tarolog-uzb.ru Open in urlscan Pro
2a00:5da0:1000::164 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tarolog-uzb.ru/
Submission: On January 05 via api (January 5th 2024, 10:12:48 pm UTC) from US — Scanned from US

Summary HTTP 63 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 11 domains to perform 63 HTTP transactions. The main IP is 2a00:5da0:1000::164, located in Kazakhstan and belongs to PSKZ-ALA, KZ. The main domain is tarolog-uzb.ru.
TLS certificate: Issued by R3 on December 5th 2023. Valid for: 3 months.

This is the only time tarolog-uzb.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2a00:5da0:100... 2a00:5da0:1000::164	48716 (PSKZ-ALA) (PSKZ-ALA)
6	37.46.131.25 37.46.131.25	29182 (RU-JSCIOT) (RU-JSCIOT)
14	2607:f8b0:400... 2607:f8b0:4006:81c::200e	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:817::2006	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80e::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:10::7	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2016	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4009:28::7	15169 (GOOGLE) (GOOGLE)
63	13

16 2a00:5da0:1000::164 (Kazakhstan)

ASN48716 (PSKZ-ALA, KZ)

tarolog-uzb.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.46.131.25 (Russian Federation)

ASN29182 (RU-JSCIOT, RU)
PTR: firmastart.fvds.ru

getbtn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:81c::200e (United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::2006 (United States)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::2001 (United States)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:10::7 (United States)

ASN15169 (GOOGLE, US)

rr2---sn-ab5l6nrd.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2016 (United States)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4009:28::7 (Bolingbrook, United States)

ASN15169 (GOOGLE, US)

rr2---sn-vgqsrnzy.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	tarolog-uzb.ru tarolog-uzb.ru	1 MB
14	youtube.com www.youtube.com — Cisco Umbrella Rank: 79	1 MB
7	googlevideo.com rr2---sn-ab5l6nrd.googlevideo.com — Cisco Umbrella Rank: 29903 rr2---sn-vgqsrnzy.googlevideo.com — Cisco Umbrella Rank: 26388	517 KB
6	getbtn.com getbtn.com	219 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	58 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 306	40 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 static.doubleclick.net — Cisco Umbrella Rank: 371	1 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 193	5 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 104	18 KB
1	google.com www.google.com — Cisco Umbrella Rank: 6	20 KB
0	lpcdn.site Failed s.lpcdn.site Failed
63	11

	Domain	Requested by
16	tarolog-uzb.ru	tarolog-uzb.ru
14	www.youtube.com	tarolog-uzb.ru www.youtube.com
6	getbtn.com	tarolog-uzb.ru getbtn.com
5	rr2---sn-vgqsrnzy.googlevideo.com	www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
3	fonts.gstatic.com	www.youtube.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	rr2---sn-ab5l6nrd.googlevideo.com	www.youtube.com
2	yt3.ggpht.com	www.youtube.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
0	s.lpcdn.site Failed	tarolog-uzb.ru
63	14

This site contains links to these domains. Also see Links.

Domain
getbtn.com
api.whatsapp.com
telegram.im

Subject Issuer	Validity	Valid
tarolog-uzb.ru R3	`2023-12-05` - `2024-03-04`	3 months	crt.sh
getbtn.com R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-12-12` - `2024-02-20`	2 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://tarolog-uzb.ru/
Frame ID: 614653696D803F7844D02294ADDB8AE2
Requests: 34 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ZeHPen0cxqw?rel=0&autoplay=1
Frame ID: 9165A270207902E35C2ABB653FB38D19
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ЭКСТРАСЕНС ВАЛЕНТИНА ☎ +998977188807

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

63
Requests

90 %
HTTPS

92 %
IPv6

11
Domains

14
Subdomains

13
IPs

3
Countries

3003 kB
Transfer

7178 kB
Size

2
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://getbtn.com/
Title: GetBtn

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send/?phone=998977188807&text=%D0%97%D0%B4%D1%80%D0%B0%D0%B2%D1%81%D1%82%D0%B2%D1%83%D0%B9%D1%82%D0%B5%2C+%D1%8F+%D1%85%D0%BE%D1%87%D1%83+%D1%83+%D0%92%D0%B0%D1%81+%D0%BF%D1%80%D0%BE%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C%D1%81%D1%8F&type=phone_number&app_absent=0

Search URL Search Domain Scan URL

URL: https://telegram.im/@gadalka_magi

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=77715715807&text=%D0%97%D0%B4%D1%80%D0%B0%D0%B2%D1%81%D1%82%D0%B2%D1%83%D0%B9%D1%82%D0%B5_%D0%91%D0%B0%D0%B1%D1%83%D1%88%D0%BA%D0%B0_%D0%9B%D0%B0%D1%80%D0%B8%D1%81%D0%B0_%D0%9C%D0%BD%D0%B5_%D0%BD%D1%83%D0%B6%D0%BD%D1%8B_%D0%BC%D0%B0%D0%B3%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B5_%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

63 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
tarolog-uzb.ru/ 243 KB
18 KB 2328ms
367ms Document
text/html 2a00:5da0:1000::164
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://tarolog-uzb.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:5da0:1000::164 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

ce703dc33bf42ac4c62f4742f0270cd2ef98b3cf51378c1c619b94f0d81a7073

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html
date: Fri, 05 Jan 2024 22:12:38 GMT
etag: W/"3cda0-60bbf2c3f9b8d"
last-modified: Tue, 05 Dec 2023 08:39:29 GMT
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: PleskLin

GET
H2 200 vendors.css
tarolog-uzb.ru/assets/3.3/ 308 KB
35 KB 194ms
192ms Stylesheet
text/css 2a00:5da0:1000::164
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://tarolog-uzb.ru/assets/3.3/vendors.css

Requested by

Host: tarolog-uzb.ru
URL: https://tarolog-uzb.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:5da0:1000::164 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

298cdc873ff25130cf897ab957cb09ed3392212f0a60b5313c30f075a31efbbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tarolog-uzb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 22:12:39 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 05 Dec 2023 08:39:32 GMT
server: nginx
etag: W/"656ee1c4-4d1d8"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 plp.css
tarolog-uzb.ru/assets/3.3/ 561 KB
25 KB 194ms
193ms Stylesheet
text/css 2a00:5da0:1000::164
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://tarolog-uzb.ru/assets/3.3/plp.css

Requested by

Host: tarolog-uzb.ru
URL: https://tarolog-uzb.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:5da0:1000::164 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

3633251cd61369b95d69180a9e61ce5fce47ffcae60c15142f03df1343278dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tarolog-uzb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 22:12:39 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 05 Dec 2023 08:39:30 GMT
server: nginx
etag: W/"656ee1c2-8c3e7"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nodes.css
tarolog-uzb.ru/assets/3.3/ 115 KB
45 KB 194ms
193ms Stylesheet
text/css 2a00:5da0:1000::164
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://tarolog-uzb.ru/assets/3.3/nodes.css

Requested by

Host: tarolog-uzb.ru
URL: https://tarolog-uzb.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:5da0:1000::164 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

65d6da3a6bfafe9c78b2bf1e00e5d724f68221a9e48d545969045bc1d6d26b46

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tarolog-uzb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 22:12:39 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 05 Dec 2023 08:39:27 GMT
server: nginx
etag: W/"656ee1bf-1cb66"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vendors.js Show response
tarolog-uzb.ru/assets/3.3/ 355 KB
102 KB 195ms
194ms Script
application/javascript 2a00:5da0:1000::164
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://tarolog-uzb.ru/assets/3.3/vendors.js

Requested by

Host: tarolog-uzb.ru
URL: https://tarolog-uzb.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:5da0:1000::164 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

4a8106ac064e738cd838a7a836bd9527ef3f6b40d9ef44dcdd742c3aef3d818c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tarolog-uzb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 22:12:39 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 05 Dec 2023 08:39:32 GMT
server: nginx
etag: W/"656ee1c4-58d0b"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 plp.js Show response
tarolog-uzb.ru/assets/3.3/ 118 KB
26 KB 195ms
194ms Script
application/javascript 2a00:5da0:1000::164
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://tarolog-uzb.ru/assets/3.3/plp.js

Requested by

Host: tarolog-uzb.ru
URL: https://tarolog-uzb.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:5da0:1000::164 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

47744d063f22aa859d17d3cb9ac01a78db58c5db757e1bbc1a28214e453f0fbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tarolog-uzb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 22:12:39 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 05 Dec 2023 08:39:30 GMT
server: nginx
etag: W/"656ee1c2-1d892"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nodes.js Show response
tarolog-uzb.ru/assets/3.3/ 51 KB
9 KB 195ms
195ms Script
application/javascript 2a00:5da0:1000::164
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://tarolog-uzb.ru/assets/3.3/nodes.js

Requested by

Host: tarolog-uzb.ru
URL: https://tarolog-uzb.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:5da0:1000::164 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

074aa9cd8cbc7faacff2683de887204fc0ce0f3303f05680c1c9b8bf148077dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tarolog-uzb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 22:12:39 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 05 Dec 2023 08:39:28 GMT
server: nginx
etag: W/"656ee1c0-cce0"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET glyphicons-halflings-regular.woff
s.lpcdn.site/assets/fonts/ 0
0

GET glyphicons-halflings-regular.ttf
s.lpcdn.site/assets/fonts/ 0
0

GET fontawesome-webfont.woff2
s.lpcdn.site/fonts/ 0
0

GET fontawesome-webfont.woff
s.lpcdn.site/fonts/ 0
0

GET fontawesome-webfont.ttf
s.lpcdn.site/fonts/ 0
0

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4da9cda3ed0cd5b86728802aecc8e70c8a16e5b95059986db4ada7d13be36793

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 92 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9c9b307ffe4cf8fe6086d183005a979ec23cb3580c96631213ab4ef06f411d2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 /
tarolog-uzb.ru/ 243 KB
243 KB 195ms
194ms Image
text/html 2a00:5da0:1000::164
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tarolog-uzb.ru/

Requested by

Host: tarolog-uzb.ru
URL: https://tarolog-uzb.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:5da0:1000::164 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tarolog-uzb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 22:12:39 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 05 Dec 2023 08:39:29 GMT
server: nginx
etag: W/"3cda0-60bbf2c3f9b8d"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/html

GET
H2 404 400.woff2
tarolog-uzb.ru/fonts/bebasneue/ 0
0 198ms
197ms Font
text/html 2a00:5da0:1000::164
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL: https://tarolog-uzb.ru/fonts/bebasneue/400.woff2
Requested by: Host: tarolog-uzb.ru
URL: https://tarolog-uzb.ru/assets/3.3/plp.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:5da0:1000::164 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://tarolog-uzb.ru/assets/3.3/plp.css
Origin: https://tarolog-uzb.ru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 22:12:39 GMT
content-encoding: br
last-modified: Tue, 05 Dec 2023 06:44:38 GMT
server: nginx
etag: W/"328-60bbd91885980"
vary: Accept-Encoding
content-type: text/html

GET
DATA 200
OK truncated
/ 101 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74c11cc8c58eb4bbcfdf4ba4285b09e55d5c2ffb22dc17cdc1d9633674bcb380

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 101 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8691a28d7cf107325ecafefb2a512dbf1583a07605fcc0dfdd788ac72e57cc5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 96 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 807181b6b36ecdce4ebe486d2d3abe5a07c1d4b08d3a9cf6878a2e64c9fad7fe

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 105 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19d1a2078c34033de4ea857290fb096f1a449c5749cca530f69211c7bd2735ba

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK index.php Show response
getbtn.com/widget/ 8 KB
3 KB 627ms
155ms Script
text/javascript 37.46.131.25
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://getbtn.com/widget/index.php?id=0925848d8888d4a33a2a5d825b975f01

Requested by

Host: tarolog-uzb.ru
URL: https://tarolog-uzb.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.46.131.25 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

firmastart.fvds.ru

Software

nginx/1.10.1 /

Resource Hash

ad11eb0422d385c5b65a98b6535e827851a685609285b78bcd4f8bc27b7c4410

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tarolog-uzb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Jan 2024 22:12:40 GMT
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip
Last-Modified: Fri, 05 Jan 2024 22:12:40 GMT
Server: nginx/1.10.1
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 404 400.woff
tarolog-uzb.ru/fonts/bebasneue/ 0
0 193ms
191ms Font
text/html 2a00:5da0:1000::164
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL: https://tarolog-uzb.ru/fonts/bebasneue/400.woff
Requested by: Host: tarolog-uzb.ru
URL: https://tarolog-uzb.ru/assets/3.3/plp.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:5da0:1000::164 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://tarolog-uzb.ru/assets/3.3/plp.css
Origin: https://tarolog-uzb.ru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 22:12:40 GMT
content-encoding: br
last-modified: Tue, 05 Dec 2023 06:44:38 GMT
server: nginx
etag: W/"328-60bbd91885980"
vary: Accept-Encoding
content-type: text/html

GET
H2 200 ZeHPen0cxqw Show response
www.youtube.com/embed/ Frame 9165 93 KB
41 KB 184ms
118ms Document
text/html 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/ZeHPen0cxqw?rel=0&autoplay=1

Requested by

Host: tarolog-uzb.ru
URL: https://tarolog-uzb.ru/assets/3.3/vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b7d0a7bd87d259a2b503d46616459ff2e6ad0231d881a5a5cbcfca192adf8b7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tarolog-uzb.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 05 Jan 2024 22:12:40 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4c7ff61b0175595cee3357066d926744.png
tarolog-uzb.ru/img/ 209 KB
209 KB 186ms
184ms Image
image/png 2a00:5da0:1000::164
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tarolog-uzb.ru/img/4c7ff61b0175595cee3357066d926744.png

Requested by

Host: tarolog-uzb.ru
URL: https://tarolog-uzb.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:5da0:1000::164 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

1cd9a1035519f087bf7332f05fa7edf8893a558d39b1843e8a04e11855ce1bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tarolog-uzb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 22:12:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Dec 2023 08:39:37 GMT
server: nginx
etag: "656ee1c9-343f7"
x-powered-by: PleskLin
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 214007
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 404 1.png
tarolog-uzb.ru/img/video/ 808 B
808 B 236ms
235ms Image
text/html 2a00:5da0:1000::164
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tarolog-uzb.ru/img/video/1.png
Requested by: Host: tarolog-uzb.ru
URL: https://tarolog-uzb.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:5da0:1000::164 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tarolog-uzb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 22:12:40 GMT
content-encoding: br
last-modified: Tue, 05 Dec 2023 06:44:38 GMT
server: nginx
etag: W/"328-60bbd91885980"
vary: Accept-Encoding
content-type: text/html

GET
H2 200 4929986bc23f9606748817556a3b8ad5.jpg
tarolog-uzb.ru/img/ 68 KB
68 KB 186ms
185ms Image
image/jpeg 2a00:5da0:1000::164
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tarolog-uzb.ru/img/4929986bc23f9606748817556a3b8ad5.jpg

Requested by

Host: tarolog-uzb.ru
URL: https://tarolog-uzb.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:5da0:1000::164 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

f252315e61ba07ece9265b866f6d8b3c4ea57f715c3dd979667ba1ea97ba4489

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tarolog-uzb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 22:12:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Dec 2023 08:39:36 GMT
server: nginx
etag: "656ee1c8-10f3f"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 69439
expires: Thu, 31 Dec 2037 23:55:55 GMT

#PUT
H2 400 index.html Show response
tarolog-uzb.ru/ 150 B
213 B 199ms
199ms XHR
text/html 2a00:5da0:1000::164
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL: https://tarolog-uzb.ru/index.html
Requested by: Host: tarolog-uzb.ru
URL: https://tarolog-uzb.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:5da0:1000::164 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software: nginx /
Resource Hash: 487ad0d2cf075f4328a1adf57ef428759ad4e2c873a8ebd2ad9653990829c9cf

Request headers

Referer: https://tarolog-uzb.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 05 Jan 2024 22:12:40 GMT
server: nginx
content-length: 150
content-type: text/html

GET
H2 200 www-player.css
www.youtube.com/s/player/4fd50162/ Frame 9165 358 KB
47 KB 32ms
24ms Stylesheet
text/css 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZeHPen0cxqw?rel=0&autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297e0f30f226251ffb228a10a6b60b773fae836463e2d686b1df6b20f602b0cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/ZeHPen0cxqw?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 22:33:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 171576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47439
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 22:33:04 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9165 15 KB
16 KB 148ms
53ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZeHPen0cxqw?rel=0&autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:09:52 GMT
x-content-type-options: nosniff
age: 223368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jan 2025 08:09:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9165 15 KB
15 KB 149ms
55ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZeHPen0cxqw?rel=0&autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 16:24:05 GMT
x-content-type-options: nosniff
age: 280115
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 16:24:05 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/4fd50162/www-embed-player.vflset/ Frame 9165 322 KB
96 KB 40ms
38ms Script
text/javascript 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZeHPen0cxqw?rel=0&autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1691b9fe6668e680bc136a8a6bdaf2cceb06382166d6be799c295cf621ba365e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/ZeHPen0cxqw?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 222466
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98534
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:24:54 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/en_US/ Frame 9165 2 MB
769 KB 61ms
59ms Script
text/javascript 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZeHPen0cxqw?rel=0&autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea0d474bd7d6a1380440b283883b16488126164b6bd599141d4670e65ff455c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/ZeHPen0cxqw?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 222466
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 787372
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:24:54 GMT

GET
H2 200 4c7ff61b0175595cee3357066d926744.png
tarolog-uzb.ru/img/ 209 KB
209 KB 190ms
186ms Image
image/png 2a00:5da0:1000::164
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tarolog-uzb.ru/img/4c7ff61b0175595cee3357066d926744.png

Requested by

Host: tarolog-uzb.ru
URL: https://tarolog-uzb.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:5da0:1000::164 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

1cd9a1035519f087bf7332f05fa7edf8893a558d39b1843e8a04e11855ce1bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tarolog-uzb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 22:12:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Dec 2023 08:39:37 GMT
server: nginx
etag: "656ee1c9-343f7"
x-powered-by: PleskLin
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 214007
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4929986bc23f9606748817556a3b8ad5.jpg
tarolog-uzb.ru/img/ 68 KB
68 KB 188ms
186ms Image
image/jpeg 2a00:5da0:1000::164
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tarolog-uzb.ru/img/4929986bc23f9606748817556a3b8ad5.jpg

Requested by

Host: tarolog-uzb.ru
URL: https://tarolog-uzb.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:5da0:1000::164 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

f252315e61ba07ece9265b866f6d8b3c4ea57f715c3dd979667ba1ea97ba4489

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tarolog-uzb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 22:12:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Dec 2023 08:39:36 GMT
server: nginx
etag: "656ee1c8-10f3f"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 69439
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK widget-button.css.php
getbtn.com/widget/ 5 KB
1 KB 153ms
151ms Stylesheet
text/css 37.46.131.25
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://getbtn.com/widget/widget-button.css.php?d=top&c=0b5394

Requested by

Host: getbtn.com
URL: https://getbtn.com/widget/index.php?id=0925848d8888d4a33a2a5d825b975f01

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.46.131.25 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

firmastart.fvds.ru

Software

nginx/1.10.1 /

Resource Hash

b5f3adf1ccf4a7a16a9ce7d2ef1e6d1b5946fdf1b941b9062e6c9adbae3282cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tarolog-uzb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 22:12:40 GMT
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip
Server: nginx/1.10.1
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8

GET
H/1.1 200
OK fonts.css
getbtn.com/widget/ 4 KB
1 KB 295ms
141ms Stylesheet
text/css 37.46.131.25
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://getbtn.com/widget/fonts.css

Requested by

Host: getbtn.com
URL: https://getbtn.com/widget/index.php?id=0925848d8888d4a33a2a5d825b975f01

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.46.131.25 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

firmastart.fvds.ru

Software

nginx/1.10.1 /

Resource Hash

ef02252081b000a716630d3899c3fb4effb2b742b1dbe311139ed1f0cee36d29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tarolog-uzb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 22:12:40 GMT
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip
Last-Modified: Sat, 04 Feb 2017 16:29:24 GMT
Server: nginx/1.10.1
ETag: W/"58960164-f47"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK style.css
getbtn.com/widget/ico-fontawesome/ 43 KB
7 KB 417ms
138ms Stylesheet
text/css 37.46.131.25
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://getbtn.com/widget/ico-fontawesome/style.css

Requested by

Host: getbtn.com
URL: https://getbtn.com/widget/index.php?id=0925848d8888d4a33a2a5d825b975f01

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.46.131.25 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

firmastart.fvds.ru

Software

nginx/1.10.1 /

Resource Hash

8ff2e66b662c96826b1942c1624b04881e9f542ce75a40f101aa5005355f81bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tarolog-uzb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 22:12:40 GMT
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip
Last-Modified: Wed, 05 Jun 2019 18:21:24 GMT
Server: nginx/1.10.1
ETag: W/"5cf80824-aa9e"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK WidgetHelpJquery.min.js Show response
getbtn.com/widget/ 75 KB
24 KB 559ms
280ms Script
application/javascript 37.46.131.25
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://getbtn.com/widget/WidgetHelpJquery.min.js

Requested by

Host: getbtn.com
URL: https://getbtn.com/widget/index.php?id=0925848d8888d4a33a2a5d825b975f01

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.46.131.25 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

firmastart.fvds.ru

Software

nginx/1.10.1 /

Resource Hash

bfc0e4270daf61fc54c74947080a94fb8b5ea1e43e70385e777d31ee9c8e282e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tarolog-uzb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 22:12:40 GMT
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip
Last-Modified: Sat, 04 Feb 2017 16:29:37 GMT
Server: nginx/1.10.1
ETag: W/"58960171-12a0e"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 9165
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

47ms
40ms

XHR
application/json

2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZeHPen0cxqw?rel=0&autoplay=1

Protocol

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6bc81a3192570daf37dc499e524f0d035a00343ba05f74e5760ae1c69f562399

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 22:12:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 05 Jan 2024 22:12:40 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 9165 29 B
495 B 103ms
24ms Script
text/javascript 2607:f8b0:4006:817::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:59:25 GMT
x-content-type-options: nosniff
age: 795
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Jan 2024 22:14:25 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 99ms
32ms Preflight
text/html 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 05 Jan 2024 22:12:40 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 9165 86 KB
40 KB 40ms
39ms XHR
application/json+protobuf 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

66f5be3782d1b8e53873dc13b92a9afe42d1e8c0f6e44aa28c7de499eddeff18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 05 Jan 2024 22:12:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40748
x-xss-protection: 0

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame 9165 67 KB
30 KB 235ms
234ms XHR
application/json 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

171a5dcb0e26c6f99ebbfa988f86d90e44afffb0352e60a1eabaf91941dd8658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/ZeHPen0cxqw?rel=0&autoplay=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20240102.01.00
X-Goog-Visitor-Id: CgtNUjk1eDlnY0pEbyjY_eGsBjIKCgJVUxIEGgAgNw%3D%3D

Response headers

date: Fri, 05 Jan 2024 22:12:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30378
x-xss-protection: 0

GET
H2 200 1xEiQfu-UCiwbMaFnr-G2Uzcd5udG06umsh6raawdbQ.js Show response
www.google.com/js/th/ Frame 9165 50 KB
20 KB 85ms
24ms Script
text/javascript 2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/1xEiQfu-UCiwbMaFnr-G2Uzcd5udG06umsh6raawdbQ.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7112241fbbe5028b06cc6859ebf86d94cdc779b9d1b4eae9ac87aada6b075b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 02:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 501648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19870
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 30 Dec 2024 02:51:52 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/en_US/ Frame 9165 52 KB
16 KB 25ms
25ms Script
text/javascript 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4d5c2e77da6f18d1275cf5c3405e696fd5d205eabe74fd8d8cbcde8096e0edf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/ZeHPen0cxqw?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 222466
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16348
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:24:54 GMT

GET
DATA 200
OK truncated
/ Frame 9165 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AIf8zZT3LzOIsxYXm2LZugZeZrcOBboRDyCLlxiqSwNlCg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 9165 2 KB
2 KB 238ms
51ms Image
image/jpeg 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AIf8zZT3LzOIsxYXm2LZugZeZrcOBboRDyCLlxiqSwNlCg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZeHPen0cxqw?rel=0&autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6996548e28eb358c3c72c53c499df4c882d4dcea5e334a20c18388a4562edc91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 22:12:41 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2045
x-xss-protection: 0
server: fife
etag: "va0"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 06 Jan 2024 22:12:41 GMT

GET
DATA 200
OK truncated
/ Frame 9165 279 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c77da24815a33bc307d96880ae290702a31d70c10c409e141085dc33b14c0b4c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9165 10 KB
10 KB 38ms
36ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZeHPen0cxqw?rel=0&autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 23:50:33 GMT
x-content-type-options: nosniff
age: 253328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9832
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 23:50:33 GMT

GET
H/1.1 200
OK widgethelpfont.ttf
getbtn.com/widget/ico-fontawesome/fonts/ 182 KB
183 KB 732ms
283ms Font
application/octet-stream 37.46.131.25
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: https://getbtn.com/widget/ico-fontawesome/fonts/widgethelpfont.ttf?n1v2vz
Requested by: Host: getbtn.com
URL: https://getbtn.com/widget/ico-fontawesome/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.46.131.25 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: firmastart.fvds.ru
Software: nginx/1.10.1 /
Resource Hash: d2be2fab75fd11a22036f1b344ea03220b50117b0cbb18b748cefb6e00edba3a

Request headers

Referer: https://getbtn.com/widget/ico-fontawesome/style.css
Origin: https://tarolog-uzb.ru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 22:12:41 GMT
Last-Modified: Wed, 05 Jun 2019 17:52:44 GMT
Server: nginx/1.10.1
ETag: "5cf8016c-2d9b8"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 186808

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 9165 90 B
134 B 46ms
46ms XHR
application/json+protobuf 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6ff10a787b93a33a4fc3805c6153578821958b4105bece05f7b363372ccf52f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 05 Jan 2024 22:12:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame 9165 0
19 B 51ms
50ms XHR
text/html 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=243&cpn=B8YCrP5yn2lStZgW&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C2602%2C73492%2C54572%2C73455%2C153844%2C23119%2C53633%2C84737%2C25688%2C9541%2C1089%2C6271%2C26439494%2C4054%2C1930%2C5181%2C9369%2C1556%2C1141%2C5877%2C2251%2C859%2C1094%2C9513%2C3616%2C1067%2C1360%2C8594%2C2008%2C4552%2C3417%2C3530%2C2799%2C233%2C722%2C4461%2C1492%2C4474&cl=595207588&seq=1&docid=ZeHPen0cxqw&ei=2H6YZYD4NZWP_9EP98-VmAg&event=streamingstats&plid=AAYOOiWK3SuV6lyO&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FZeHPen0cxqw%3Frel%3D0%26autoplay%3D1&qclc=ChBCOFlDclA1eW4ybFN0WmdXEAE&embargoed=0&cbr=Chrome&cbrver=120.0.6099.129&c=WEB_EMBEDDED_PLAYER&cver=1.20240102.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.022:B,0.504:B,0.504:B&cat=streaming&cmt=0.022:0.000,0.504:0.000&vfs=0.504:243:243::r&view=0.504:480:270&bwe=0.504:130000&bat=0.504:1:1&vis=0.504:0&bh=0.504:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: -600
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/ZeHPen0cxqw?rel=0&autoplay=1
X-YouTube-Client-Version: 1.20240102.01.00
X-YouTube-Time-Zone: Pacific/Honolulu
X-Goog-Visitor-Id: CgtNUjk1eDlnY0pEbyjY_eGsBjIKCgJVUxIEGgAgNw%3D%3D
X-YouTube-Ad-Signals: dt=1704492760710&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C480%2C270&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 22:12:41 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK videoplayback Show response
rr2---sn-ab5l6nrd.googlevideo.com/ Frame 9165 1 KB
2 KB 131ms
26ms Fetch
application/vnd.yt-ump 2607:f8b0:4006:10::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-ab5l6nrd.googlevideo.com/videoplayback?expire=1704514361&ei=2H6YZYD4NZWP_9EP98-VmAg&ip=2602%3Affc8%3A2%3A104%3A%3A6&id=o-ACevagcY-Sxd-lyPeM9EMwROSGNmRIdHELol3uBYJ1DH&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=dq&mm=31%2C26&mn=sn-ab5l6nrd%2Csn-tt1e7nlz&ms=au%2Conr&mv=m&mvi=2&pl=48&initcwndbps=9836250&spc=UWF9f9IfBYXrXvr72lwQjFZ9KAGqVn_KRsBQBAO6qw&vprv=1&svpuc=1&mime=video%2Fwebm&ns=nJohdwpUVJmDtIyxVJiTwTkQ&gir=yes&clen=818102&dur=26.791&lmt=1701756165779748&mt=1704492316&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=630A224&n=JkIKKkzE_0Ocgw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALU42ZGDFWpAAVUOC-u9jYANvlKgeKc5nGhE9y0e277XAiA-idh7fZ4CXDe0ZVyLX8OTNBiOugFt0U_dSI7_NYFo2A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AAO5W4owRQIhAO7AyjZ2TJQQKPoRuL-cXck3Mz-ywKtWCrFiinp-wvjCAiAn7cdzTytThBbnKR65dwUYkBQHCeaaH8ackk71q6C4JQ%3D%3D&alr=yes&cpn=B8YCrP5yn2lStZgW&cver=1.20240102.01.00&range=0-85206&rn=1&rbuf=0&pot=IjgTsxO1dittalDUZ_1G2XiCdvd_3UqDY_ZxynnqTNZUwFHZWvhQ1FnlRsta9lTUUtRdxDaAV5Yg9w==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:10::7 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

b96222b97ea44e592f46b058e85275bdd225b78060a84b6fbb7afa181b6581e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 22:12:41 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/vnd.yt-ump
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Expires: Fri, 05 Jan 2024 22:12:41 GMT

POST
H/1.1 200
OK videoplayback Show response
rr2---sn-ab5l6nrd.googlevideo.com/ Frame 9165 1 KB
2 KB 130ms
27ms Fetch
application/vnd.yt-ump 2607:f8b0:4006:10::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-ab5l6nrd.googlevideo.com/videoplayback?expire=1704514361&ei=2H6YZYD4NZWP_9EP98-VmAg&ip=2602%3Affc8%3A2%3A104%3A%3A6&id=o-ACevagcY-Sxd-lyPeM9EMwROSGNmRIdHELol3uBYJ1DH&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=dq&mm=31%2C26&mn=sn-ab5l6nrd%2Csn-tt1e7nlz&ms=au%2Conr&mv=m&mvi=2&pl=48&initcwndbps=9836250&spc=UWF9f9IfBYXrXvr72lwQjFZ9KAGqVn_KRsBQBAO6qw&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=nJohdwpUVJmDtIyxVJiTwTkQ&gir=yes&clen=451588&dur=26.821&lmt=1701756161585211&mt=1704492316&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6308224&n=JkIKKkzE_0Ocgw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRgIhALQqBOu7XDDuMTodsQfoXhG8-SMBox7Vo3meH4pTHWZhAiEA0frjmKpyVl5cWpKeIQJNb8uqfChxLqK1v9LmhvlOwrw%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AAO5W4owRQIhAO7AyjZ2TJQQKPoRuL-cXck3Mz-ywKtWCrFiinp-wvjCAiAn7cdzTytThBbnKR65dwUYkBQHCeaaH8ackk71q6C4JQ%3D%3D&alr=yes&cpn=B8YCrP5yn2lStZgW&cver=1.20240102.01.00&range=0-65845&rn=2&rbuf=0&pot=IjgFOwU9YKN74kZccXVQUW4KYH9pVVwLdX5nQm9iWl5CSEdRTHBGXE9tUENMfkJcRFxLTCAIQR42fw==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:10::7 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

478c31968a2c451e65358d7a2997d2af501b408d3d7d8a4b7238c4abb3060409

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 22:12:41 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/vnd.yt-ump
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Expires: Fri, 05 Jan 2024 22:12:41 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/en_US/ Frame 9165 116 KB
33 KB 30ms
28ms Script
text/javascript 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4638f230cee2fe1fe6df5da4afa8dcba089faf298844fc157197f2c7be39e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/ZeHPen0cxqw?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:25:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 222430
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33494
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:25:31 GMT

GET
H3 200 captions.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/en_US/ Frame 9165 71 KB
24 KB 39ms
38ms Script
text/javascript 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/en_US/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37c7fbe087bc200606deaa443b1f4fdce317d51ee103a1601e5087b6069ada9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/ZeHPen0cxqw?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:28:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 222272
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24400
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:28:09 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/en_US/ Frame 9165 33 KB
8 KB 44ms
43ms Script
text/javascript 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/en_US/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfb9753c82ec92d723357fa83a3b0a78f6e9a68845d1f2626cbe985c03fa9713

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/ZeHPen0cxqw?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 222351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8334
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:26:50 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame 9165 8 KB
3 KB 255ms
254ms XHR
application/json 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

6f6615a73c16f7b77b13d1e9a6718cb9bebffee9333540890fc732232d383786

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/ZeHPen0cxqw?rel=0&autoplay=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20240102.01.00
X-Goog-Visitor-Id: CgtNUjk1eDlnY0pEbyjY_eGsBjIKCgJVUxIEGgAgNw%3D%3D

Response headers

date: Fri, 05 Jan 2024 22:12:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2648
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 9165 28 B
50 B 56ms
49ms XHR
application/json 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-Goog-Request-Time: 1704492761391
Content-Type: application/json
X-YouTube-Utc-Offset: -600
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/ZeHPen0cxqw?rel=0&autoplay=1
X-YouTube-Client-Version: 1.20240102.01.00
X-YouTube-Time-Zone: Pacific/Honolulu
X-Goog-Visitor-Id: CgtNUjk1eDlnY0pEbyjY_eGsBjIKCgJVUxIEGgAgNw%3D%3D
X-YouTube-Ad-Signals: dt=1704492760710&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C480%2C270&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 05 Jan 2024 22:12:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 34ms
33ms Preflight
text/html 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 05 Jan 2024 22:12:41 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 sd2.jpg
i.ytimg.com/vi/ZeHPen0cxqw/ Frame 9165 17 KB
18 KB 172ms
88ms Image
image/jpeg 2607:f8b0:4006:80c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/ZeHPen0cxqw/sd2.jpg?sqp=-oaymwEoCIAFEOAD8quKqQMcGADwAQH4AY4CgALgA4oCDAgAEAEYciBQKEEwDw==&rs=AOn4CLBfkQFY5AwqNdd1Selt6oSQys8d_g

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZeHPen0cxqw?rel=0&autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2016 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ab761f63ff3390e730b478c5791637b431bbdcf612f4a86fa089efeadb1050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 22:12:41 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17900
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 06 Jan 2024 00:12:41 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 9165 0
10 B 27ms
27ms Image
text/plain 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?48vdmw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/ZeHPen0cxqw?rel=0&autoplay=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/ZeHPen0cxqw?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 22:12:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 videoplayback Show response
rr2---sn-vgqsrnzy.googlevideo.com/ Frame 9165 83 KB
83 KB 128ms
55ms Fetch
application/vnd.yt-ump 2607:f8b0:4009:28::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-vgqsrnzy.googlevideo.com/videoplayback?expire=1704514361&ei=2H6YZYD4NZWP_9EP98-VmAg&ip=2602%3Affc8%3A2%3A104%3A%3A6&id=o-ACevagcY-Sxd-lyPeM9EMwROSGNmRIdHELol3uBYJ1DH&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&spc=UWF9f9IfBYXrXvr72lwQjFZ9KAGqVn_KRsBQBAO6qw&vprv=1&svpuc=1&mime=video%2Fwebm&ns=nJohdwpUVJmDtIyxVJiTwTkQ&gir=yes&clen=818102&dur=26.791&lmt=1701756165779748&keepalive=yes&fexp=24007246,24350138,24350146,24350148,24350149&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=630A224&n=JkIKKkzE_0Ocgw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALU42ZGDFWpAAVUOC-u9jYANvlKgeKc5nGhE9y0e277XAiA-idh7fZ4CXDe0ZVyLX8OTNBiOugFt0U_dSI7_NYFo2A%3D%3D&alr=yes&cpn=B8YCrP5yn2lStZgW&cver=1.20240102.01.00&redirect_counter=1&cm2rm=sn-ab5els7l&cms_redirect=yes&cmsv=e&mh=dq&mm=34&mn=sn-vgqsrnzy&ms=ltu&mt=1704492285&mv=m&mvi=2&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AAO5W4owRQIhAILalWfyqnvMyRvWluq2oSUMwb1S57hMRNmX38ZJf3I5AiAbQMm0mmDjjbq2dr460HBn-NgjDK4yg2awUaQtn4FDNA%3D%3D&range=0-85206&rn=3&rbuf=0&pot=MnTs-lQUsJDs6-zCeUWmVyzYdPyn8cIlrjYaeMgKi_ZKR9zM7UMLRvS2aFQoltIRILWSJxLAfAjZZUsFBYrtom4vegvat51k8ryKa0wW_jFUQDTi1v1MHvkizkJBRLGFLxNTkn9MPERrUHYAO0GRfhZoVNIWsA==&ump=1&srfvp=1&altitags=242%2C278

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4009:28::7 Bolingbrook, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5c6528782bfdf4a157f850a20bb5dc1394753aecb9009a7da3a0bfe4568d44f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Fri, 05 Jan 2024 22:12:41 GMT
date: Fri, 05 Jan 2024 22:12:41 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
last-modified: Tue, 05 Dec 2023 06:02:45 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

POST
H3 200 videoplayback Show response
rr2---sn-vgqsrnzy.googlevideo.com/ Frame 9165 64 KB
64 KB 162ms
90ms Fetch
application/vnd.yt-ump 2607:f8b0:4009:28::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-vgqsrnzy.googlevideo.com/videoplayback?expire=1704514361&ei=2H6YZYD4NZWP_9EP98-VmAg&ip=2602%3Affc8%3A2%3A104%3A%3A6&id=o-ACevagcY-Sxd-lyPeM9EMwROSGNmRIdHELol3uBYJ1DH&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&spc=UWF9f9IfBYXrXvr72lwQjFZ9KAGqVn_KRsBQBAO6qw&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=nJohdwpUVJmDtIyxVJiTwTkQ&gir=yes&clen=451588&dur=26.821&lmt=1701756161585211&keepalive=yes&fexp=24007246,24350138,24350146,24350148,24350149&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6308224&n=JkIKKkzE_0Ocgw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRgIhALQqBOu7XDDuMTodsQfoXhG8-SMBox7Vo3meH4pTHWZhAiEA0frjmKpyVl5cWpKeIQJNb8uqfChxLqK1v9LmhvlOwrw%3D&alr=yes&cpn=B8YCrP5yn2lStZgW&cver=1.20240102.01.00&redirect_counter=1&cm2rm=sn-ab5els7l&cms_redirect=yes&cmsv=e&mh=dq&mm=34&mn=sn-vgqsrnzy&ms=ltu&mt=1704492285&mv=m&mvi=2&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AAO5W4owRQIgLXpkoFyCs_liTlnCAepN9ctCqdC3BbABR_JVgLqRD1gCIQCM9a8Uqs8Sm7tlK3dYMzWii8Me3InzCnCxuIII4rZV-Q%3D%3D&range=0-65845&rn=4&rbuf=0&pot=MnTs-lQUsJDs6-zCeUWmVyzYdPyn8cIlrjYaeMgKi_ZKR9zM7UMLRvS2aFQoltIRILWSJxLAfAjZZUsFBYrtom4vegvat51k8ryKa0wW_jFUQDTi1v1MHvkizkJBRLGFLxNTkn9MPERrUHYAO0GRfhZoVNIWsA==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4009:28::7 Bolingbrook, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

478b3f96685fdf9673ab3554b37224c96fadbffca25e78f95795140c0d2193a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

client-protocol: quic
date: Fri, 05 Jan 2024 22:12:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Dec 2023 06:02:41 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires: Fri, 05 Jan 2024 22:12:41 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 9165 4 KB
2 KB 106ms
42ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 22:12:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 05 Jan 2024 22:12:41 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 9165 50 KB
15 KB 30ms
29ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 18:04:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14871
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 06 Jan 2024 18:04:50 GMT

GET
H2 200 AIf8zZT3LzOIsxYXm2LZugZeZrcOBboRDyCLlxiqSwNlCg=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 9165 2 KB
3 KB 67ms
61ms Image
image/jpeg 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AIf8zZT3LzOIsxYXm2LZugZeZrcOBboRDyCLlxiqSwNlCg=s88-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZeHPen0cxqw?rel=0&autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

23a0061b72792366ff2117edbfd550d2b3eb8a6e76232e939a557bb815c02b1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 22:12:41 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2518
x-xss-protection: 0
server: fife
etag: "va0"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 06 Jan 2024 22:12:41 GMT

POST
H3 200 videoplayback Show response
rr2---sn-vgqsrnzy.googlevideo.com/ Frame 9165 65 KB
65 KB 40ms
39ms Fetch
application/vnd.yt-ump 2607:f8b0:4009:28::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-vgqsrnzy.googlevideo.com/videoplayback?expire=1704514361&ei=2H6YZYD4NZWP_9EP98-VmAg&ip=2602%3Affc8%3A2%3A104%3A%3A6&id=o-ACevagcY-Sxd-lyPeM9EMwROSGNmRIdHELol3uBYJ1DH&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&spc=UWF9f9IfBYXrXvr72lwQjFZ9KAGqVn_KRsBQBAO6qw&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=nJohdwpUVJmDtIyxVJiTwTkQ&gir=yes&clen=451588&dur=26.821&lmt=1701756161585211&keepalive=yes&fexp=24007246,24350138,24350146,24350148,24350149&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6308224&n=JkIKKkzE_0Ocgw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRgIhALQqBOu7XDDuMTodsQfoXhG8-SMBox7Vo3meH4pTHWZhAiEA0frjmKpyVl5cWpKeIQJNb8uqfChxLqK1v9LmhvlOwrw%3D&alr=yes&cpn=B8YCrP5yn2lStZgW&cver=1.20240102.01.00&redirect_counter=1&cm2rm=sn-ab5els7l&cms_redirect=yes&cmsv=e&mh=dq&mm=34&mn=sn-vgqsrnzy&ms=ltu&mt=1704492285&mv=m&mvi=2&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AAO5W4owRQIgLXpkoFyCs_liTlnCAepN9ctCqdC3BbABR_JVgLqRD1gCIQCM9a8Uqs8Sm7tlK3dYMzWii8Me3InzCnCxuIII4rZV-Q%3D%3D&range=65846-132547&rn=5&rbuf=3907&pot=MnTs-lQUsJDs6-zCeUWmVyzYdPyn8cIlrjYaeMgKi_ZKR9zM7UMLRvS2aFQoltIRILWSJxLAfAjZZUsFBYrtom4vegvat51k8ryKa0wW_jFUQDTi1v1MHvkizkJBRLGFLxNTkn9MPERrUHYAO0GRfhZoVNIWsA==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4009:28::7 Bolingbrook, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

912b6c818839eb17cfe01c1b9a07680207906280fca5e5c2daf2df840f489ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

client-protocol: quic
date: Fri, 05 Jan 2024 22:12:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Dec 2023 06:02:41 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires: Fri, 05 Jan 2024 22:12:41 GMT

POST
H3 200 videoplayback Show response
rr2---sn-vgqsrnzy.googlevideo.com/ Frame 9165 168 KB
168 KB 35ms
34ms Fetch
application/vnd.yt-ump 2607:f8b0:4009:28::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-vgqsrnzy.googlevideo.com/videoplayback?expire=1704514361&ei=2H6YZYD4NZWP_9EP98-VmAg&ip=2602%3Affc8%3A2%3A104%3A%3A6&id=o-ACevagcY-Sxd-lyPeM9EMwROSGNmRIdHELol3uBYJ1DH&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&spc=UWF9f9IfBYXrXvr72lwQjFZ9KAGqVn_KRsBQBAO6qw&vprv=1&svpuc=1&mime=video%2Fwebm&ns=nJohdwpUVJmDtIyxVJiTwTkQ&gir=yes&clen=818102&dur=26.791&lmt=1701756165779748&keepalive=yes&fexp=24007246,24350138,24350146,24350148,24350149&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=630A224&n=JkIKKkzE_0Ocgw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALU42ZGDFWpAAVUOC-u9jYANvlKgeKc5nGhE9y0e277XAiA-idh7fZ4CXDe0ZVyLX8OTNBiOugFt0U_dSI7_NYFo2A%3D%3D&alr=yes&cpn=B8YCrP5yn2lStZgW&cver=1.20240102.01.00&redirect_counter=1&cm2rm=sn-ab5els7l&cms_redirect=yes&cmsv=e&mh=dq&mm=34&mn=sn-vgqsrnzy&ms=ltu&mt=1704492285&mv=m&mvi=2&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AAO5W4owRQIhAILalWfyqnvMyRvWluq2oSUMwb1S57hMRNmX38ZJf3I5AiAbQMm0mmDjjbq2dr460HBn-NgjDK4yg2awUaQtn4FDNA%3D%3D&range=85207-257263&rn=6&rbuf=4054&pot=MnTs-lQUsJDs6-zCeUWmVyzYdPyn8cIlrjYaeMgKi_ZKR9zM7UMLRvS2aFQoltIRILWSJxLAfAjZZUsFBYrtom4vegvat51k8ryKa0wW_jFUQDTi1v1MHvkizkJBRLGFLxNTkn9MPERrUHYAO0GRfhZoVNIWsA==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4009:28::7 Bolingbrook, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

aa4a29964c622cc9d5bb442f83a787716bace8d1febfdd364db7624de4fb898c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Fri, 05 Jan 2024 22:12:41 GMT
date: Fri, 05 Jan 2024 22:12:41 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
last-modified: Tue, 05 Dec 2023 06:02:45 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

POST
H3 200 videoplayback Show response
rr2---sn-vgqsrnzy.googlevideo.com/ Frame 9165 131 KB
132 KB 40ms
39ms Fetch
application/vnd.yt-ump 2607:f8b0:4009:28::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-vgqsrnzy.googlevideo.com/videoplayback?expire=1704514361&ei=2H6YZYD4NZWP_9EP98-VmAg&ip=2602%3Affc8%3A2%3A104%3A%3A6&id=o-ACevagcY-Sxd-lyPeM9EMwROSGNmRIdHELol3uBYJ1DH&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&spc=UWF9f9IfBYXrXvr72lwQjFZ9KAGqVn_KRsBQBAO6qw&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=nJohdwpUVJmDtIyxVJiTwTkQ&gir=yes&clen=451588&dur=26.821&lmt=1701756161585211&keepalive=yes&fexp=24007246,24350138,24350146,24350148,24350149&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6308224&n=JkIKKkzE_0Ocgw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRgIhALQqBOu7XDDuMTodsQfoXhG8-SMBox7Vo3meH4pTHWZhAiEA0frjmKpyVl5cWpKeIQJNb8uqfChxLqK1v9LmhvlOwrw%3D&alr=yes&cpn=B8YCrP5yn2lStZgW&cver=1.20240102.01.00&redirect_counter=1&cm2rm=sn-ab5els7l&cms_redirect=yes&cmsv=e&mh=dq&mm=34&mn=sn-vgqsrnzy&ms=ltu&mt=1704492285&mv=m&mvi=2&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AAO5W4owRQIgLXpkoFyCs_liTlnCAepN9ctCqdC3BbABR_JVgLqRD1gCIQCM9a8Uqs8Sm7tlK3dYMzWii8Me3InzCnCxuIII4rZV-Q%3D%3D&range=132548-267137&rn=7&rbuf=7884&pot=MnTs-lQUsJDs6-zCeUWmVyzYdPyn8cIlrjYaeMgKi_ZKR9zM7UMLRvS2aFQoltIRILWSJxLAfAjZZUsFBYrtom4vegvat51k8ryKa0wW_jFUQDTi1v1MHvkizkJBRLGFLxNTkn9MPERrUHYAO0GRfhZoVNIWsA==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4009:28::7 Bolingbrook, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

df24e21339008e4e2cd06e601beab94dfeecf79b84ca0ca0651d011489ace8a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

client-protocol: quic
date: Fri, 05 Jan 2024 22:12:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Dec 2023 06:02:41 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires: Fri, 05 Jan 2024 22:12:41 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 9165 28 B
50 B 43ms
41ms XHR
application/json 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-Goog-Request-Time: 1704492763625
Content-Type: application/json
X-YouTube-Utc-Offset: -600
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/ZeHPen0cxqw?rel=0&autoplay=1
X-YouTube-Client-Version: 1.20240102.01.00
X-YouTube-Time-Zone: Pacific/Honolulu
X-Goog-Visitor-Id: CgtNUjk1eDlnY0pEbyjY_eGsBjIKCgJVUxIEGgAgNw%3D%3D
X-YouTube-Ad-Signals: dt=1704492760569&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C480%2C270&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 05 Jan 2024 22:12:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s.lpcdn.site
URL: http://s.lpcdn.site/assets/fonts/glyphicons-halflings-regular.woff

Domain: s.lpcdn.site
URL: http://s.lpcdn.site/assets/fonts/glyphicons-halflings-regular.ttf

Domain: s.lpcdn.site
URL: http://s.lpcdn.site/fonts/fontawesome-webfont.woff2?v=4.6.3

Domain: s.lpcdn.site
URL: http://s.lpcdn.site/fonts/fontawesome-webfont.woff?v=4.6.3

Domain: s.lpcdn.site
URL: http://s.lpcdn.site/fonts/fontawesome-webfont.ttf?v=4.6.3

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: QfCGLukNxtw
			.youtube.com/	1970-01-20 21:47:24	Name: VISITOR_INFO1_LIVE Value: MR95x9gcJDo

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://tarolog-uzb.ru/(Line 1709) Message: Mixed Content: The page at 'https://tarolog-uzb.ru/' was loaded over HTTPS, but requested an insecure font 'http://s.lpcdn.site/assets/fonts/glyphicons-halflings-regular.woff'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://tarolog-uzb.ru/(Line 1709) Message: Mixed Content: The page at 'https://tarolog-uzb.ru/' was loaded over HTTPS, but requested an insecure font 'http://s.lpcdn.site/assets/fonts/glyphicons-halflings-regular.ttf'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://tarolog-uzb.ru/(Line 1709) Message: Mixed Content: The page at 'https://tarolog-uzb.ru/' was loaded over HTTPS, but requested an insecure font 'http://s.lpcdn.site/fonts/fontawesome-webfont.woff2?v=4.6.3'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://tarolog-uzb.ru/(Line 1709) Message: Mixed Content: The page at 'https://tarolog-uzb.ru/' was loaded over HTTPS, but requested an insecure font 'http://s.lpcdn.site/fonts/fontawesome-webfont.woff?v=4.6.3'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://tarolog-uzb.ru/(Line 1709) Message: Mixed Content: The page at 'https://tarolog-uzb.ru/' was loaded over HTTPS, but requested an insecure font 'http://s.lpcdn.site/fonts/fontawesome-webfont.ttf?v=4.6.3'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://tarolog-uzb.ru/fonts/bebasneue/400.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://tarolog-uzb.ru/fonts/bebasneue/400.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://tarolog-uzb.ru/index.html Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://tarolog-uzb.ru/img/video/1.png Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
getbtn.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
rr2---sn-ab5l6nrd.googlevideo.com
rr2---sn-vgqsrnzy.googlevideo.com
s.lpcdn.site
static.doubleclick.net
tarolog-uzb.ru
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
s.lpcdn.site
2607:f8b0:4006:10::7
2607:f8b0:4006:80c::2016
2607:f8b0:4006:80e::2001
2607:f8b0:4006:817::2006
2607:f8b0:4006:81c::200e
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81e::2004
2607:f8b0:4006:820::2002
2607:f8b0:4006:820::2003
2607:f8b0:4009:28::7
2a00:5da0:1000::164
37.46.131.25
074aa9cd8cbc7faacff2683de887204fc0ce0f3303f05680c1c9b8bf148077dd
1691b9fe6668e680bc136a8a6bdaf2cceb06382166d6be799c295cf621ba365e
171a5dcb0e26c6f99ebbfa988f86d90e44afffb0352e60a1eabaf91941dd8658
19d1a2078c34033de4ea857290fb096f1a449c5749cca530f69211c7bd2735ba
1cd9a1035519f087bf7332f05fa7edf8893a558d39b1843e8a04e11855ce1bac
23a0061b72792366ff2117edbfd550d2b3eb8a6e76232e939a557bb815c02b1d
297e0f30f226251ffb228a10a6b60b773fae836463e2d686b1df6b20f602b0cf
298cdc873ff25130cf897ab957cb09ed3392212f0a60b5313c30f075a31efbbc
3633251cd61369b95d69180a9e61ce5fce47ffcae60c15142f03df1343278dda
37c7fbe087bc200606deaa443b1f4fdce317d51ee103a1601e5087b6069ada9d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
47744d063f22aa859d17d3cb9ac01a78db58c5db757e1bbc1a28214e453f0fbf
478b3f96685fdf9673ab3554b37224c96fadbffca25e78f95795140c0d2193a9
478c31968a2c451e65358d7a2997d2af501b408d3d7d8a4b7238c4abb3060409
487ad0d2cf075f4328a1adf57ef428759ad4e2c873a8ebd2ad9653990829c9cf
4a8106ac064e738cd838a7a836bd9527ef3f6b40d9ef44dcdd742c3aef3d818c
4da9cda3ed0cd5b86728802aecc8e70c8a16e5b95059986db4ada7d13be36793
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c6528782bfdf4a157f850a20bb5dc1394753aecb9009a7da3a0bfe4568d44f1
65d6da3a6bfafe9c78b2bf1e00e5d724f68221a9e48d545969045bc1d6d26b46
66f5be3782d1b8e53873dc13b92a9afe42d1e8c0f6e44aa28c7de499eddeff18
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6996548e28eb358c3c72c53c499df4c882d4dcea5e334a20c18388a4562edc91
6bc81a3192570daf37dc499e524f0d035a00343ba05f74e5760ae1c69f562399
6f6615a73c16f7b77b13d1e9a6718cb9bebffee9333540890fc732232d383786
6ff10a787b93a33a4fc3805c6153578821958b4105bece05f7b363372ccf52f0
74c11cc8c58eb4bbcfdf4ba4285b09e55d5c2ffb22dc17cdc1d9633674bcb380
807181b6b36ecdce4ebe486d2d3abe5a07c1d4b08d3a9cf6878a2e64c9fad7fe
8ff2e66b662c96826b1942c1624b04881e9f542ce75a40f101aa5005355f81bd
912b6c818839eb17cfe01c1b9a07680207906280fca5e5c2daf2df840f489ace
a4d5c2e77da6f18d1275cf5c3405e696fd5d205eabe74fd8d8cbcde8096e0edf
aa4a29964c622cc9d5bb442f83a787716bace8d1febfdd364db7624de4fb898c
ad11eb0422d385c5b65a98b6535e827851a685609285b78bcd4f8bc27b7c4410
b4638f230cee2fe1fe6df5da4afa8dcba089faf298844fc157197f2c7be39e10
b5f3adf1ccf4a7a16a9ce7d2ef1e6d1b5946fdf1b941b9062e6c9adbae3282cc
b7d0a7bd87d259a2b503d46616459ff2e6ad0231d881a5a5cbcfca192adf8b7c
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
b96222b97ea44e592f46b058e85275bdd225b78060a84b6fbb7afa181b6581e1
b9c9b307ffe4cf8fe6086d183005a979ec23cb3580c96631213ab4ef06f411d2
bfb9753c82ec92d723357fa83a3b0a78f6e9a68845d1f2626cbe985c03fa9713
bfc0e4270daf61fc54c74947080a94fb8b5ea1e43e70385e777d31ee9c8e282e
c77da24815a33bc307d96880ae290702a31d70c10c409e141085dc33b14c0b4c
ce703dc33bf42ac4c62f4742f0270cd2ef98b3cf51378c1c619b94f0d81a7073
d2be2fab75fd11a22036f1b344ea03220b50117b0cbb18b748cefb6e00edba3a
d7112241fbbe5028b06cc6859ebf86d94cdc779b9d1b4eae9ac87aada6b075b4
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
df24e21339008e4e2cd06e601beab94dfeecf79b84ca0ca0651d011489ace8a6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea0d474bd7d6a1380440b283883b16488126164b6bd599141d4670e65ff455c8
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef02252081b000a716630d3899c3fb4effb2b742b1dbe311139ed1f0cee36d29
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ab761f63ff3390e730b478c5791637b431bbdcf612f4a86fa089efeadb1050
f252315e61ba07ece9265b866f6d8b3c4ea57f715c3dd979667ba1ea97ba4489
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f8691a28d7cf107325ecafefb2a512dbf1583a07605fcc0dfdd788ac72e57cc5

tarolog-uzb.ru Open in urlscan Pro 2a00:5da0:1000::164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

63 Requests

90 %HTTPS

92 %IPv6

11 Domains

14 Subdomains

13 IPs

3 Countries

3003 kBTransfer

7178 kBSize

2 Cookies

4 Outgoing links

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tarolog-uzb.ru Open in urlscan Pro
2a00:5da0:1000::164 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

90 %
HTTPS

92 %
IPv6

11
Domains

14
Subdomains

13
IPs

3
Countries

3003 kB
Transfer

7178 kB
Size

2
Cookies

63 HTTP transactions
9 data transactions