travianscript.rf.gd Open in urlscan Pro
185.27.134.213 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://travianscript.rf.gd/
Effective URL:
http://travianscript.rf.gd/index.php?i=1
Submission: On October 21 via api (October 21st 2023, 5:04:02 pm UTC) from US — Scanned from GB

Summary HTTP 59 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 9 domains to perform 59 HTTP transactions. The main IP is 185.27.134.213, located in United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is travianscript.rf.gd.

This is the only time travianscript.rf.gd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 20	185.27.134.213 185.27.134.213	34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4009:12::a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
59	13

20 185.27.134.213 (United Kingdom) 1 redirects

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)

travianscript.rf.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4009:12::a (London, United Kingdom)

ASN15169 (GOOGLE, US)

rr5---sn-aigl6nl7.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	rf.gd 1 redirects travianscript.rf.gd	2 MB
14	youtube.com www.youtube.com — Cisco Umbrella Rank: 85	1 MB
5	googlevideo.com rr5---sn-aigl6nl7.googlevideo.com — Cisco Umbrella Rank: 48265	428 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	116 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49 jnn-pa.googleapis.com — Cisco Umbrella Rank: 237	33 KB
4	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 104	88 KB
3	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 224	36 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 static.doubleclick.net — Cisco Umbrella Rank: 304	1 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	15 KB
59	9

	Domain	Requested by
20	travianscript.rf.gd	1 redirects travianscript.rf.gd
14	www.youtube.com	travianscript.rf.gd www.youtube.com
5	rr5---sn-aigl6nl7.googlevideo.com	www.youtube.com
4	i.ytimg.com	www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
4	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
3	yt3.ggpht.com	www.youtube.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
1	www.gstatic.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	fonts.googleapis.com	travianscript.rf.gd
59	12

This site contains links to these domains. Also see Links.

Domain
xenforo.gen.tr
xentr.net

Subject Issuer	Validity	Valid
*.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-10-10` - `2023-12-19`	2 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://travianscript.rf.gd/index.php?i=1
Frame ID: 9B666A86BBFDB6B881BB61B09B32D52A
Requests: 23 HTTP requests in this frame

Frame: https://www.youtube.com/embed/kpK4cDk2bRs?rel=0&autoplay=1
Frame ID: 4A22AF50EA20CA11B6C9CDEB486931BF
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TravianScript

Page URL History Show full URLs

http://travianscript.rf.gd/ Page URL
http://travianscript.rf.gd/?i=1 HTTP 301
http://travianscript.rf.gd/index.php?i=1 Page URL

Detected technologies

XenForo (Message Boards) Expand

Overall confidence: 100%
Detected patterns

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

particles.js (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

<div id="particles-js">
/particles(?:\.min)?\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

59
Requests

59 %
HTTPS

92 %
IPv6

9
Domains

12
Subdomains

13
IPs

2
Countries

3565 kB
Transfer

6335 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://xenforo.gen.tr/
Title: Türkçe XenForo 2

Search URL Search Domain Scan URL

URL: https://xentr.net/
Title: Xenforo Theme © by ©XenTR

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://travianscript.rf.gd/ Page URL
http://travianscript.rf.gd/?i=1 HTTP 301
http://travianscript.rf.gd/index.php?i=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

59 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
travianscript.rf.gd/ 830 B
1 KB 101ms
40ms Document
text/html 185.27.134.213
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://travianscript.rf.gd/
Protocol: HTTP/1.1
Server: 185.27.134.213 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 69e52e414507018d7023629d189cacd95e6f02933c871c6b0d5011547309c941

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-cache
Connection: keep-alive
Content-Length: 830
Content-Type: text/html
Date: Sat, 21 Oct 2023 17:03:54 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Server: nginx

GET
H/1.1 200
OK aes.js Show response
travianscript.rf.gd/ 13 KB
14 KB 41ms
41ms Script
application/javascript 185.27.134.213
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://travianscript.rf.gd/aes.js
Requested by: Host: travianscript.rf.gd
URL: http://travianscript.rf.gd/
Protocol: HTTP/1.1
Server: 185.27.134.213 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://travianscript.rf.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sat, 21 Oct 2023 17:03:54 GMT
Last-Modified: Sun, 15 Oct 2023 18:02:22 GMT
Server: nginx
ETag: "652c292e-35a5"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13733

GET
H/1.1

200
OK

Primary Request index.php Show response
travianscript.rf.gd/
Redirect Chain

http://travianscript.rf.gd/?i=1
http://travianscript.rf.gd/index.php?i=1

63 KB
64 KB

1423ms
1423ms

Document
text/html

185.27.134.213
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL

http://travianscript.rf.gd/index.php?i=1

Requested by

Host: travianscript.rf.gd
URL: http://travianscript.rf.gd/

Protocol

HTTP/1.1

Server

185.27.134.213 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),

Reverse DNS

Software

nginx /

Resource Hash

dfe357103930e9769a00545397cdd3a0c8db3cbed94dd32585a4a18ecc0205c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://travianscript.rf.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: private, no-cache, max-age=0
Connection: keep-alive
Content-Length: 64778
Content-Type: text/html; charset=utf-8
Date: Sat, 21 Oct 2023 17:03:56 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Sat, 21 Oct 2023 17:03:54 GMT
Server: nginx
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

Redirect headers

Cache-Control: private, no-cache, max-age=0
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Sat, 21 Oct 2023 17:03:54 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Sat, 21 Oct 2023 17:03:54 GMT
Location: http://travianscript.rf.gd/index.php?i=1
Server: nginx
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK fa-regular-400.woff2
travianscript.rf.gd/styles/fonts/fa/ 169 KB
169 KB 182ms
141ms Font
application/octet-stream 185.27.134.213
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://travianscript.rf.gd/styles/fonts/fa/fa-regular-400.woff2?_v=5.14.0
Requested by: Host: travianscript.rf.gd
URL: http://travianscript.rf.gd/index.php?i=1
Protocol: HTTP/1.1
Server: 185.27.134.213 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 58f76b0b684536fbea8ae9ae7177607e81a261407916e9a86e063b02948e9adc

Request headers

Referer: http://travianscript.rf.gd/index.php?i=1
Origin: http://travianscript.rf.gd
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sat, 21 Oct 2023 17:03:56 GMT
Last-Modified: Sat, 25 Mar 2023 21:52:29 GMT
Server: nginx
ETag: "2a4a4-5f7c086afc140"
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 173220
Expires: Sat, 21 Oct 2023 17:03:56 GMT

GET
H/1.1 200
OK fa-solid-900.woff2
travianscript.rf.gd/styles/fonts/fa/ 137 KB
138 KB 157ms
114ms Font
application/octet-stream 185.27.134.213
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://travianscript.rf.gd/styles/fonts/fa/fa-solid-900.woff2?_v=5.14.0
Requested by: Host: travianscript.rf.gd
URL: http://travianscript.rf.gd/index.php?i=1
Protocol: HTTP/1.1
Server: 185.27.134.213 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 2a2399d510fe0bb91bf136a84c8f186c5bd3a57a2aac94a39bf167850588717f

Request headers

Referer: http://travianscript.rf.gd/index.php?i=1
Origin: http://travianscript.rf.gd
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sat, 21 Oct 2023 17:03:56 GMT
Last-Modified: Sat, 25 Mar 2023 21:52:30 GMT
Server: nginx
ETag: "225a0-5f7c086bf0380"
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 140704
Expires: Sat, 21 Oct 2023 17:03:56 GMT

GET
H/1.1 200
OK fa-brands-400.woff2
travianscript.rf.gd/styles/fonts/fa/ 76 KB
76 KB 139ms
96ms Font
application/octet-stream 185.27.134.213
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://travianscript.rf.gd/styles/fonts/fa/fa-brands-400.woff2?_v=5.14.0
Requested by: Host: travianscript.rf.gd
URL: http://travianscript.rf.gd/index.php?i=1
Protocol: HTTP/1.1
Server: 185.27.134.213 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 485ef94c52a4c62277533950ca70e9c4b13f97eed65cc868b22bd8c37e3ada11

Request headers

Referer: http://travianscript.rf.gd/index.php?i=1
Origin: http://travianscript.rf.gd
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sat, 21 Oct 2023 17:03:56 GMT
Last-Modified: Sat, 25 Mar 2023 21:52:25 GMT
Server: nginx
ETag: "12e40-5f7c08672b840"
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77376
Expires: Sat, 21 Oct 2023 17:03:56 GMT

GET
H/1.1 200
OK css.php
travianscript.rf.gd/ 404 KB
404 KB 395ms
359ms Stylesheet
text/css 185.27.134.213
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL

http://travianscript.rf.gd/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=2&l=2&d=1693736956&k=6dca0fbbd9e70f5e8a639cd68862b2b7be8bfbf1

Requested by

Host: travianscript.rf.gd
URL: http://travianscript.rf.gd/index.php?i=1

Protocol

HTTP/1.1

Server

185.27.134.213 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),

Reverse DNS

Software

nginx /

Resource Hash

658baa7e7c752320692b8d106473aea4ba76897d70aa0d80b62b07e67fa6a641

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://travianscript.rf.gd/index.php?i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sat, 21 Oct 2023 17:03:56 GMT
Last-Modified: Sun, 03 Sep 2023 10:29:16 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=31536000
Connection: keep-alive
Content-Length: 413737
Expires: Sun, 20 Oct 2024 17:03:56 GMT

GET
H/1.1 200
OK css.php
travianscript.rf.gd/ 84 KB
84 KB 235ms
195ms Stylesheet
text/css 185.27.134.213
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL

http://travianscript.rf.gd/css.php?css=public%3Anode_list.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Axentr_base.less%2Cpublic%3Axentr_footer.less%2Cpublic%3Axentr_forum_statistics.less%2Cpublic%3Axentr_newsTicker_widget.less%2Cpublic%3Axentr_quick_touch.less%2Cpublic%3Axentr_sidebar_visitor_card.less%2Cpublic%3Axentr_top_section.less%2Cpublic%3Axtr_bootstrap_grid.less%2Cpublic%3Aextra.less&s=2&l=2&d=1693736956&k=9aa7b71f0eef3352e8023dab70a27296a693f103

Requested by

Host: travianscript.rf.gd
URL: http://travianscript.rf.gd/index.php?i=1

Protocol

HTTP/1.1

Server

185.27.134.213 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),

Reverse DNS

Software

nginx /

Resource Hash

e78bb3513fe836f0cecdcf32a83a5ff7641e59f10491d00a7883b7aae0640680

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://travianscript.rf.gd/index.php?i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sat, 21 Oct 2023 17:03:56 GMT
Last-Modified: Sun, 03 Sep 2023 10:29:16 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=31536000
Connection: keep-alive
Content-Length: 85844
Expires: Sun, 20 Oct 2024 17:03:56 GMT

GET
H/1.1 200
OK preamble.min.js Show response
travianscript.rf.gd/js/xf/ 3 KB
3 KB 84ms
42ms Script
application/javascript 185.27.134.213
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://travianscript.rf.gd/js/xf/preamble.min.js?_v=b7e7c94e
Requested by: Host: travianscript.rf.gd
URL: http://travianscript.rf.gd/index.php?i=1
Protocol: HTTP/1.1
Server: 185.27.134.213 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: b48fc223d524430ef86336e524ca8b95b74927ca840abc04a0407b58e5905823

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://travianscript.rf.gd/index.php?i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sat, 21 Oct 2023 17:03:56 GMT
Last-Modified: Sat, 25 Mar 2023 21:53:38 GMT
Server: nginx
ETag: "c4a-5f7c08acc9c80"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3146
Expires: Mon, 20 Nov 2023 17:03:56 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 11 KB
1 KB 102ms
56ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Requested by

Host: travianscript.rf.gd
URL: http://travianscript.rf.gd/index.php?i=1

Protocol

HTTP/1.1

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e51ad7199e9e3f5f57fea10eda63e260e1aa75b7931ce146231485340509c76a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://travianscript.rf.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sat, 21 Oct 2023 17:03:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Sat, 21 Oct 2023 17:03:56 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 21 Oct 2023 17:03:56 GMT

GET
H/1.1 200
OK coollogo_com-248072170.png
travianscript.rf.gd/data/assets/logo/ 22 KB
22 KB 41ms
41ms Image
image/png 185.27.134.213
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://travianscript.rf.gd/data/assets/logo/coollogo_com-248072170.png
Requested by: Host: travianscript.rf.gd
URL: http://travianscript.rf.gd/index.php?i=1
Protocol: HTTP/1.1
Server: 185.27.134.213 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 05a3a445339e17709f0111a24885389addef9ee4a77e3c36e27f9f233d6ae150

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://travianscript.rf.gd/index.php?i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sat, 21 Oct 2023 17:03:56 GMT
Last-Modified: Fri, 01 Sep 2023 20:27:23 GMT
Server: nginx
ETag: "5808-60451fcf460c0"
Content-Type: image/png
Cache-Control: max-age=2592000, public, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22536
Expires: Mon, 20 Nov 2023 17:03:56 GMT

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
travianscript.rf.gd/js/vendor/jquery/ 87 KB
88 KB 42ms
42ms Script
application/javascript 185.27.134.213
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://travianscript.rf.gd/js/vendor/jquery/jquery-3.5.1.min.js?_v=b7e7c94e
Requested by: Host: travianscript.rf.gd
URL: http://travianscript.rf.gd/index.php?i=1
Protocol: HTTP/1.1
Server: 185.27.134.213 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://travianscript.rf.gd/index.php?i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sat, 21 Oct 2023 17:03:56 GMT
Last-Modified: Sat, 25 Mar 2023 21:54:14 GMT
Server: nginx
ETag: "15d84-5f7c08cf1ed80"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89476
Expires: Mon, 20 Nov 2023 17:03:56 GMT

GET
H/1.1 200
OK vendor-compiled.js Show response
travianscript.rf.gd/js/vendor/ 69 KB
69 KB 41ms
41ms Script
application/javascript 185.27.134.213
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://travianscript.rf.gd/js/vendor/vendor-compiled.js?_v=b7e7c94e
Requested by: Host: travianscript.rf.gd
URL: http://travianscript.rf.gd/index.php?i=1
Protocol: HTTP/1.1
Server: 185.27.134.213 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: a97392a02775136f7fcda1786540414e4a6595f79c49dc1bc9c790f472a9a9f3

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://travianscript.rf.gd/index.php?i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sat, 21 Oct 2023 17:03:56 GMT
Last-Modified: Sat, 25 Mar 2023 21:53:16 GMT
Server: nginx
ETag: "113ab-5f7c0897ceb00"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70571
Expires: Mon, 20 Nov 2023 17:03:56 GMT

GET
H/1.1 200
OK core-compiled.js Show response
travianscript.rf.gd/js/xf/ 218 KB
218 KB 42ms
42ms Script
application/javascript 185.27.134.213
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://travianscript.rf.gd/js/xf/core-compiled.js?_v=b7e7c94e
Requested by: Host: travianscript.rf.gd
URL: http://travianscript.rf.gd/index.php?i=1
Protocol: HTTP/1.1
Server: 185.27.134.213 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 3e0c8341c19e5027ed667ec1540d2b02c9ea399da59bd98535bea7b01bccd3f0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://travianscript.rf.gd/index.php?i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sat, 21 Oct 2023 17:03:56 GMT
Last-Modified: Sat, 25 Mar 2023 21:53:26 GMT
Server: nginx
ETag: "36667-5f7c08a158180"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 222823
Expires: Mon, 20 Nov 2023 17:03:56 GMT

GET
H/1.1 200
OK particles.min.js Show response
travianscript.rf.gd/js/xtr/ryzer/ 23 KB
23 KB 41ms
41ms Script
application/javascript 185.27.134.213
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://travianscript.rf.gd/js/xtr/ryzer/particles.min.js?_v=b7e7c94e
Requested by: Host: travianscript.rf.gd
URL: http://travianscript.rf.gd/index.php?i=1
Protocol: HTTP/1.1
Server: 185.27.134.213 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://travianscript.rf.gd/index.php?i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sat, 21 Oct 2023 17:03:56 GMT
Last-Modified: Sat, 25 Mar 2023 22:03:21 GMT
Server: nginx
ETag: "5b44-5f7c0ad8c7c40"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23364
Expires: Mon, 20 Nov 2023 17:03:56 GMT

GET
H/1.1 200
OK typed.min.js Show response
travianscript.rf.gd/js/xtr/ryzer/ 5 KB
6 KB 41ms
41ms Script
application/javascript 185.27.134.213
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://travianscript.rf.gd/js/xtr/ryzer/typed.min.js?_v=b7e7c94e
Requested by: Host: travianscript.rf.gd
URL: http://travianscript.rf.gd/index.php?i=1
Protocol: HTTP/1.1
Server: 185.27.134.213 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 5755506320c27c9aa5865dc12671aef21a6876d92b8bb55a7c0ce492f7762bc7

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://travianscript.rf.gd/index.php?i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sat, 21 Oct 2023 17:03:56 GMT
Last-Modified: Sat, 25 Mar 2023 22:03:21 GMT
Server: nginx
ETag: "14ce-5f7c0ad8c7c40"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5326
Expires: Mon, 20 Nov 2023 17:03:56 GMT

GET
H2 200 kpK4cDk2bRs Show response
www.youtube.com/embed/ Frame 4A22 91 KB
41 KB 216ms
118ms Document
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/kpK4cDk2bRs?rel=0&autoplay=1

Requested by

Host: travianscript.rf.gd
URL: http://travianscript.rf.gd/index.php?i=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51039abf0d7fbd9054937fe6e0b0b4c62715e6a4b4fce027c95812861c799801

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://travianscript.rf.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 17:03:57 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK simple-dashed.png
travianscript.rf.gd/styles/xentr/ryzer/_custom/ 115 B
448 B 43ms
42ms Image
image/png 185.27.134.213
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://travianscript.rf.gd/styles/xentr/ryzer/_custom/simple-dashed.png
Requested by: Host: travianscript.rf.gd
URL: http://travianscript.rf.gd/css.php?css=public%3Anode_list.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Axentr_base.less%2Cpublic%3Axentr_footer.less%2Cpublic%3Axentr_forum_statistics.less%2Cpublic%3Axentr_newsTicker_widget.less%2Cpublic%3Axentr_quick_touch.less%2Cpublic%3Axentr_sidebar_visitor_card.less%2Cpublic%3Axentr_top_section.less%2Cpublic%3Axtr_bootstrap_grid.less%2Cpublic%3Aextra.less&s=2&l=2&d=1693736956&k=9aa7b71f0eef3352e8023dab70a27296a693f103
Protocol: HTTP/1.1
Server: 185.27.134.213 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 1f7bc6f93a668582687cbc8d89a402ab2d704a274df4cad9e88b381aa3405ccd

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://travianscript.rf.gd/css.php?css=public%3Anode_list.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Axentr_base.less%2Cpublic%3Axentr_footer.less%2Cpublic%3Axentr_forum_statistics.less%2Cpublic%3Axentr_newsTicker_widget.less%2Cpublic%3Axentr_quick_touch.less%2Cpublic%3Axentr_sidebar_visitor_card.less%2Cpublic%3Axentr_top_section.less%2Cpublic%3Axtr_bootstrap_grid.less%2Cpublic%3Aextra.less&s=2&l=2&d=1693736956&k=9aa7b71f0eef3352e8023dab70a27296a693f103
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sat, 21 Oct 2023 17:03:56 GMT
Last-Modified: Sat, 25 Mar 2023 22:04:07 GMT
Server: nginx
ETag: "73-5f7c0b04a63c0"
Content-Type: image/png
Cache-Control: max-age=2592000, public, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 115
Expires: Mon, 20 Nov 2023 17:03:56 GMT

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 88ms
44ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://travianscript.rf.gd
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 18:18:58 GMT
X-Content-Type-Options: nosniff
Age: 168299
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 48432
X-XSS-Protection: 0
Last-Modified: Thu, 14 Sep 2023 00:40:31 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 18 Oct 2024 18:18:58 GMT

GET
H/1.1 200
OK fa-light-300.woff2
travianscript.rf.gd/styles/fonts/fa/ 185 KB
185 KB 126ms
126ms Font
application/octet-stream 185.27.134.213
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://travianscript.rf.gd/styles/fonts/fa/fa-light-300.woff2?_v=5.14.0
Requested by: Host: travianscript.rf.gd
URL: http://travianscript.rf.gd/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=2&l=2&d=1693736956&k=6dca0fbbd9e70f5e8a639cd68862b2b7be8bfbf1
Protocol: HTTP/1.1
Server: 185.27.134.213 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: dbbe0d8ca25eef4edbbd3248feb22f8f9cc20ded608cd3e5c410f27bf7e97f92

Request headers

Referer: http://travianscript.rf.gd/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=2&l=2&d=1693736956&k=6dca0fbbd9e70f5e8a639cd68862b2b7be8bfbf1
Origin: http://travianscript.rf.gd
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sat, 21 Oct 2023 17:03:56 GMT
Last-Modified: Sat, 25 Mar 2023 21:52:28 GMT
Server: nginx
ETag: "2e40c-5f7c086a07f00"
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 189452
Expires: Sat, 21 Oct 2023 17:03:56 GMT

GET
H/1.1 200
OK fa-duotone-900.woff2
travianscript.rf.gd/styles/fonts/fa/ 183 KB
183 KB 124ms
124ms Font
application/octet-stream 185.27.134.213
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://travianscript.rf.gd/styles/fonts/fa/fa-duotone-900.woff2?_v=5.14.0
Requested by: Host: travianscript.rf.gd
URL: http://travianscript.rf.gd/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=2&l=2&d=1693736956&k=6dca0fbbd9e70f5e8a639cd68862b2b7be8bfbf1
Protocol: HTTP/1.1
Server: 185.27.134.213 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 20ec55e764f09d132a679b2aa4ef98a9256b58b7a1a79f70dfec5e901160de75

Request headers

Referer: http://travianscript.rf.gd/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=2&l=2&d=1693736956&k=6dca0fbbd9e70f5e8a639cd68862b2b7be8bfbf1
Origin: http://travianscript.rf.gd
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sat, 21 Oct 2023 17:03:56 GMT
Last-Modified: Sat, 25 Mar 2023 21:52:26 GMT
Server: nginx
ETag: "2da54-5f7c08681fa80"
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 186964
Expires: Sat, 21 Oct 2023 17:03:56 GMT

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v36/ 34 KB
35 KB 90ms
46ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://travianscript.rf.gd
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 19:12:12 GMT
X-Content-Type-Options: nosniff
Age: 165105
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 35120
X-XSS-Protection: 0
Last-Modified: Thu, 14 Sep 2023 01:03:47 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 18 Oct 2024 19:12:12 GMT

GET
H/1.1 200
OK 1.jpg
travianscript.rf.gd/data/avatars/s/0/ 2 KB
2 KB 43ms
43ms Image
image/jpeg 185.27.134.213
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://travianscript.rf.gd/data/avatars/s/0/1.jpg?1693594469
Requested by: Host: travianscript.rf.gd
URL: http://travianscript.rf.gd/index.php?i=1
Protocol: HTTP/1.1
Server: 185.27.134.213 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 62576d9df45c6a8ce4ffef587b7c4b4c18c6325efd2c7b68c392245f540621f5

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://travianscript.rf.gd/index.php?i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sat, 21 Oct 2023 17:03:56 GMT
Last-Modified: Fri, 01 Sep 2023 18:54:30 GMT
Server: nginx
ETag: "637-60450b0c72580"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1591
Expires: Mon, 20 Nov 2023 17:03:56 GMT

POST job.php
travianscript.rf.gd/ 0
0

GET
H2 200 www-player.css
www.youtube.com/s/player/dd34ec3d/ Frame 4A22 379 KB
48 KB 45ms
45ms Stylesheet
text/css 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dd34ec3d/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kpK4cDk2bRs?rel=0&autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d42d9e8a5975207cb02aae556e0403d885ec3e05da4ef170c07595c4a500c69d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/kpK4cDk2bRs?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 15:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6764
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49033
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 01:52:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 20 Oct 2024 15:11:13 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4A22 15 KB
16 KB 141ms
44ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kpK4cDk2bRs?rel=0&autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 50754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Oct 2024 02:58:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4A22 15 KB
15 KB 152ms
55ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kpK4cDk2bRs?rel=0&autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:06:30 GMT
x-content-type-options: nosniff
age: 169047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 18:06:30 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/dd34ec3d/www-embed-player.vflset/ Frame 4A22 318 KB
95 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dd34ec3d/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kpK4cDk2bRs?rel=0&autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ee5c9e9f3ff16052b3ccd7ba71c89dc87f5364b8135ff8c604bd7be650cad62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/kpK4cDk2bRs?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 16:43:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1238
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97482
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 01:52:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 20 Oct 2024 16:43:19 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_GB/ Frame 4A22 3 MB
800 KB 91ms
91ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_GB/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kpK4cDk2bRs?rel=0&autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d118f69e9d8262179b3a7e1a1df8c3bfad17aacd59969f5447d34645b46b78bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/kpK4cDk2bRs?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 15:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5767
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 818707
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 01:52:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 20 Oct 2024 15:27:50 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 4A22
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

53ms
52ms

XHR
application/json

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kpK4cDk2bRs?rel=0&autoplay=1

Protocol

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb534618fe9e18dc147b088ac1bcd2d9b20fc796e83a900af999f3f126ac20de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 21 Oct 2023 17:03:58 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 4A22 29 B
495 B 145ms
45ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 16:55:58 GMT
x-content-type-options: nosniff
age: 480
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Oct 2023 17:10:58 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 153ms
54ms Preflight
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 21 Oct 2023 17:03:58 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4A22 69 KB
32 KB 63ms
62ms XHR
application/json+protobuf 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba8376a6c1ce4799c4a08bac15976dbdfbf3bcfddb9114504b88c2b602bb5848

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 21 Oct 2023 17:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32171
x-xss-protection: 0

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame 4A22 79 KB
33 KB 154ms
154ms XHR
application/json 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

9fc6bf4f669ff47cce712a0c7493232b8ee470fde30f1d2fd1f46c6fb623cb22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/kpK4cDk2bRs?rel=0&autoplay=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20231015.00.00
X-Goog-Visitor-Id: CgtqTlBfU3B3N3pfOCj9iNCpBjIICgJHQhICGgA%3D

Response headers

date: Sat, 21 Oct 2023 17:03:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33675
x-xss-protection: 0
expires: Sat, 21 Oct 2023 17:03:58 GMT

GET
H2 200 zEfCWrJsF8GWq2CtYueXG8skkVl11z8HN4Cg9ySc7ro.js Show response
www.google.com/js/th/ Frame 4A22 38 KB
15 KB 140ms
44ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/zEfCWrJsF8GWq2CtYueXG8skkVl11z8HN4Cg9ySc7ro.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc47c25ab26c17c196ab60ad62e7971bcb24915975d73f073780a0f7249ceeba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 14:37:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95182
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14861
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Oct 2024 14:37:36 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_GB/ Frame 4A22 53 KB
17 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_GB/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35ae919ff1b5da7325d4502c483e272d08bf8e107a17dab622fe829d47175124

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/kpK4cDk2bRs?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 06:47:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 209807
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16922
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 01:52:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 18 Oct 2024 06:47:11 GMT

GET
DATA 200
OK truncated
/ Frame 4A22 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 APkrFKbwytMsWTVgu6gX8ahHfFSacXuKYvTpC2ZRVb6K=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 4A22 3 KB
3 KB 146ms
46ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/APkrFKbwytMsWTVgu6gX8ahHfFSacXuKYvTpC2ZRVb6K=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kpK4cDk2bRs?rel=0&autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

77804181024ebd2a9ae710d6234f5ce7a6385911155c24dfd657f98c085795cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 14:32:18 GMT
x-content-type-options: nosniff
age: 9100
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2647
x-xss-protection: 0
server: fife
etag: "v8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 22 Oct 2023 14:32:18 GMT

GET
DATA 200
OK truncated
/ Frame 4A22 268 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad42e8a35d2104ef1e5ac594d0332cb386e20be762761ce2d5f28554dddf0f40

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 4A22 28 B
54 B 64ms
58ms XHR
application/json 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
X-Goog-Request-Time: 1697907838133
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/kpK4cDk2bRs?rel=0&autoplay=1
X-YouTube-Client-Version: 1.20231015.00.00
X-YouTube-Time-Zone: Europe/London
X-Goog-Visitor-Id: CgtqTlBfU3B3N3pfOCj9iNCpBjIICgJHQhICGgA%3D
X-YouTube-Ad-Signals: dt=1697907837752&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C250%2C250&vis=1&wgl=true&ca_type=image

Response headers

date: Sat, 21 Oct 2023 17:03:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sat, 21 Oct 2023 17:03:58 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 4A22 0
10 B 43ms
43ms Image
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?qkPzyA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/kpK4cDk2bRs?rel=0&autoplay=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/kpK4cDk2bRs?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:03:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame 4A22 0
19 B 53ms
53ms XHR
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=243&cpn=-0rO7Wt0AKwyNyj3&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C2602%2C73492%2C54572%2C73455%2C207525%2C23071%2C84737%2C25687%2C9542%2C1089%2C5877%2C394%2C3200%2C26436294%2C4054%2C445%2C808%2C572%2C105%2C1005%2C4175%2C9370%2C819%2C737%2C2040%2C564%2C6665%2C859%2C2667&cl=573668619&seq=1&docid=kpK4cDk2bRs&ei=fQQ0ZaGEPZW06dsP492F-Ag&event=streamingstats&plid=AAYIPPmMaar1y8ra&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FkpK4cDk2bRs%3Frel%3D0%26autoplay%3D1&qclc=ChAtMHJPN1d0MEFLd3lOeWozEAE&embargoed=0&cbr=Chrome&cbrver=118.0.5993.88&c=WEB_EMBEDDED_PLAYER&cver=1.20231015.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.008:B,0.222:B,0.222:B&cat=streaming&cmt=0.008:0.000,0.222:0.000&vfs=0.222:243:243::r&view=0.222:250:250&bwe=0.222:130000&vis=0.222:0&bh=0.222:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/kpK4cDk2bRs?rel=0&autoplay=1
X-YouTube-Client-Version: 1.20231015.00.00
X-YouTube-Time-Zone: Europe/London
X-Goog-Visitor-Id: CgtqTlBfU3B3N3pfOCj9iNCpBjIICgJHQhICGgA%3D
X-YouTube-Ad-Signals: dt=1697907837873&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C250%2C250&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:03:58 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK videoplayback Show response
rr5---sn-aigl6nl7.googlevideo.com/ Frame 4A22 65 KB
66 KB 184ms
59ms Fetch
application/vnd.yt-ump 2a00:1450:4009:12::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-aigl6nl7.googlevideo.com/videoplayback?expire=1697929438&ei=fQQ0ZaGEPZW06dsP492F-Ag&ip=2001%3Aac8%3A21%3Ae%3A%3A10&id=o-AGxXpSc3_l6Wj43B-fTBlRjgF2pfMj63HkxFgXjhWGto&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278%2C298%2C302&source=youtube&requiressl=yes&mh=JW&mm=31%2C29&mn=sn-aigl6nl7%2Csn-aigzrn7s&ms=au%2Crdu&mv=m&mvi=5&pl=48&initcwndbps=768750&spc=UWF9fxGfozSaDrYILdOzxscEKVtWjDiP3QqYc_HjsA&vprv=1&svpuc=1&mime=video%2Fwebm&ns=6m4h4qmEJ6Lj0OOzFoh_GBQP&gir=yes&clen=2303251&dur=246.246&lmt=1695737769874063&mt=1697907432&fvip=1&keepalive=yes&fexp=24007246&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=QKjUmgQ50c5jmA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AK1ks_kwRQIgG8iPtpSizuYN3hxXb1AruDqcGPRS3Yf6aN7cL9-f-MYCIQDy--lMm6X5xmLDr4-ejLi1xnl_itZG5CWupPBzYyc09w%3D%3D&alr=yes&sig=AGM4YrMwRAIgKhMGM31_mqI-woKzBXDbnayogQ1LRV02ZcS5pCQrZH4CIG_DyZ1WkwbWGksggbb35JmE81uUMMileX6rgR_szfvC&cpn=-0rO7Wt0AKwyNyj3&cver=1.20231015.00.00&range=0-66361&rn=1&rbuf=0&pot=IjICYgJhZ1YGHEEFdhNWDkAEV1FAUUxRcgRNIWhbayxBEkAISytBBUgqUwpLIUUFQ0cxJg==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_GB/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4009:12::a London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

cae034f9a43ac73ffead80c6f7e37a89ba992a1d5d9ffbae52e191a566df9cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sat, 21 Oct 2023 17:03:58 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Last-Modified: Tue, 26 Sep 2023 14:16:09 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/vnd.yt-ump
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Expires: Sat, 21 Oct 2023 17:03:58 GMT

POST
H/1.1 200
OK videoplayback Show response
rr5---sn-aigl6nl7.googlevideo.com/ Frame 4A22 65 KB
66 KB 156ms
33ms Fetch
application/vnd.yt-ump 2a00:1450:4009:12::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-aigl6nl7.googlevideo.com/videoplayback?expire=1697929438&ei=fQQ0ZaGEPZW06dsP492F-Ag&ip=2001%3Aac8%3A21%3Ae%3A%3A10&id=o-AGxXpSc3_l6Wj43B-fTBlRjgF2pfMj63HkxFgXjhWGto&itag=251&source=youtube&requiressl=yes&mh=JW&mm=31%2C29&mn=sn-aigl6nl7%2Csn-aigzrn7s&ms=au%2Crdu&mv=m&mvi=5&pl=48&initcwndbps=768750&spc=UWF9fxGfozSaDrYILdOzxscEKVtWjDiP3QqYc_HjsA&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=6m4h4qmEJ6Lj0OOzFoh_GBQP&gir=yes&clen=4143625&dur=246.281&lmt=1695734666914504&mt=1697907432&fvip=1&keepalive=yes&fexp=24007246&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=QKjUmgQ50c5jmA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AK1ks_kwRQIgXmtJ0G_suBzDXi5aVEbobe4VdVPwnWDzHiGcWL33I6UCIQCZFuit1U3DPFhtGSc6-hDFdSQAOkpb6CFSEVw28gzy_w%3D%3D&alr=yes&sig=AGM4YrMwRgIhAPwU6kHv6Mz8beHqWeXu0ylEEDTtg7WRTDkFvvYUQKLNAiEA9Su3x4FIyWGMy1BxCurQET1hxvGmtX9vtqWsfzJHpJ8%3D&cpn=-0rO7Wt0AKwyNyj3&cver=1.20231015.00.00&range=0-66223&rn=2&rbuf=0&pot=IjLr1OvXjuDvqqizn6W_uKmyvuep56Xnm7Kkl4HtgpqopKm-op2os6Gcuryil6yzqvHYkA==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_GB/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4009:12::a London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

6dd2efb68e0bd72962b1bf5a63ae7a98f8ab923311483802dbfd4cb251c52c6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sat, 21 Oct 2023 17:03:58 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Last-Modified: Tue, 26 Sep 2023 13:24:26 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/vnd.yt-ump
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Expires: Sat, 21 Oct 2023 17:03:58 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_GB/ Frame 4A22 116 KB
33 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_GB/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2d21abc0ecb3ecba7d38db12010017a918c64b72dad7f5d09586ffcfc106f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/kpK4cDk2bRs?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 16:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89181
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33503
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 01:52:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 19 Oct 2024 16:17:37 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_GB/ Frame 4A22 32 KB
8 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_GB/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7645c66d6fa06b2cb18df536194254d417300bfe73a89b535b374b7911d564cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/kpK4cDk2bRs?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:45:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 465482
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8177
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 01:52:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 15 Oct 2024 07:45:56 GMT

GET
H3 200 annotations_module.js Show response
www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_GB/ Frame 4A22 68 KB
18 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_GB/annotations_module.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4812f43529cba982fadb07661e0275e4c51dc927e7140e694b9794a6061b0a9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/kpK4cDk2bRs?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 465393
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18752
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 01:52:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 15 Oct 2024 07:47:25 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame 4A22 36 KB
6 KB 518ms
516ms XHR
application/json 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

7ddf7a737f2049657b02fe0f74cca1b867ff2d807d2306dcbc2b26f3f0bb0708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/kpK4cDk2bRs?rel=0&autoplay=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20231015.00.00
X-Goog-Visitor-Id: CgtqTlBfU3B3N3pfOCj9iNCpBjIICgJHQhICGgA%3D

Response headers

date: Sat, 21 Oct 2023 17:03:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6194
x-xss-protection: 0
expires: Sat, 21 Oct 2023 17:03:58 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/kpK4cDk2bRs/ Frame 4A22 28 KB
28 KB 146ms
48ms Image
image/webp 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/kpK4cDk2bRs/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kpK4cDk2bRs?rel=0&autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9422c15682e3b49c6c68b3397f31a7839e2863e398e47ce6b52ac40d8b7a57bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 16:54:45 GMT
x-content-type-options: nosniff
age: 553
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28416
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 21 Oct 2023 18:54:45 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 52ms
52ms Preflight
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 21 Oct 2023 17:03:58 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4A22 90 B
134 B 56ms
55ms XHR
application/json+protobuf 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dddec75f5b217aea90954de9340df1e5b1c12af6b0458f7e07ae1bbdf95b98a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 21 Oct 2023 17:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/4Z2y85gW84U/ Frame 4A22 28 KB
28 KB 122ms
99ms Image
image/webp 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/4Z2y85gW84U/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kpK4cDk2bRs?rel=0&autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a3f6029aebc6af896f300d649f645ecf6198e707e4c8c610f5e57f02b6e223a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 16:24:40 GMT
x-content-type-options: nosniff
age: 2358
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28688
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 21 Oct 2023 18:24:40 GMT

GET
DATA 200
OK truncated
/ Frame 4A22 229 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 339be58cfd00cf6f56fbb5def7e0d410f2177b7ae00993c5647fe4083fcb5a6f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4A22 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b79ec3853e32493190ce5cc7545de7c741f0960f5f6b7bc4dd6e155a8b67144a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 APkrFKbwytMsWTVgu6gX8ahHfFSacXuKYvTpC2ZRVb6K=s400-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 4A22 30 KB
30 KB 46ms
46ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/APkrFKbwytMsWTVgu6gX8ahHfFSacXuKYvTpC2ZRVb6K=s400-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kpK4cDk2bRs?rel=0&autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b5c1050658a65ceeffdff0ceb9d6e159faefd06823b485272d8ced8074d096c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 13:59:22 GMT
x-content-type-options: nosniff
age: 11076
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30256
x-xss-protection: 0
server: fife
etag: "v8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 22 Oct 2023 13:59:22 GMT

GET
H2 200 featured_channel.jpg
i.ytimg.com/an/GkQCAeRjyP9BpNwVFMaJaw/ Frame 4A22 3 KB
4 KB 62ms
46ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/an/GkQCAeRjyP9BpNwVFMaJaw/featured_channel.jpg?v=61eadbc1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kpK4cDk2bRs?rel=0&autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77543b7b661a1211581af401a9163870454a26aa0bfab13d18f85c91d81d7bdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 15:17:51 GMT
x-content-type-options: nosniff
age: 6367
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3523
x-xss-protection: 0
server: sffe
etag: "1642781633"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 21 Oct 2023 17:17:51 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 4A22 4 KB
2 KB 229ms
130ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 21 Oct 2023 17:03:58 GMT

POST
H3 200 videoplayback Show response
rr5---sn-aigl6nl7.googlevideo.com/ Frame 4A22 73 KB
73 KB 144ms
32ms Fetch
application/vnd.yt-ump 2a00:1450:4009:12::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-aigl6nl7.googlevideo.com/videoplayback?expire=1697929438&ei=fQQ0ZaGEPZW06dsP492F-Ag&ip=2001%3Aac8%3A21%3Ae%3A%3A10&id=o-AGxXpSc3_l6Wj43B-fTBlRjgF2pfMj63HkxFgXjhWGto&itag=251&source=youtube&requiressl=yes&mh=JW&mm=31%2C29&mn=sn-aigl6nl7%2Csn-aigzrn7s&ms=au%2Crdu&mv=m&mvi=5&pl=48&initcwndbps=768750&spc=UWF9fxGfozSaDrYILdOzxscEKVtWjDiP3QqYc_HjsA&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=6m4h4qmEJ6Lj0OOzFoh_GBQP&gir=yes&clen=4143625&dur=246.281&lmt=1695734666914504&mt=1697907432&fvip=1&keepalive=yes&fexp=24007246&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=QKjUmgQ50c5jmA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AK1ks_kwRQIgXmtJ0G_suBzDXi5aVEbobe4VdVPwnWDzHiGcWL33I6UCIQCZFuit1U3DPFhtGSc6-hDFdSQAOkpb6CFSEVw28gzy_w%3D%3D&alr=yes&sig=AGM4YrMwRgIhAPwU6kHv6Mz8beHqWeXu0ylEEDTtg7WRTDkFvvYUQKLNAiEA9Su3x4FIyWGMy1BxCurQET1hxvGmtX9vtqWsfzJHpJ8%3D&cpn=-0rO7Wt0AKwyNyj3&cver=1.20231015.00.00&range=66224-141113&rn=3&rbuf=3964&pot=Mm6_rH2hBNJemL-U58uRatuMox4mhN8iLK7PB50I1jO9tRZJvRY2-HhnbRwnnZmvvBwBVWff6yTtb-JB8t8Y6zwtcTH5CCI6dyZpjHFFJkJydLKQ5l3kohAXycQcyqI8qEhKsKP8EOC_aWYune8qiA==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:12::a London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

1bf245925783e25241f1ae2c1f7d2aa3ffad90dce783096331bd99c1537486b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

client-protocol: quic
date: Sat, 21 Oct 2023 17:03:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 26 Sep 2023 13:24:26 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires: Sat, 21 Oct 2023 17:03:58 GMT

POST
H3 200 videoplayback Show response
rr5---sn-aigl6nl7.googlevideo.com/ Frame 4A22 66 KB
66 KB 32ms
32ms Fetch
application/vnd.yt-ump 2a00:1450:4009:12::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-aigl6nl7.googlevideo.com/videoplayback?expire=1697929438&ei=fQQ0ZaGEPZW06dsP492F-Ag&ip=2001%3Aac8%3A21%3Ae%3A%3A10&id=o-AGxXpSc3_l6Wj43B-fTBlRjgF2pfMj63HkxFgXjhWGto&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278%2C298%2C302&source=youtube&requiressl=yes&mh=JW&mm=31%2C29&mn=sn-aigl6nl7%2Csn-aigzrn7s&ms=au%2Crdu&mv=m&mvi=5&pl=48&initcwndbps=768750&spc=UWF9fxGfozSaDrYILdOzxscEKVtWjDiP3QqYc_HjsA&vprv=1&svpuc=1&mime=video%2Fwebm&ns=6m4h4qmEJ6Lj0OOzFoh_GBQP&gir=yes&clen=2303251&dur=246.246&lmt=1695737769874063&mt=1697907432&fvip=1&keepalive=yes&fexp=24007246&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=QKjUmgQ50c5jmA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AK1ks_kwRQIgG8iPtpSizuYN3hxXb1AruDqcGPRS3Yf6aN7cL9-f-MYCIQDy--lMm6X5xmLDr4-ejLi1xnl_itZG5CWupPBzYyc09w%3D%3D&alr=yes&sig=AGM4YrMwRAIgKhMGM31_mqI-woKzBXDbnayogQ1LRV02ZcS5pCQrZH4CIG_DyZ1WkwbWGksggbb35JmE81uUMMileX6rgR_szfvC&cpn=-0rO7Wt0AKwyNyj3&cver=1.20231015.00.00&range=66362-133717&rn=4&rbuf=6952&pot=Mm6_rH2hBNJemL-U58uRatuMox4mhN8iLK7PB50I1jO9tRZJvRY2-HhnbRwnnZmvvBwBVWff6yTtb-JB8t8Y6zwtcTH5CCI6dyZpjHFFJkJydLKQ5l3kohAXycQcyqI8qEhKsKP8EOC_aWYune8qiA==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:12::a London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

f28a9d33937c11064b68e53ba5f0ad53b6f89848aecf8157000fa240edf54805

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 21 Oct 2023 17:03:58 GMT
date: Sat, 21 Oct 2023 17:03:58 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
last-modified: Tue, 26 Sep 2023 14:16:09 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

POST
H3 200 videoplayback Show response
rr5---sn-aigl6nl7.googlevideo.com/ Frame 4A22 157 KB
157 KB 33ms
33ms Fetch
application/vnd.yt-ump 2a00:1450:4009:12::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-aigl6nl7.googlevideo.com/videoplayback?expire=1697929438&ei=fQQ0ZaGEPZW06dsP492F-Ag&ip=2001%3Aac8%3A21%3Ae%3A%3A10&id=o-AGxXpSc3_l6Wj43B-fTBlRjgF2pfMj63HkxFgXjhWGto&itag=251&source=youtube&requiressl=yes&mh=JW&mm=31%2C29&mn=sn-aigl6nl7%2Csn-aigzrn7s&ms=au%2Crdu&mv=m&mvi=5&pl=48&initcwndbps=768750&spc=UWF9fxGfozSaDrYILdOzxscEKVtWjDiP3QqYc_HjsA&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=6m4h4qmEJ6Lj0OOzFoh_GBQP&gir=yes&clen=4143625&dur=246.281&lmt=1695734666914504&mt=1697907432&fvip=1&keepalive=yes&fexp=24007246&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=QKjUmgQ50c5jmA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AK1ks_kwRQIgXmtJ0G_suBzDXi5aVEbobe4VdVPwnWDzHiGcWL33I6UCIQCZFuit1U3DPFhtGSc6-hDFdSQAOkpb6CFSEVw28gzy_w%3D%3D&alr=yes&sig=AGM4YrMwRgIhAPwU6kHv6Mz8beHqWeXu0ylEEDTtg7WRTDkFvvYUQKLNAiEA9Su3x4FIyWGMy1BxCurQET1hxvGmtX9vtqWsfzJHpJ8%3D&cpn=-0rO7Wt0AKwyNyj3&cver=1.20231015.00.00&range=141114-301581&rn=5&rbuf=8495&pot=Mm6_rH2hBNJemL-U58uRatuMox4mhN8iLK7PB50I1jO9tRZJvRY2-HhnbRwnnZmvvBwBVWff6yTtb-JB8t8Y6zwtcTH5CCI6dyZpjHFFJkJydLKQ5l3kohAXycQcyqI8qEhKsKP8EOC_aWYune8qiA==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:12::a London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

e47384488ef9dcf854a3c5235cc9206798e3cd511aa28a14d66a8044c197ec02

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

client-protocol: quic
date: Sat, 21 Oct 2023 17:03:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 26 Sep 2023 13:24:26 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires: Sat, 21 Oct 2023 17:03:58 GMT

GET
H3 200 APkrFKbwytMsWTVgu6gX8ahHfFSacXuKYvTpC2ZRVb6K=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 4A22 4 KB
4 KB 46ms
46ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/APkrFKbwytMsWTVgu6gX8ahHfFSacXuKYvTpC2ZRVb6K=s88-c-k-c0x00ffffff-no-rj

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d52d776d2ae41dcfc3e622fb6c4da24f55d7d875a1020008fd776b58efc099fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 14:04:05 GMT
x-content-type-options: nosniff
age: 10793
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3599
x-xss-protection: 0
server: fife
etag: "v8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 22 Oct 2023 14:04:05 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/kpK4cDk2bRs/ Frame 4A22 28 KB
28 KB 44ms
44ms Image
image/webp 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/kpK4cDk2bRs/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9422c15682e3b49c6c68b3397f31a7839e2863e398e47ce6b52ac40d8b7a57bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 16:54:45 GMT
x-content-type-options: nosniff
age: 553
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28416
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 21 Oct 2023 18:54:45 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 4A22 28 B
54 B 58ms
57ms XHR
application/json 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
X-Goog-Request-Time: 1697907840547
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/kpK4cDk2bRs?rel=0&autoplay=1
X-YouTube-Client-Version: 1.20231015.00.00
X-YouTube-Time-Zone: Europe/London
X-Goog-Visitor-Id: CgtqTlBfU3B3N3pfOCj9iNCpBjIICgJHQhICGgA%3D
X-YouTube-Ad-Signals: dt=1697907837752&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C250%2C250&vis=1&wgl=true&ca_type=image

Response headers

date: Sat, 21 Oct 2023 17:04:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sat, 21 Oct 2023 17:04:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: travianscript.rf.gd
URL: http://travianscript.rf.gd/job.php

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
travianscript.rf.gd/	1970-01-21 01:14:27	Name: __test Value: 53fed2951959562d853b46765001183a
travianscript.rf.gd/	1969-12-31 23:59:59	Name: xf_csrf Value: w3hEw_HSXEPoECwg
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Bl0mt3l4NqE
.youtube.com/	1970-01-20 19:57:39	Name: VISITOR_INFO1_LIVE Value: jNP_Spw7z_8

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: http://travianscript.rf.gd/index.php?i=1(Line 2155) Message: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
rr5---sn-aigl6nl7.googlevideo.com
static.doubleclick.net
travianscript.rf.gd
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
travianscript.rf.gd
185.27.134.213
2a00:1450:4001:800::200a
2a00:1450:4001:80b::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:827::2001
2a00:1450:4001:827::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2016
2a00:1450:4001:830::2006
2a00:1450:4009:12::a
05a3a445339e17709f0111a24885389addef9ee4a77e3c36e27f9f233d6ae150
1a3f6029aebc6af896f300d649f645ecf6198e707e4c8c610f5e57f02b6e223a
1bf245925783e25241f1ae2c1f7d2aa3ffad90dce783096331bd99c1537486b9
1f7bc6f93a668582687cbc8d89a402ab2d704a274df4cad9e88b381aa3405ccd
20ec55e764f09d132a679b2aa4ef98a9256b58b7a1a79f70dfec5e901160de75
2a2399d510fe0bb91bf136a84c8f186c5bd3a57a2aac94a39bf167850588717f
339be58cfd00cf6f56fbb5def7e0d410f2177b7ae00993c5647fe4083fcb5a6f
35ae919ff1b5da7325d4502c483e272d08bf8e107a17dab622fe829d47175124
3e0c8341c19e5027ed667ec1540d2b02c9ea399da59bd98535bea7b01bccd3f0
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4812f43529cba982fadb07661e0275e4c51dc927e7140e694b9794a6061b0a9f
485ef94c52a4c62277533950ca70e9c4b13f97eed65cc868b22bd8c37e3ada11
5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96
51039abf0d7fbd9054937fe6e0b0b4c62715e6a4b4fce027c95812861c799801
5755506320c27c9aa5865dc12671aef21a6876d92b8bb55a7c0ce492f7762bc7
58f76b0b684536fbea8ae9ae7177607e81a261407916e9a86e063b02948e9adc
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
62576d9df45c6a8ce4ffef587b7c4b4c18c6325efd2c7b68c392245f540621f5
658baa7e7c752320692b8d106473aea4ba76897d70aa0d80b62b07e67fa6a641
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69e52e414507018d7023629d189cacd95e6f02933c871c6b0d5011547309c941
6dd2efb68e0bd72962b1bf5a63ae7a98f8ab923311483802dbfd4cb251c52c6c
6ee5c9e9f3ff16052b3ccd7ba71c89dc87f5364b8135ff8c604bd7be650cad62
7645c66d6fa06b2cb18df536194254d417300bfe73a89b535b374b7911d564cc
77543b7b661a1211581af401a9163870454a26aa0bfab13d18f85c91d81d7bdc
77804181024ebd2a9ae710d6234f5ce7a6385911155c24dfd657f98c085795cd
7ddf7a737f2049657b02fe0f74cca1b867ff2d807d2306dcbc2b26f3f0bb0708
9422c15682e3b49c6c68b3397f31a7839e2863e398e47ce6b52ac40d8b7a57bf
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9fc6bf4f669ff47cce712a0c7493232b8ee470fde30f1d2fd1f46c6fb623cb22
a97392a02775136f7fcda1786540414e4a6595f79c49dc1bc9c790f472a9a9f3
ad42e8a35d2104ef1e5ac594d0332cb386e20be762761ce2d5f28554dddf0f40
b48fc223d524430ef86336e524ca8b95b74927ca840abc04a0407b58e5905823
b5c1050658a65ceeffdff0ceb9d6e159faefd06823b485272d8ced8074d096c9
b79ec3853e32493190ce5cc7545de7c741f0960f5f6b7bc4dd6e155a8b67144a
ba8376a6c1ce4799c4a08bac15976dbdfbf3bcfddb9114504b88c2b602bb5848
c2d21abc0ecb3ecba7d38db12010017a918c64b72dad7f5d09586ffcfc106f63
cae034f9a43ac73ffead80c6f7e37a89ba992a1d5d9ffbae52e191a566df9cf6
cb534618fe9e18dc147b088ac1bcd2d9b20fc796e83a900af999f3f126ac20de
cc47c25ab26c17c196ab60ad62e7971bcb24915975d73f073780a0f7249ceeba
d118f69e9d8262179b3a7e1a1df8c3bfad17aacd59969f5447d34645b46b78bb
d42d9e8a5975207cb02aae556e0403d885ec3e05da4ef170c07595c4a500c69d
d52d776d2ae41dcfc3e622fb6c4da24f55d7d875a1020008fd776b58efc099fb
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47
dbbe0d8ca25eef4edbbd3248feb22f8f9cc20ded608cd3e5c410f27bf7e97f92
dddec75f5b217aea90954de9340df1e5b1c12af6b0458f7e07ae1bbdf95b98a4
dfe357103930e9769a00545397cdd3a0c8db3cbed94dd32585a4a18ecc0205c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47384488ef9dcf854a3c5235cc9206798e3cd511aa28a14d66a8044c197ec02
e51ad7199e9e3f5f57fea10eda63e260e1aa75b7931ce146231485340509c76a
e78bb3513fe836f0cecdcf32a83a5ff7641e59f10491d00a7883b7aae0640680
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f28a9d33937c11064b68e53ba5f0ad53b6f89848aecf8157000fa240edf54805
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6

travianscript.rf.gd Open in urlscan Pro 185.27.134.213 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

59 Requests

59 %HTTPS

92 %IPv6

9 Domains

12 Subdomains

13 IPs

2 Countries

3565 kBTransfer

6335 kBSize

4 Cookies

2 Outgoing links

Page URL History

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

travianscript.rf.gd Open in urlscan Pro
185.27.134.213 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

59 %
HTTPS

92 %
IPv6

9
Domains

12
Subdomains

13
IPs

2
Countries

3565 kB
Transfer

6335 kB
Size

4
Cookies

59 HTTP transactions
4 data transactions