2Conr&mv=m&mvi=3&pl=24&initcwndbps=1106250&spc=yR2vpw-v5-P17genqvnKnf_VhnMEmu0&vprv=1&mime=video%2Fwebm&ns=wJFCFu6bGCffNRf6L6VvHrwI&gir=yes&clen=4694554&dur=59.040&lmt=1656561406928917&mt=1666467452&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=PvbpnjrYptOcrA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAOSIB8SgfSAXGes8UDSoBYUTDG-uZ6rqkYZu8Y1EONWiAiBwMV0E_mAys3aXrWc4DEqokbhN-8x9SBP69UEpT6KTog%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAKbc12oUPHfRzqsESyPgUwrT22w1LDbXoDCtdNQoHuUfAiBDo5VSQNOA0reNWrheW50OXsc6uF0W29-InRzg6UFXQg%3D%3D&alr=yes&cpn=flV6OPU5cT7hQbFQ&cver=1.20221018.01.00&range=204996-409575&rn=6&rbuf=1107
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/24c6f8bd/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.28.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s18-in-f8.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

client-protocol
quic
date
Sat, 22 Oct 2022 19:44:15 GMT
x-restrict-formats-hint
None
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
204580
last-modified
Thu, 30 Jun 2022 03:56:46 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21299
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Sat, 22 Oct 2022 19:44:15 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 6EE7 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/24c6f8bd/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f95.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 22 Oct 2022 19:44:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f95.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sat, 22 Oct 2022 19:44:15 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
videoplayback
rr3---sn-ntq7yner.googlevideo.com/ Frame 6EE7 		64 KB
64 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rr3---sn-ntq7yner.googlevideo.com/videoplayback?expire=1666489454&ei=DkhUY5z9Ic3OvASnl5rABw&ip=173.245.209.70&id=o-ALVAlYI209jQVY8LpUvWKBAdGWhAFsKnzeJkjwtw1dtw&itag=251&source=youtube&requiressl=yes&mh=dz&mm=31%2C26&mn=sn-ntq7yner%2Csn-npoe7nek&ms=au%2Conr&mv=m&mvi=3&pl=24&initcwndbps=1106250&spc=yR2vpw-v5-P17genqvnKnf_VhnMEmu0&vprv=1&mime=audio%2Fwebm&ns=wJFCFu6bGCffNRf6L6VvHrwI&gir=yes&clen=977632&dur=59.061&lmt=1656561425087971&mt=1666467452&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=PvbpnjrYptOcrA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMoCcb6aIJ9WC1o218lwmI43OzXYe4lv3FN8kvRdJ_KtAiEA7olrdePpFTux313DxoRYTfthumj5gXXQvxcDBPQD7gU%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAKbc12oUPHfRzqsESyPgUwrT22w1LDbXoDCtdNQoHuUfAiBDo5VSQNOA0reNWrheW50OXsc6uF0W29-InRzg6UFXQg%3D%3D&alr=yes&cpn=flV6OPU5cT7hQbFQ&cver=1.20221018.01.00&range=65894-131429&rn=7&rbuf=2831
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/24c6f8bd/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.28.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s18-in-f8.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

client-protocol
quic
date
Sat, 22 Oct 2022 19:44:15 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65536
last-modified
Thu, 30 Jun 2022 03:57:05 GMT
server
gvs 1.0
vary
Origin
content-type
audio/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21299
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Sat, 22 Oct 2022 19:44:15 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame CF74 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f94.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 18:17:57 GMT
x-content-type-options
nosniff
age
264378
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 26 Oct 2022 18:17:57 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CF74 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSUN4gAAAAAFAuIzwDdWGVGRqP91mN3cGmZcxR&co=aHR0cHM6Ly93aW5kc29ycnNsLmNvbS5hdTo0NDM.&hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&theme=light&size=invisible&badge=bottomright&cb=m155kempfz5n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:34:22 GMT
x-content-type-options
nosniff
age
475793
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 07:34:22 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CF74 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSUN4gAAAAAFAuIzwDdWGVGRqP91mN3cGmZcxR&co=aHR0cHM6Ly93aW5kc29ycnNsLmNvbS5hdTo0NDM.&hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&theme=light&size=invisible&badge=bottomright&cb=m155kempfz5n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 16:39:11 GMT
x-content-type-options
nosniff
age
11104
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 22 Oct 2023 16:39:11 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame CF74 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSUN4gAAAAAFAuIzwDdWGVGRqP91mN3cGmZcxR&co=aHR0cHM6Ly93aW5kc29ycnNsLmNvbS5hdTo0NDM.&hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&theme=light&size=invisible&badge=bottomright&cb=m155kempfz5n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f106.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSUN4gAAAAAFAuIzwDdWGVGRqP91mN3cGmZcxR&co=aHR0cHM6Ly93aW5kc29ycnNsLmNvbS5hdTo0NDM.&hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&theme=light&size=invisible&badge=bottomright&cb=m155kempfz5n
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sat, 22 Oct 2022 19:44:16 GMT
playback
www.youtube.com/api/stats/ Frame 6EE7 		0
17 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=flV6OPU5cT7hQbFQ&ver=2&cmt=1.077&fmt=244&fs=0&rt=1.51&euri=https%3A%2F%2Fwindsorrsl.com.au%2F&lact=1539&cl=481927134&mos=1&volume=100&cbr=Chrome&cbrver=106.0.5249.119&c=WEB_EMBEDDED_PLAYER&cver=1.20221018.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&delay=4&hl=en_GB&cr=AU&len=59.061&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24135692%2C24169501%2C24175559%2C24219382%2C24248385%2C24255165%2C24276618%2C24279628%2C24289901%2C24290131%2C24292955%2C24297309%2C24298640%2C24396235%2C24396435%2C24397192%2C24398487%2C39322399&rtn=5&afmt=251&size=1600%3A900&inview=0.78&muted=1&docid=qLddUY0Isdg&ei=DkhUY5z9Ic3OvASnl5rABw&plid=AAXrpMiAmLeCbx1Z&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FqLddUY0Isdg%3Fautoplay%3D1%26mute%3D1%26enablejsapi%3D1%26showinfo%3D0%26controls%3D0%26fs%3D0%26iv_load_policy%3D3%26rel%3D0%26showinfo%3D0%26loop%3D1%26playlist%3DqLddUY0Isdg%26start%3D1&list=TLGGV6_cPs40qcQyMjEwMjAyMg&of=GnjoENph7VWO8T-PQcoh8g&vm=CAEQABgEOjJBTGV0MXV5ZDVhcFUyNGl4ZW90MTIwd3N4eU1pY1dSaHAyNW9vM3VBVkl6VlZ3MnkzQWJPQVBta0tESkQ5clhtUzYxbU81eFppX2ZtTzFlXzRQNXJJcUlYUmt6ZGlBR2k4cTh0eV9mTjJReFRvT3NDVlRHMEp6U1J4dEpkS3pVa01ud2gB
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/24c6f8bd/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f93.1e100.net
Software
Video Stats Server /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/qLddUY0Isdg?autoplay=1&mute=1&enablejsapi=1&showinfo=0&controls=0&fs=0&iv_load_policy=3&rel=0&showinfo=0&loop=1&playlist=qLddUY0Isdg&start=1
X-YouTube-Client-Version
1.20221018.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtrNkE1R1NaNkg5USiNkNGaBg%3D%3D
X-YouTube-Ad-Signals
dt=1666467854375&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C900&vis=1&wgl=true&ca_type=image

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 19:44:16 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ptracking
www.youtube.com/ Frame 6EE7 		0
17 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/ptracking?html5=1&video_id=qLddUY0Isdg&cpn=flV6OPU5cT7hQbFQ&ei=DkhUY5z9Ic3OvASnl5rABw&ptk=youtube_none&pltype=contentugc
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/24c6f8bd/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f93.1e100.net
Software
Video Stats Server /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/qLddUY0Isdg?autoplay=1&mute=1&enablejsapi=1&showinfo=0&controls=0&fs=0&iv_load_policy=3&rel=0&showinfo=0&loop=1&playlist=qLddUY0Isdg&start=1
X-YouTube-Client-Version
1.20221018.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtrNkE1R1NaNkg5USiNkNGaBg%3D%3D
X-YouTube-Ad-Signals
dt=1666467854375&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C900&vis=1&wgl=true&ca_type=image

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 19:44:16 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bframe
www.google.com/recaptcha/api2/ Frame CCE5 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6LcSUN4gAAAAAFAuIzwDdWGVGRqP91mN3cGmZcxR
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f106.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1CPa9smIjWbkOFWBhPPx-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windsorrsl.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1120
content-security-policy
script-src 'report-sample' 'nonce-1CPa9smIjWbkOFWBhPPx-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 19:44:16 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
videoplayback
rr3---sn-ntq7yner.googlevideo.com/ Frame 6EE7 		86 KB
86 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rr3---sn-ntq7yner.googlevideo.com/videoplayback?expire=1666489454&ei=DkhUY5z9Ic3OvASnl5rABw&ip=173.245.209.70&id=o-ALVAlYI209jQVY8LpUvWKBAdGWhAFsKnzeJkjwtw1dtw&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=dz&mm=31%2C26&mn=sn-ntq7yner%2Csn-npoe7nek&ms=au%2Conr&mv=m&mvi=3&pl=24&initcwndbps=1106250&spc=yR2vpw-v5-P17genqvnKnf_VhnMEmu0&vprv=1&mime=video%2Fwebm&ns=wJFCFu6bGCffNRf6L6VvHrwI&gir=yes&clen=4694554&dur=59.040&lmt=1656561406928917&mt=1666467452&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=PvbpnjrYptOcrA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAOSIB8SgfSAXGes8UDSoBYUTDG-uZ6rqkYZu8Y1EONWiAiBwMV0E_mAys3aXrWc4DEqokbhN-8x9SBP69UEpT6KTog%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAKbc12oUPHfRzqsESyPgUwrT22w1LDbXoDCtdNQoHuUfAiBDo5VSQNOA0reNWrheW50OXsc6uF0W29-InRzg6UFXQg%3D%3D&alr=yes&cpn=flV6OPU5cT7hQbFQ&cver=1.20221018.01.00&range=409576-497440&rn=8&rbuf=3127
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/24c6f8bd/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.28.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s18-in-f8.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

client-protocol
quic
date
Sat, 22 Oct 2022 19:44:16 GMT
x-restrict-formats-hint
None
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87865
last-modified
Thu, 30 Jun 2022 03:56:46 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21298
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Sat, 22 Oct 2022 19:44:16 GMT
qoe
www.youtube.com/api/stats/ Frame 6EE7 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?fmt=247&afmt=251&cpn=flV6OPU5cT7hQbFQ&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24135692%2C24169501%2C24175559%2C24219382%2C24248385%2C24255165%2C24276618%2C24279628%2C24289901%2C24290131%2C24292955%2C24297309%2C24298640%2C24396235%2C24396435%2C24397192%2C24398487%2C39322399&cl=481927134&seq=2&docid=qLddUY0Isdg&ei=DkhUY5z9Ic3OvASnl5rABw&event=streamingstats&plid=AAXrpMiAmLeCbx1Z&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FqLddUY0Isdg%3Fautoplay%3D1%26mute%3D1%26enablejsapi%3D1%26showinfo%3D0%26controls%3D0%26fs%3D0%26iv_load_policy%3D3%26rel%3D0%26showinfo%3D0%26loop%3D1%26playlist%3DqLddUY0Isdg%26start%3D1&cbr=Chrome&cbrver=106.0.5249.119&c=WEB_EMBEDDED_PLAYER&cver=1.20221018.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&cmt=0.292:1.000,1.391:1.000,1.393:1.002,1.637:1.206&vps=0.292:S,1.391:B,1.393:PL,1.637:PL,1.637:PL&ctmp=startSeconds:t.1083;ss.1&bh=1.393:2.040,1.637:3.112&user_intent=0&vfs=1.637:247:247:244:r&view=1.637:1600:900&bwm=1.637:629287:1.915&bwe=1.637:542767&bat=1.637:1:1&df=1.637:0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/24c6f8bd/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f93.1e100.net
Software
Video Stats Server /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/qLddUY0Isdg?autoplay=1&mute=1&enablejsapi=1&showinfo=0&controls=0&fs=0&iv_load_policy=3&rel=0&showinfo=0&loop=1&playlist=qLddUY0Isdg&start=1
X-YouTube-Client-Version
1.20221018.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtrNkE1R1NaNkg5USiNkNGaBg%3D%3D
X-YouTube-Ad-Signals
dt=1666467854375&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C900&vis=1&wgl=true&ca_type=image

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 19:44:16 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr3---sn-ntq7yner.googlevideo.com/ Frame 6EE7 		439 KB
439 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rr3---sn-ntq7yner.googlevideo.com/videoplayback?expire=1666489454&ei=DkhUY5z9Ic3OvASnl5rABw&ip=173.245.209.70&id=o-ALVAlYI209jQVY8LpUvWKBAdGWhAFsKnzeJkjwtw1dtw&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=dz&mm=31%2C26&mn=sn-ntq7yner%2Csn-npoe7nek&ms=au%2Conr&mv=m&mvi=3&pl=24&initcwndbps=1106250&spc=yR2vpw-v5-P17genqvnKnf_VhnMEmu0&vprv=1&mime=video%2Fwebm&ns=wJFCFu6bGCffNRf6L6VvHrwI&gir=yes&clen=9318031&dur=59.040&lmt=1656561430168823&mt=1666467452&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=PvbpnjrYptOcrA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgUeh8iYY6PIDxxqMUA3hF9hmbyu_sARi9O0V2P6ZMSSsCIQDC2d5J2Cly_nZJcnvw9ksCmoRtfvoP5JLQU6CsrfADkQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAKbc12oUPHfRzqsESyPgUwrT22w1LDbXoDCtdNQoHuUfAiBDo5VSQNOA0reNWrheW50OXsc6uF0W29-InRzg6UFXQg%3D%3D&alr=yes&cpn=flV6OPU5cT7hQbFQ&cver=1.20221018.01.00&range=981436-1431354&rn=9&rbuf=4032
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/24c6f8bd/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.28.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s18-in-f8.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

client-protocol
quic
date
Sat, 22 Oct 2022 19:44:16 GMT
x-restrict-formats-hint
None
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
449919
last-modified
Thu, 30 Jun 2022 03:57:10 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21298
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Sat, 22 Oct 2022 19:44:16 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame CCE5 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6LcSUN4gAAAAAFAuIzwDdWGVGRqP91mN3cGmZcxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f94.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:50:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
251653
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 21:50:03 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame CCE5 		392 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6LcSUN4gAAAAAFAuIzwDdWGVGRqP91mN3cGmZcxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f94.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 02:38:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61570
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
159789
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 22 Oct 2023 02:38:06 GMT
videoplayback
rr3---sn-ntq7yner.googlevideo.com/ Frame 6EE7 		1 MB
1 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rr3---sn-ntq7yner.googlevideo.com/videoplayback?expire=1666489454&ei=DkhUY5z9Ic3OvASnl5rABw&ip=173.245.209.70&id=o-ALVAlYI209jQVY8LpUvWKBAdGWhAFsKnzeJkjwtw1dtw&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=dz&mm=31%2C26&mn=sn-ntq7yner%2Csn-npoe7nek&ms=au%2Conr&mv=m&mvi=3&pl=24&initcwndbps=1106250&spc=yR2vpw-v5-P17genqvnKnf_VhnMEmu0&vprv=1&mime=video%2Fwebm&ns=wJFCFu6bGCffNRf6L6VvHrwI&gir=yes&clen=9318031&dur=59.040&lmt=1656561430168823&mt=1666467452&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=PvbpnjrYptOcrA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgUeh8iYY6PIDxxqMUA3hF9hmbyu_sARi9O0V2P6ZMSSsCIQDC2d5J2Cly_nZJcnvw9ksCmoRtfvoP5JLQU6CsrfADkQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAKbc12oUPHfRzqsESyPgUwrT22w1LDbXoDCtdNQoHuUfAiBDo5VSQNOA0reNWrheW50OXsc6uF0W29-InRzg6UFXQg%3D%3D&alr=yes&cpn=flV6OPU5cT7hQbFQ&cver=1.20221018.01.00&range=1431355-2812223&rn=10&rbuf=6138&pot=D47rWaNtpBcujtMdMnEMRXAcMCCUMiqAZNJv3OEHhDjIWVJ-0hWyuPU04qob5NLEwiOI7s3v9y_pgibls49fKbIo5dZckScowB97bFJBnxfQAnfnKF-20VtPAz-Rsdtn2sdhP7o=
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/24c6f8bd/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.28.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s18-in-f8.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

client-protocol
quic
date
Sat, 22 Oct 2022 19:44:16 GMT
x-restrict-formats-hint
None
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1380869
last-modified
Thu, 30 Jun 2022 03:57:10 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21298
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Sat, 22 Oct 2022 19:44:16 GMT
reload
www.google.com/recaptcha/api2/ Frame CCE5 		39 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LcSUN4gAAAAAFAuIzwDdWGVGRqP91mN3cGmZcxR
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f106.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6LcSUN4gAAAAAFAuIzwDdWGVGRqP91mN3cGmZcxR
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Sat, 22 Oct 2022 19:44:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24173
x-xss-protection
1; mode=block
expires
Sat, 22 Oct 2022 19:44:16 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 6EE7 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/24c6f8bd/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f93.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
X-Goog-Request-Time
1666467856557
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/qLddUY0Isdg?autoplay=1&mute=1&enablejsapi=1&showinfo=0&controls=0&fs=0&iv_load_policy=3&rel=0&showinfo=0&loop=1&playlist=qLddUY0Isdg&start=1
X-YouTube-Client-Version
1.20221018.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtrNkE1R1NaNkg5USiNkNGaBg%3D%3D
X-YouTube-Ad-Signals
dt=1666467854036&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C900&vis=1&wgl=true&ca_type=image

Response headers

date
Sat, 22 Oct 2022 19:44:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
videoplayback
rr3---sn-ntq7yner.googlevideo.com/ Frame 6EE7 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rr3---sn-ntq7yner.googlevideo.com/videoplayback?expire=1666489454&ei=DkhUY5z9Ic3OvASnl5rABw&ip=173.245.209.70&id=o-ALVAlYI209jQVY8LpUvWKBAdGWhAFsKnzeJkjwtw1dtw&itag=251&source=youtube&requiressl=yes&mh=dz&mm=31%2C26&mn=sn-ntq7yner%2Csn-npoe7nek&ms=au%2Conr&mv=m&mvi=3&pl=24&initcwndbps=1106250&spc=yR2vpw-v5-P17genqvnKnf_VhnMEmu0&vprv=1&mime=audio%2Fwebm&ns=wJFCFu6bGCffNRf6L6VvHrwI&gir=yes&clen=977632&dur=59.061&lmt=1656561425087971&mt=1666467452&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=PvbpnjrYptOcrA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMoCcb6aIJ9WC1o218lwmI43OzXYe4lv3FN8kvRdJ_KtAiEA7olrdePpFTux313DxoRYTfthumj5gXXQvxcDBPQD7gU%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAKbc12oUPHfRzqsESyPgUwrT22w1LDbXoDCtdNQoHuUfAiBDo5VSQNOA0reNWrheW50OXsc6uF0W29-InRzg6UFXQg%3D%3D&alr=yes&cpn=flV6OPU5cT7hQbFQ&cver=1.20221018.01.00&range=131430-233945&rn=11&rbuf=5980&pot=D47rWaNtpBcujtMdMnEMRXAcMCCUMiqAZNJv3OEHhDjIWVJ-0hWyuPU04qob5NLEwiOI7s3v9y_pgibls49fKbIo5dZckScowB97bFJBnxfQAnfnKF-20VtPAz-Rsdtn2sdhP7o=
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/24c6f8bd/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.28.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s18-in-f8.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

client-protocol
quic
date
Sat, 22 Oct 2022 19:44:16 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102516
last-modified
Thu, 30 Jun 2022 03:57:05 GMT
server
gvs 1.0
vary
Origin
content-type
audio/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21298
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Sat, 22 Oct 2022 19:44:16 GMT
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame CCE5 		600 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f94.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 18:57:09 GMT
x-content-type-options
nosniff
age
2827
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
600
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 29 Oct 2022 18:57:09 GMT
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame CCE5 		530 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f94.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 01:46:53 GMT
x-content-type-options
nosniff
age
64643
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
530
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 29 Oct 2022 01:46:53 GMT
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame CCE5 		665 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f94.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 15:09:29 GMT
x-content-type-options
nosniff
age
102887
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
665
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 28 Oct 2022 15:09:29 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CCE5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:34:22 GMT
x-content-type-options
nosniff
age
475794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 07:34:22 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CCE5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 10:45:19 GMT
x-content-type-options
nosniff
age
118737
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15340
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Oct 2023 10:45:19 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CCE5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 16:39:11 GMT
x-content-type-options
nosniff
age
11105
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 22 Oct 2023 16:39:11 GMT
payload
www.google.com/recaptcha/api2/ Frame CCE5 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/recaptcha/api2/payload?p=06AIIukzgFFU_WvRgnqZGuCnvno4YIKMmJsbNUG6N0tMEhTqAefPCqmTzIrqvzUqcicwJH2sAWPnqfQPPT3ytd0VWDz2WYqQy_YlmhBx9ZVrBesfut10x_o0c9nW29zBsYzrNCHnAjdZ6aznMM2TCrRasjaoLAKGP025i0W_zJmF2zkQF1oKHqQNeEHSWpJ_NcDZRxXJy4BdBl48lSB6gsN1AJ89D7rNBQrA&k=6LcSUN4gAAAAAFAuIzwDdWGVGRqP91mN3cGmZcxR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f106.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6LcSUN4gAAAAAFAuIzwDdWGVGRqP91mN3cGmZcxR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:44:16 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
private, max-age=30
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27240
x-xss-protection
1; mode=block
expires
Sat, 22 Oct 2022 19:44:16 GMT
videoplayback
rr3---sn-ntq7yner.googlevideo.com/ Frame 6EE7 		0
0
atr
www.youtube.com/api/stats/ Frame 6EE7 		0
0
qoe
www.youtube.com/api/stats/ Frame 6EE7 		0
0
watchtime
www.youtube.com/api/stats/ Frame 6EE7 		0
0
log_event
www.youtube.com/youtubei/v1/ Frame 6EE7 		0
0
frame.html
bestwin-for-u.life/media/mainstream/ Frame 9F41 		39 B
320 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bestwin-for-u.life/media/mainstream/frame.html
Requested by
Host: bestwin-for-u.life
URL: https://bestwin-for-u.life/?u=4dkpaew&o=81yk607&cid=v4k8l981g5fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.94.212.230 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e

Request headers

Referer
https://bestwin-for-u.life/?u=4dkpaew&o=81yk607&cid=v4k8l981g5fr
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-transform
Connection
keep-alive
Content-Length
39
Content-Type
text/html
Date
Sat, 22 Oct 2022 19:44:17 GMT
ETag
"60a50ff7-27"
Last-Modified
Wed, 19 May 2021 13:17:43 GMT
Server
nginx
Vary
Accept-Encoding
/
2219.misstarbone.live/fabblbqy/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.youtube.com
URL
https://www.youtube.com/s/player/24c6f8bd/www-player.css
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Domain
www.youtube.com
URL
https://www.youtube.com/s/player/24c6f8bd/www-embed-player.vflset/www-embed-player.js
Domain
www.youtube.com
URL
https://www.youtube.com/s/player/24c6f8bd/player_ias.vflset/en_GB/base.js
Domain
www.youtube.com
URL
https://www.youtube.com/s/player/24c6f8bd/fetch-polyfill.vflset/fetch-polyfill.js
Domain
jquery0.com
URL
https://jquery0.com/jWXxbH
Domain
rr3---sn-ntq7yner.googlevideo.com
URL
https://rr3---sn-ntq7yner.googlevideo.com/videoplayback?expire=1666489454&ei=DkhUY5z9Ic3OvASnl5rABw&ip=173.245.209.70&id=o-ALVAlYI209jQVY8LpUvWKBAdGWhAFsKnzeJkjwtw1dtw&itag=251&source=youtube&requiressl=yes&mh=dz&mm=31%2C26&mn=sn-ntq7yner%2Csn-npoe7nek&ms=au%2Conr&mv=m&mvi=3&pl=24&initcwndbps=1106250&spc=yR2vpw-v5-P17genqvnKnf_VhnMEmu0&vprv=1&mime=audio%2Fwebm&ns=wJFCFu6bGCffNRf6L6VvHrwI&gir=yes&clen=977632&dur=59.061&lmt=1656561425087971&mt=1666467452&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=PvbpnjrYptOcrA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMoCcb6aIJ9WC1o218lwmI43OzXYe4lv3FN8kvRdJ_KtAiEA7olrdePpFTux313DxoRYTfthumj5gXXQvxcDBPQD7gU%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAKbc12oUPHfRzqsESyPgUwrT22w1LDbXoDCtdNQoHuUfAiBDo5VSQNOA0reNWrheW50OXsc6uF0W29-InRzg6UFXQg%3D%3D&alr=yes&cpn=flV6OPU5cT7hQbFQ&cver=1.20221018.01.00&range=233946-431767&rn=12&rbuf=11538&pot=D47rWaNtpBcujtMdMnEMRXAcMCCUMiqAZNJv3OEHhDjIWVJ-0hWyuPU04qob5NLEwiOI7s3v9y_pgibls49fKbIo5dZckScowB97bFJBnxfQAnfnKF-20VtPAz-Rsdtn2sdhP7o=
Domain
www.youtube.com
URL
https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=flV6OPU5cT7hQbFQ&ver=2&cmt=2.419&fmt=247&fs=0&rt=2.85&euri=https%3A%2F%2Fwindsorrsl.com.au%2F&lact=2879&cl=481927134&mos=1&volume=100&cbr=Chrome&cbrver=106.0.5249.119&c=WEB_EMBEDDED_PLAYER&cver=1.20221018.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&delay=4&hl=en_GB&cr=AU&len=59.061&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24135692%2C24169501%2C24175559%2C24219382%2C24248385%2C24255165%2C24276618%2C24279628%2C24289901%2C24290131%2C24292955%2C24297309%2C24298640%2C24396235%2C24396435%2C24397192%2C24398487%2C39322399&afmt=251&muted=1&docid=qLddUY0Isdg&ei=DkhUY5z9Ic3OvASnl5rABw&plid=AAXrpMiAmLeCbx1Z&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FqLddUY0Isdg%3Fautoplay%3D1%26mute%3D1%26enablejsapi%3D1%26showinfo%3D0%26controls%3D0%26fs%3D0%26iv_load_policy%3D3%26rel%3D0%26showinfo%3D0%26loop%3D1%26playlist%3DqLddUY0Isdg%26start%3D1&list=TLGGV6_cPs40qcQyMjEwMjAyMg&of=GnjoENph7VWO8T-PQcoh8g&vm=CAEQABgEOjJBTGV0MXV5ZDVhcFUyNGl4ZW90MTIwd3N4eU1pY1dSaHAyNW9vM3VBVkl6VlZ3MnkzQWJPQVBta0tESkQ5clhtUzYxbU81eFppX2ZtTzFlXzRQNXJJcUlYUmt6ZGlBR2k4cTh0eV9mTjJReFRvT3NDVlRHMEp6U1J4dEpkS3pVa01ud2gB
Domain
www.youtube.com
URL
https://www.youtube.com/api/stats/qoe?fmt=247&afmt=251&cpn=flV6OPU5cT7hQbFQ&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24135692%2C24169501%2C24175559%2C24219382%2C24248385%2C24255165%2C24276618%2C24279628%2C24289901%2C24290131%2C24292955%2C24297309%2C24298640%2C24396235%2C24396435%2C24397192%2C24398487%2C39322399&cl=481927134&seq=3&docid=qLddUY0Isdg&ei=DkhUY5z9Ic3OvASnl5rABw&event=streamingstats&plid=AAXrpMiAmLeCbx1Z&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FqLddUY0Isdg%3Fautoplay%3D1%26mute%3D1%26enablejsapi%3D1%26showinfo%3D0%26controls%3D0%26fs%3D0%26iv_load_policy%3D3%26rel%3D0%26showinfo%3D0%26loop%3D1%26playlist%3DqLddUY0Isdg%26start%3D1&cbr=Chrome&cbrver=106.0.5249.119&c=WEB_EMBEDDED_PLAYER&cver=1.20221018.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&cmt=2.143:1.712,2.851:2.419&vps=2.851:N&bwm=2.851:1933304:1.194&bwe=2.851:1729093&bat=2.851:1:1&bh=2.851:7.716
Domain
www.youtube.com
URL
https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=flV6OPU5cT7hQbFQ&ver=2&cmt=2.419&fmt=247&fs=0&rt=2.853&euri=https%3A%2F%2Fwindsorrsl.com.au%2F&lact=2882&cl=481927134&state=paused&volume=100&cbr=Chrome&cbrver=106.0.5249.119&c=WEB_EMBEDDED_PLAYER&cver=1.20221018.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&final=1&delay=4&hl=en_GB&cr=AU&len=59.061&afmt=251&idpj=-7&ldpj=-30&size=1600%3A900&inview=0.78&st=0&et=2.419&muted=1&docid=qLddUY0Isdg&ei=DkhUY5z9Ic3OvASnl5rABw&plid=AAXrpMiAmLeCbx1Z&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FqLddUY0Isdg%3Fautoplay%3D1%26mute%3D1%26enablejsapi%3D1%26showinfo%3D0%26controls%3D0%26fs%3D0%26iv_load_policy%3D3%26rel%3D0%26showinfo%3D0%26loop%3D1%26playlist%3DqLddUY0Isdg%26start%3D1&list=TLGGV6_cPs40qcQyMjEwMjAyMg&of=GnjoENph7VWO8T-PQcoh8g&vm=CAEQABgEOjJBTGV0MXV5ZDVhcFUyNGl4ZW90MTIwd3N4eU1pY1dSaHAyNW9vM3VBVkl6VlZ3MnkzQWJPQVBta0tESkQ5clhtUzYxbU81eFppX2ZtTzFlXzRQNXJJcUlYUmt6ZGlBR2k4cTh0eV9mTjJReFRvT3NDVlRHMEp6U1J4dEpkS3pVa01ud2gB
Domain
www.youtube.com
URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Domain
2219.misstarbone.live
URL
https://2219.misstarbone.live/fabblbqy/?u=4dkpaew&o=81yk607&cid=v4k8l981g5fr&f=1&sid=t3~zq434a5xaewcnh4dk5i30wjj&fp=N4w8WmiHFU2UxA4VgeqhfyS%2BqY97VzhH8T3O3AAgZFLJGUGceAxkYmRHgU0zgIA254bM6wYEqyjj65YhUZQHd8%2BCNwhPARwrjB30EA2ad7IA8KK9VQNp2IJYts%2FEbka%2B5n2F7KEs0y7uS9tZGMhTfKoWuKnW0CkkmAOeF0Iiy3869AP0gZ1TSlQSTfryR2GI%2F1iFDwyWxKMtEGKbCZXrd9aXTQHFfcBAzDFOSmmyfAwqCLqgeBUW6UCOCBPHwZAZWM6uR7WBvGwR1xp7TN%2FIBo73zO72pna64k7XUdVFm8TdTq7lCw3DvxFm70CUr427%2BFPYsK0GY%2BZtzApxkF4S3Wa2xHcHx8v4NoNFq%2BcE7UU0dnkPhkRGOmtgXzBlwCXwLpYuGb9w4oxBrpzdGQj1yQ2msU21rYO3saD4s%2BRFxI28kDHKN8YcCtsa8ejsevq7Sip2SC5d90uTpmzVeZwmi%2FNRgA%2FUVBWxzEZ6gsGoXaNr%2F0Lacu4I2ieIDYg3zJg0%2FU%2FozBrka5mBpki5kzavi2M2X%2BU5KnVBoodv5E0l9paN1jzBLkyvJCof3eBdyKzsWdnE8zrphRM55Mhd0gAiUj75hE%2FwAieJvuJNApy8LSmDhe3Hbc5TuI%2BKQg7OXV%2FMpGLdPJnG77ezOfPrs5SYbzXZpxmXkwKgwC3NYLWQJ5t4F5VbqieSlzKsoU0ieTnyevjPj88AaZU1mTL5GSb%2FofMUexqWqNAYdL542qToVTjjFCS2nGp9gsBXMdfRxTH%2BOcyQrJP8xS00L4LAsJffB4LUoWmKuNQim9t0qa%2BBqPhTnt75btVU%2F9S%2BE2cBFQdabjfljFEsqbVd02HS9hqMfwt6YSsZRdn2%2B0Epoz8AtCRQNirk25X6eK95%2BjnLZ6TT9fjXw9UTGG589mF0PvY%2Fs8u%2Bw8Jx9ryJLDXkJTOzhcuR%2BH%2BIEmqDblYlZ1Jyzfmw7UaBe1PcfOU0TEpvE8WbQThSzZngzksywzgqKGNJ3hoP%2B1z4CFuAsz37oCmNB1BZ3gJ87hlwS1%2F7I4i9yhU7pvFkcGm9iKy1IY%2BQwWVkAfxviXSanlXH%2BXT8siG5kkBHI9QKlOSJ0AX81GG2kWBbZNvIW1ixmc2Xuq7ZqXX35itAGM77cMBAYHI%2FqQThDFJdBzIgchAG7CPJxTWRUJkWIB8dIM1AzKkbYFnswpw6IT%2FSXwfTE2lOIra362e6Mju4wMLPMVjRNC%2Buqld4axrDza6Qc1KDWhDuV3zVz3pwNujC%2BQBmFrCkbIYIKe84xoeXl2tSJx4uBQWXzA03NToeOkde9zi2WpkN0t6DwWBrizWpK7j7%2FADPffuOU%2BqmPyEGL%2Bg9xjW6%2B2BY6Blnkk6Q7vJuP2pH2Ij229Py435yHHBsB9ajqZL145oPftP6Zs%2BEYt%2FxYsZKkrOApxJwX7vEiHmICCe1dNc%2FLDbBh3dS5KfGd3uUp2Gvz2Olqe%2BHInGW1SsBVouxRSCt620646RWtOhIM%2B0RkvzwbDMPp%2FCGoJVoA95qXh4ntA3apgmEo6eY9aoDQ64fp1vr%2FHdDOhCvB9gmNl3ZiiYVb42uSHgiu10qRVRzrRaz7Xb6J7vxGzu1rrXrji7qziobI3NZi7hCucSIOhXHPNNLHCrZNA0fhQrp%2FbuBvWT1v6AeQWVWpUAUqT4orUpk0%2BGyoy2dzevl9NotDgCCzQ%2BEC%2BMRNdUrVTvPUfR73aKDn1Y2N%2BGDyydjcY9rqaZrObqYJZ2v96xmmVnGVm4NiRpp%2BxcHNHY6vPgUQNKXJgXt4%2Bs6u4PJSa1kagSG%2Bbms9C7j4ulMvpqMa%2FfgmI4nGE%2FTs0m1H5ba2iDsmETsvPJfsA4bkBn%2F%2BEUQ1znBYF9DW6xbBJ0jYcnWuzXkJrM%2BUiKShwdr6iev3p%2BlPNLEnOQ%2Bpc%2FXH6LVM3XYsfD64poY3EizsNJIUVV%2BJwcM6eybRQJSaHWC4aK96V7eR77PZxYht1%2Fioivi2QULvozxytQf8Q9Aft50JLh8H9M6a3RshnhZVURbLV9Wr2M%3D

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

5 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: RDTBqNyHOJI
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: k6A5GSZ6H9Q
jquery0.com/ Name: _subid
Value: v4k8l981g5fr
jquery0.com/ Name: fa5f0
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE1M1wiOjE2NjY0Njc4NTR9LFwiY2FtcGFpZ25zXCI6e1wiM1wiOjE2NjY0Njc4NTR9LFwidGltZVwiOjE2NjY0Njc4NTR9In0.oOGG4IdJLq5QHtPlBk3wbhbRfD63xDRPOqI1gHx-VxE
jquery0.com/ Name: _token
Value: uuid_v4k8l981g5fr_v4k8l981g5fr6354480e4c4102.20771796

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2219.misstarbone.live
bestwin-for-u.life
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
jnn-pa.googleapis.com
jquery0.com
rr3---sn-ntq7yner.googlevideo.com
static.doubleclick.net
unpkg.com
windsorrsl.com.au
www.google.com
www.gstatic.com
www.windsorrsl.com.au
www.youtube.com
yt3.ggpht.com
2219.misstarbone.live
fonts.gstatic.com
jquery0.com
rr3---sn-ntq7yner.googlevideo.com
www.youtube.com
104.16.123.175
141.94.212.230
142.250.4.149
172.217.194.95
172.253.118.94
173.194.28.72
35.189.21.116
62.233.50.75
74.125.200.132
74.125.200.93
74.125.200.95
74.125.24.155
74.125.24.94
74.125.68.106
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0
17eccde9ee22d2cbc6de539f81be7be8681ead346867235dbe730508e0fd37d7
1ae0dfcf25c2f9834d99115b516449f16275e9519dd35dfcd22a620a68ae829f
1c8df37e0952bf004a38a3e03b92ba7230dc6ab7710d74aca2d2b46d11d50e75
1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7
1dda5627946b4e1b9b2d6c8af2e49330b8fa2e690a2df466844b55e12fd0e242
201fb55e7fb612155742c44021a128ea0400abb59036c6b9a6979ec57f8acd45
2b79ddacbaf2bf2f867c41d9f855757c7acd262e6738b83db0cc278c91424916
2e8e62d6851dcaec83882d9c8001492de23c63148853660c01606d067e45b2ef
2fab268aae1b0ab09e098e22a06536dd3a589e1a01b4a9d3f0ce56e06d9a6bae
3a1072fc5e60a404c249f32eef7ebbeec0722a2fc6ecce393926a39ba8075293
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
432535d9cace238b86c74501e95e5a3141401f4d3a554c354a090e9e214e5e39
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4b6b4a150ca923b9f64d9ac7cec20cb77c8c422b8578ff2c639b0b470775461b
4bfc4c1c553cd28d54f909def2b3c9981b02aa40a537873a257fd8cc9713343f
4f1cb4b2be7b83d0215330856522d8f04bd2f7fe0eaf853a620933e490a50992
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5d68050d7f431dce4907514675252e46343be65889107c8655a8f08252c42827
5df2942db2352e49e00bcf3393b875a71d0acee986e48fbdcc5879846f5c3689
60d5d830f8a9f387340ef1617646ce03cc8e03e2aa85760975dde0675af45875
693c8b61667ac94847264924178702a190c5113b41b82085dad0641f89e3f864
6b33a79d8f907195d1a9962cf11cf154eb13254e1b60f2d14e72450cbde70e38
6bd07a0074c193ea4c258a45d57e9d0fc61ce182b83af26c2ab20dc9324968f0
7524d490c61134e066b3cb0c7ee65a5d791c0f2ad7bfe20f64cae9025eb88c95
7536f0df059eb4232aeb10fa05bd89b6da621240062499542da570d39fb833ba
769f017376381a3a381c29cb179dc6b145ccd69ccbd597ee81c999ebede8c9d0
81556f38ccd763884270a287d8602759ecca85ec4f93548631550b4514393d46
85ef04807c239e3cd31dba513750001f0b4785784b3743abaae86d544df35eae
926aacf9aee9d59a6f0496f9c0a8a5fd5984a9aaac678296620c1a95d74c5f1d
9379d5934b79faa1354503ea315854f3c01f17af14584871dea4bf6c5102ede7
983d82e2cfa45caf0e5b0850815744c4d6e8c26a96b8dcb38d186450dd8c5627
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
a4154499f1b9c2921d66c362414dd47c3baa9a95c5783a66c8a9598768fa782a
a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b05beb5a9a40307eb0228cca06a6426d2501485abcf448e8a31fedfb70e87e49
b5e75a6b6761afacf1cd0fa8c0063321b61434773ac5275c7fa7ec666d8d5c3c
cb2bab50b2d9a5dfc14cbc78d673f9e18cbdc51d50f7b81b571e09c6877c2099
cb6ee6a6282488c320dcfc19ec32b7fc7d05f1d57bbc5ef521e5c9ffeac71f10
ccda26b6480a6e1649d3402f8e948d6cd0795aaf68ffe3bb156ffac301dc28a2
d2d330f53cdfd25a188faebfc07535a76190bcc529946b09c74d0971e84b53cd
d70d9853ff87464d69a8174e3a76633bf29e45aaafcbccb214c10722b2b9714c
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f351003a795b02dd533c25bbfa92f57c605e6dd8a9812f46167f45f8976b9ada
fd6e9d324ac44c4bc092ab406f311377f1d2f27196f93298f0ee892d90de1e81
ff42302a77bcdef5d113b26248084bd8e2aa37efe11ee2365b91e8648d526d77