URL: https://18.170.245.130/
Submission: On February 19 via manual from GB — Scanned from GB

Summary

This website contacted 12 IPs in 4 countries across 8 domains to perform 31 HTTP transactions. The main IP is 18.170.245.130, located in London, United Kingdom and belongs to AMAZON-02, US. The main domain is 18.170.245.130.
TLS certificate: Issued by Amazon on January 13th 2022. Valid for: a year.
This is the only time 18.170.245.130 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
14 youtube.com
www.youtube.com — Cisco Umbrella Rank: 87
797 KB
6 googlevideo.com
rr3---sn-h0jeened.googlevideo.com — Cisco Umbrella Rank: 122043
848 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
static.doubleclick.net — Cisco Umbrella Rank: 309
1 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
33 KB
2 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 103
13 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 213
4 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
14 KB
1 change.org
assets.change.org — Cisco Umbrella Rank: 48199
30 KB
31 8
Domain Requested by
14 www.youtube.com 18.170.245.130
www.youtube.com
6 rr3---sn-h0jeened.googlevideo.com www.youtube.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 i.ytimg.com www.youtube.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 fonts.gstatic.com www.youtube.com
1 assets.change.org 18.170.245.130
31 10

This site contains no links.

Subject Issuer Validity Valid
wordpress.ff.co
Amazon
2022-01-13 -
2023-02-11
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-15 -
2022-07-14
a year crt.sh
*.google.com
GTS CA 1C3
2022-02-07 -
2022-05-02
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-02-07 -
2022-05-02
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-02-07 -
2022-05-02
3 months crt.sh
www.google.com
GTS CA 1C3
2022-02-07 -
2022-05-02
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2022-02-07 -
2022-05-02
3 months crt.sh
*.c.docs.google.com
GTS CA 1C3
2022-02-08 -
2022-04-19
2 months crt.sh
edgestatic.com
GTS CA 1C3
2022-02-07 -
2022-05-02
3 months crt.sh

This page contains 2 frames:

Primary Page: https://18.170.245.130/
Frame ID: 0300E619B40D81F3CC9AD7D0710EBD52
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/oyXYIUioJ2g?autoplay=1
Frame ID: B8E01F0BF1642F45E551C6B3993C930E
Requests: 31 HTTP requests in this frame

Screenshot

Page Title

Hacked by Mur7t

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Page Statistics

31
Requests

94 %
HTTPS

82 %
IPv6

8
Domains

10
Subdomains

12
IPs

4
Countries

1740 kB
Transfer

3974 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
18.170.245.130/
1 KB
838 B
Document
General
Full URL
https://18.170.245.130/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.170.245.130 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-170-245-130.eu-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
376768bb6bd7cb792b17dda2666d23317f9d687aaac1be16196aacd39417e3a5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

date
Sat, 19 Feb 2022 16:44:24 GMT
content-type
text/html; charset=UTF-8
content-length
700
server
Apache/2.4.29 (Ubuntu)
vary
Accept-Encoding
content-encoding
gzip
tnSBKyFscxIPOVJ-800x450-noPad.jpg
assets.change.org/photos/6/sb/ky/
30 KB
30 KB
Image
General
Full URL
https://assets.change.org/photos/6/sb/ky/tnSBKyFscxIPOVJ-800x450-noPad.jpg
Requested by
Host: 18.170.245.130
URL: https://18.170.245.130/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.89.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c81bb8f8a28633d6145436994ec28a7fb2aa7ca85006c720c362722c48a662a1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://18.170.245.130/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 16:44:24 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
6969
cf-polished
origSize=31300, status=webp_bigger
last-modified
Sun, 11 Aug 2019 14:54:56 GMT
content-length
30502
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"805b2d081fd8ad2b4248fc8e34e475e9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
6e00f5ad1b92e624-LHR
expires
Sat, 26 Feb 2022 16:44:24 GMT
oyXYIUioJ2g
www.youtube.com/embed/ Frame B8E0
60 KB
26 KB
Document
General
Full URL
https://www.youtube.com/embed/oyXYIUioJ2g?autoplay=1
Requested by
Host: 18.170.245.130
URL: https://18.170.245.130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d395a74d03f872380bfb20544cb906aa14dabc129e40a7b9151ec3b0cb1111c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://18.170.245.130/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 19 Feb 2022 16:44:24 GMT
strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
report-to
{"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
www-player-webp.css
www.youtube.com/s/player/c3125ad0/ Frame B8E0
341 KB
47 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/c3125ad0/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oyXYIUioJ2g?autoplay=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4477ee59b97030d6f35483b304d8bd6e71388e45c339d83c22cde5d1dead3d34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/embed/oyXYIUioJ2g?autoplay=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 23:25:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
62337
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47760
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 01:18:33 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 18 Feb 2023 23:25:27 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B8E0
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oyXYIUioJ2g?autoplay=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 17:06:41 GMT
x-content-type-options
nosniff
age
344263
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Feb 2023 17:06:41 GMT
www-embed-player.js
www.youtube.com/s/player/c3125ad0/www-embed-player.vflset/ Frame B8E0
283 KB
85 KB
Script
General
Full URL
https://www.youtube.com/s/player/c3125ad0/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oyXYIUioJ2g?autoplay=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b838fab476b0b972555361c19bfa11475adc6bcb3165ea3823eca1584fe6017
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/embed/oyXYIUioJ2g?autoplay=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 14:16:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
8880
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87214
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 01:18:33 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 19 Feb 2023 14:16:24 GMT
base.js
www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/ Frame B8E0
2 MB
538 KB
Script
General
Full URL
https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oyXYIUioJ2g?autoplay=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e2d2046e9a8880e8cbd01dedd18638c0bc6aadfb438216566379b689a3e6d89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/embed/oyXYIUioJ2g?autoplay=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 15:56:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
175647
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
550540
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 01:18:33 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 17 Feb 2023 15:56:57 GMT
fetch-polyfill.js
www.youtube.com/s/player/c3125ad0/fetch-polyfill.vflset/ Frame B8E0
10 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/c3125ad0/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oyXYIUioJ2g?autoplay=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/embed/oyXYIUioJ2g?autoplay=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 10:35:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
108548
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3338
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 01:18:33 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 18 Feb 2023 10:35:16 GMT
id
googleads.g.doubleclick.net/pagead/ Frame B8E0
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oyXYIUioJ2g?autoplay=1
Protocol
H3
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c17a6ef0ab1118b1927464a7928490bf344f0d479377df0e2fc1f70a7cbf308
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 16:44:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 19 Feb 2022 16:44:25 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame B8E0
29 B
586 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 16:44:18 GMT
x-content-type-options
nosniff
age
7
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 19 Feb 2022 16:59:18 GMT
player
www.youtube.com/youtubei/v1/ Frame B8E0
73 KB
21 KB
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a43fef9702d6757961a463de457a96adab660d9f5201dd9120c95e3bec4bd81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/oyXYIUioJ2g?autoplay=1
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20220216.01.00
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
X-Goog-Visitor-Id
CgtJMGY0UTVwaHA4ZyjovMSQBg%3D%3D
Content-Type
application/json

Response headers

date
Sat, 19 Feb 2022 16:44:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21863
x-xss-protection
0
expires
Sat, 19 Feb 2022 16:44:25 GMT
LUZC6BrGWKwONhLt-4ttNu4z7FD5LramrRgxO4PDNOE.js
www.google.com/js/th/ Frame B8E0
35 KB
14 KB
Script
General
Full URL
https://www.google.com/js/th/LUZC6BrGWKwONhLt-4ttNu4z7FD5LramrRgxO4PDNOE.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d4642e81ac658ac0e3612edfb8b6d36ee33ec50f92eb6a6ad18313b83c334e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 10:45:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
107927
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13597
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 16:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Feb 2023 10:45:38 GMT
embed.js
www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/ Frame B8E0
26 KB
8 KB
Script
General
Full URL
https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0a95f5345eee401264602894c9598cfd529818413f73a07346b7759580cffb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/embed/oyXYIUioJ2g?autoplay=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 15:57:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
175645
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7661
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 01:18:33 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 17 Feb 2023 15:57:00 GMT
truncated
/ Frame B8E0
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
AKedOLRRh9aYb56JOLLC0lE0wO5xSuWgJ01xo2-OgIR_5A=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame B8E0
4 KB
4 KB
Image
General
Full URL
https://yt3.ggpht.com/ytc/AKedOLRRh9aYb56JOLLC0lE0wO5xSuWgJ01xo2-OgIR_5A=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oyXYIUioJ2g?autoplay=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d49703142ce18bf8a6c8ee9db9408c0d9758bf180c784aada4b030fb984be945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 16:44:25 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3759
x-xss-protection
0
server
fife
etag
"v13a"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 01 Jan 2022 21:46:55 GMT
truncated
/ Frame B8E0
181 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0308b66cb2b979ed7a606b4523d62a3a56342906cd69bbaa17490b69cfdd738

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
qoe
www.youtube.com/api/stats/ Frame B8E0
0
19 B
Ping
General
Full URL
https://www.youtube.com/api/stats/qoe?fmt=396&afmt=251&cpn=InwXgtW44SHz-dnf&el=embedded&ns=yt&fexp=23821390%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24082662%2C24125270%2C24127418%2C24134697%2C24135310%2C24151590%2C24161161%2C24166123%2C24169727%2C24170002&cl=429167346&seq=1&docid=oyXYIUioJ2g&ei=aR4RYoqaC-3Zx_APwPGBoAU&event=streamingstats&plid=AAXYYbZI623N8Ov9&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FoyXYIUioJ2g%3Fautoplay%3D1&cbr=Chrome&cbrver=98.0.4758.80&c=WEB_EMBEDDED_PLAYER&cver=1.20220216.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.011:B,0.202:B,0.202:B&cmt=0.011:0.000,0.202:0.000&afs=0.202:251::i&vfs=0.202:396:396::r&bwe=0.202:130000&bat=0.202:1:1&vis=0.202:0&bh=0.202:0.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/oyXYIUioJ2g?autoplay=1
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 16:44:25 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr3---sn-h0jeened.googlevideo.com/ Frame B8E0
84 KB
85 KB
XHR
General
Full URL
https://rr3---sn-h0jeened.googlevideo.com/videoplayback?expire=1645310665&ei=aR4RYoqaC-3Zx_APwPGBoAU&ip=2a01%3A4a0%3A2c%3A%3A5&id=o-AHkMgxyJpTNHDqRwnUohl0hHS1Iti4vSL3OgN-jewMgT&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=oj&mm=31%2C26&mn=sn-h0jeened%2Csn-4g5ednsy&ms=au%2Conr&mv=u&mvi=3&pl=46&vprv=1&mime=video%2Fmp4&ns=1H8Qhdqs-HkYMrM-b-qSM4MG&gir=yes&clen=6041718&dur=160.199&lmt=1600713334271552&mt=1645288748&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5531432&n=WNE2hxb1SSoGZA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAMtsr3J1UXQbI17hzLoY4agDOChEDiudu8HDpbbdK5ZeAiAMBsGvqvguPP04FfUS0TTRs7N8aBUw-mbx_x7EPFpy0A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgUjSmMzlKya0fJ5JB-bnbhMvWQDCzdvoikQ5bhhCUKvsCIAqzo81FM7zifEhkWuCpk6OJBUrooFxcbtVdZqJepDcx&alr=yes&cpn=InwXgtW44SHz-dnf&cver=1.20220216.01.00&range=0-85976&rn=1&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4016:d::8 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
4eeacb91e730dedba1f910be8b975ece4d75cf8cf50d0d82f4d4952a0da341c2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 19 Feb 2022 16:44:25 GMT
X-Restrict-Formats-Hint
None
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
85977
Last-Modified
Mon, 21 Sep 2020 18:35:34 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
https://www.youtube.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=21300
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
X-Content-Type-Options
nosniff
Expires
Sat, 19 Feb 2022 16:44:25 GMT
videoplayback
rr3---sn-h0jeened.googlevideo.com/ Frame B8E0
65 KB
66 KB
XHR
General
Full URL
https://rr3---sn-h0jeened.googlevideo.com/videoplayback?expire=1645310665&ei=aR4RYoqaC-3Zx_APwPGBoAU&ip=2a01%3A4a0%3A2c%3A%3A5&id=o-AHkMgxyJpTNHDqRwnUohl0hHS1Iti4vSL3OgN-jewMgT&itag=251&source=youtube&requiressl=yes&mh=oj&mm=31%2C26&mn=sn-h0jeened%2Csn-4g5ednsy&ms=au%2Conr&mv=u&mvi=3&pl=46&vprv=1&mime=audio%2Fwebm&ns=1H8Qhdqs-HkYMrM-b-qSM4MG&gir=yes&clen=2659822&dur=160.221&lmt=1555605238067182&mt=1645288748&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5531432&n=WNE2hxb1SSoGZA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgAoBIHs_mTyYN2XVAQZQpafBI6fC0YxmS-jdrBoUi8qECIE5jx0f0vchH3KmmMl2LcWTNQ4GGd485uXuAWf9wp-b_&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgUjSmMzlKya0fJ5JB-bnbhMvWQDCzdvoikQ5bhhCUKvsCIAqzo81FM7zifEhkWuCpk6OJBUrooFxcbtVdZqJepDcx&alr=yes&cpn=InwXgtW44SHz-dnf&cver=1.20220216.01.00&range=0-66087&rn=2&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4016:d::8 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
88fe0f776292102acc35beae54efe72acf98d3dc0140f4872c19197be357fbfd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 19 Feb 2022 16:44:25 GMT
X-Content-Type-Options
nosniff
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
66088
Last-Modified
Thu, 18 Apr 2019 16:33:58 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
audio/webm
Access-Control-Allow-Origin
https://www.youtube.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=21300
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
Expires
Sat, 19 Feb 2022 16:44:25 GMT
remote.js
www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/ Frame B8E0
119 KB
37 KB
Script
General
Full URL
https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1fad57d369304343119651742b6c4a22df985c61fb92ea0197d1f37a5217f21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/embed/oyXYIUioJ2g?autoplay=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 16:03:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
175267
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37676
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 01:18:33 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 17 Feb 2023 16:03:18 GMT
endscreen.js
www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/ Frame B8E0
26 KB
7 KB
Script
General
Full URL
https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/endscreen.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a9260e4947d2b7530dd8826e03d4b56b2ddeaf5a3970a7fc05a1f6ceca6e957
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/embed/oyXYIUioJ2g?autoplay=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 16:03:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
175266
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7175
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 01:18:33 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 17 Feb 2023 16:03:19 GMT
annotations_module.js
www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/ Frame B8E0
66 KB
19 KB
Script
General
Full URL
https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/annotations_module.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ef96c95c03fc9bfa3d0a39db27bf5399e4c04e523e117d6b8c80b799b738bd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/embed/oyXYIUioJ2g?autoplay=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 16:03:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
175266
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19685
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 01:18:33 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 17 Feb 2023 16:03:19 GMT
next
www.youtube.com/youtubei/v1/ Frame B8E0
64 KB
5 KB
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
3428f73992c9e889fffeb9ac7d2d3979085e7cef774fc5a4aba346e0f5171ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/oyXYIUioJ2g?autoplay=1
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20220216.01.00
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
X-Goog-Visitor-Id
CgtJMGY0UTVwaHA4ZyjovMSQBg%3D%3D
Content-Type
application/json

Response headers

date
Sat, 19 Feb 2022 16:44:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5176
x-xss-protection
0
expires
Sat, 19 Feb 2022 16:44:25 GMT
default.webp
i.ytimg.com/vi_webp/oyXYIUioJ2g/ Frame B8E0
2 KB
2 KB
Image
General
Full URL
https://i.ytimg.com/vi_webp/oyXYIUioJ2g/default.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oyXYIUioJ2g?autoplay=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69608f37269c9a460831f439056886247a9d34598cbc29ac58c7fd8476f353ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 15:01:14 GMT
x-content-type-options
nosniff
age
6191
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1932
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 19 Feb 2022 17:01:14 GMT
generate_204
www.youtube.com/ Frame B8E0
0
9 B
Image
General
Full URL
https://www.youtube.com/generate_204?_G1qow
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oyXYIUioJ2g?autoplay=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/embed/oyXYIUioJ2g?autoplay=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 16:44:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
featured_channel.jpg
i.ytimg.com/an/s4-rp8DbvMHimOcDIjzhJg/ Frame B8E0
10 KB
10 KB
Image
General
Full URL
https://i.ytimg.com/an/s4-rp8DbvMHimOcDIjzhJg/featured_channel.jpg?v=52eeaf5a
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oyXYIUioJ2g?autoplay=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d537fdc88a004ad2837c80c7a7212b7a17dfcc9cfc294286f5d1bdb9651cd624
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 16:16:49 GMT
x-content-type-options
nosniff
age
1656
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10276
x-xss-protection
0
server
sffe
etag
"1391374170"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 19 Feb 2022 18:16:49 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame B8E0
4 KB
3 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 16:44:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Feb 2022 16:44:25 GMT
videoplayback
rr3---sn-h0jeened.googlevideo.com/ Frame B8E0
64 KB
64 KB
XHR
General
Full URL
https://rr3---sn-h0jeened.googlevideo.com/videoplayback?expire=1645310665&ei=aR4RYoqaC-3Zx_APwPGBoAU&ip=2a01%3A4a0%3A2c%3A%3A5&id=o-AHkMgxyJpTNHDqRwnUohl0hHS1Iti4vSL3OgN-jewMgT&itag=251&source=youtube&requiressl=yes&mh=oj&mm=31%2C26&mn=sn-h0jeened%2Csn-4g5ednsy&ms=au%2Conr&mv=u&mvi=3&pl=46&vprv=1&mime=audio%2Fwebm&ns=1H8Qhdqs-HkYMrM-b-qSM4MG&gir=yes&clen=2659822&dur=160.221&lmt=1555605238067182&mt=1645288748&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5531432&n=WNE2hxb1SSoGZA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgAoBIHs_mTyYN2XVAQZQpafBI6fC0YxmS-jdrBoUi8qECIE5jx0f0vchH3KmmMl2LcWTNQ4GGd485uXuAWf9wp-b_&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgUjSmMzlKya0fJ5JB-bnbhMvWQDCzdvoikQ5bhhCUKvsCIAqzo81FM7zifEhkWuCpk6OJBUrooFxcbtVdZqJepDcx&alr=yes&cpn=InwXgtW44SHz-dnf&cver=1.20220216.01.00&range=66088-131623&rn=3&rbuf=3917
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4016:d::8 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
ce8c37a8a8b711ea32b8bc7a3fc13a350a0fd1513b7f0067e3157b2cad942cc5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 16:44:25 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65536
client-protocol
quic
last-modified
Thu, 18 Apr 2019 16:33:58 GMT
server
gvs 1.0
vary
Origin
content-type
audio/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Sat, 19 Feb 2022 16:44:25 GMT
cast_sender.js
www.gstatic.com/eureka/clank/98/ Frame B8E0
52 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/98/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b3043a59925da95728c8d505da11bc06e2c7a502486e1c84fcc9445dee2ab96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 10:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20706
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15480
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:03:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sun, 20 Feb 2022 10:59:19 GMT
videoplayback
rr3---sn-h0jeened.googlevideo.com/ Frame B8E0
114 KB
114 KB
XHR
General
Full URL
https://rr3---sn-h0jeened.googlevideo.com/videoplayback?expire=1645310665&ei=aR4RYoqaC-3Zx_APwPGBoAU&ip=2a01%3A4a0%3A2c%3A%3A5&id=o-AHkMgxyJpTNHDqRwnUohl0hHS1Iti4vSL3OgN-jewMgT&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=oj&mm=31%2C26&mn=sn-h0jeened%2Csn-4g5ednsy&ms=au%2Conr&mv=u&mvi=3&pl=46&vprv=1&mime=video%2Fmp4&ns=1H8Qhdqs-HkYMrM-b-qSM4MG&gir=yes&clen=6041718&dur=160.199&lmt=1600713334271552&mt=1645288748&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5531432&n=WNE2hxb1SSoGZA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAMtsr3J1UXQbI17hzLoY4agDOChEDiudu8HDpbbdK5ZeAiAMBsGvqvguPP04FfUS0TTRs7N8aBUw-mbx_x7EPFpy0A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgUjSmMzlKya0fJ5JB-bnbhMvWQDCzdvoikQ5bhhCUKvsCIAqzo81FM7zifEhkWuCpk6OJBUrooFxcbtVdZqJepDcx&alr=yes&cpn=InwXgtW44SHz-dnf&cver=1.20220216.01.00&range=85977-202759&rn=4&rbuf=4157
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4016:d::8 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
0dd464ea779bc12559c18f4fe84f588d79784235f77c5c70ea126db6619738b1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 16:44:25 GMT
x-restrict-formats-hint
None
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116783
client-protocol
quic
last-modified
Mon, 21 Sep 2020 18:35:34 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-content-type-options
nosniff
expires
Sat, 19 Feb 2022 16:44:25 GMT
videoplayback
rr3---sn-h0jeened.googlevideo.com/ Frame B8E0
136 KB
136 KB
XHR
General
Full URL
https://rr3---sn-h0jeened.googlevideo.com/videoplayback?expire=1645310665&ei=aR4RYoqaC-3Zx_APwPGBoAU&ip=2a01%3A4a0%3A2c%3A%3A5&id=o-AHkMgxyJpTNHDqRwnUohl0hHS1Iti4vSL3OgN-jewMgT&itag=251&source=youtube&requiressl=yes&mh=oj&mm=31%2C26&mn=sn-h0jeened%2Csn-4g5ednsy&ms=au%2Conr&mv=u&mvi=3&pl=46&vprv=1&mime=audio%2Fwebm&ns=1H8Qhdqs-HkYMrM-b-qSM4MG&gir=yes&clen=2659822&dur=160.221&lmt=1555605238067182&mt=1645288748&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5531432&n=WNE2hxb1SSoGZA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgAoBIHs_mTyYN2XVAQZQpafBI6fC0YxmS-jdrBoUi8qECIE5jx0f0vchH3KmmMl2LcWTNQ4GGd485uXuAWf9wp-b_&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgUjSmMzlKya0fJ5JB-bnbhMvWQDCzdvoikQ5bhhCUKvsCIAqzo81FM7zifEhkWuCpk6OJBUrooFxcbtVdZqJepDcx&alr=yes&cpn=InwXgtW44SHz-dnf&cver=1.20220216.01.00&range=131624-270645&rn=5&rbuf=7833
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4016:d::8 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
e528809ea53933ab3cbc015942fc6504f59f3ceb90f84d827cf8dfb8e62f70cc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 16:44:26 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139022
client-protocol
quic
last-modified
Thu, 18 Apr 2019 16:33:58 GMT
server
gvs 1.0
vary
Origin
content-type
audio/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21299
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Sat, 19 Feb 2022 16:44:26 GMT
videoplayback
rr3---sn-h0jeened.googlevideo.com/ Frame B8E0
384 KB
384 KB
XHR
General
Full URL
https://rr3---sn-h0jeened.googlevideo.com/videoplayback?expire=1645310665&ei=aR4RYoqaC-3Zx_APwPGBoAU&ip=2a01%3A4a0%3A2c%3A%3A5&id=o-AHkMgxyJpTNHDqRwnUohl0hHS1Iti4vSL3OgN-jewMgT&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=oj&mm=31%2C26&mn=sn-h0jeened%2Csn-4g5ednsy&ms=au%2Conr&mv=u&mvi=3&pl=46&vprv=1&mime=video%2Fmp4&ns=1H8Qhdqs-HkYMrM-b-qSM4MG&gir=yes&clen=6041718&dur=160.199&lmt=1600713334271552&mt=1645288748&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5531432&n=WNE2hxb1SSoGZA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAMtsr3J1UXQbI17hzLoY4agDOChEDiudu8HDpbbdK5ZeAiAMBsGvqvguPP04FfUS0TTRs7N8aBUw-mbx_x7EPFpy0A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgUjSmMzlKya0fJ5JB-bnbhMvWQDCzdvoikQ5bhhCUKvsCIAqzo81FM7zifEhkWuCpk6OJBUrooFxcbtVdZqJepDcx&alr=yes&cpn=InwXgtW44SHz-dnf&cver=1.20220216.01.00&range=202760-595649&rn=6&rbuf=10000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4016:d::8 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
26b015fd1f5e4d9cc96d1d680b52ba42e28b896ea6616760704f54a5bfb9b723
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 16:44:26 GMT
x-restrict-formats-hint
None
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
392890
client-protocol
quic
last-modified
Mon, 21 Sep 2020 18:35:34 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21299
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-content-type-options
nosniff
expires
Sat, 19 Feb 2022 16:44:26 GMT
log_event
www.youtube.com/youtubei/v1/ Frame B8E0
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/oyXYIUioJ2g?autoplay=1
X-YouTube-Client-Version
1.20220216.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtJMGY0UTVwaHA4ZyjovMSQBg%3D%3D
X-YouTube-Ad-Signals
dt=1645289066737&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date
Sat, 19 Feb 2022 16:44:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Sat, 19 Feb 2022 16:44:27 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone

3 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: FvaFUDKuwfw
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: I0f4Q5php8g
.change.org/ Name: __cfruid
Value: adb9a87f8348e78fcd3903e2714a369c77088b0a-1645289064

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.change.org
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
rr3---sn-h0jeened.googlevideo.com
static.doubleclick.net
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.17.89.51
18.170.245.130
2a00:1450:4001:800::2003
2a00:1450:4001:800::2016
2a00:1450:4001:813::2006
2a00:1450:4001:813::200e
2a00:1450:4001:827::2004
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:4016:d::8
0dd464ea779bc12559c18f4fe84f588d79784235f77c5c70ea126db6619738b1
1a9260e4947d2b7530dd8826e03d4b56b2ddeaf5a3970a7fc05a1f6ceca6e957
245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87
26b015fd1f5e4d9cc96d1d680b52ba42e28b896ea6616760704f54a5bfb9b723
2d395a74d03f872380bfb20544cb906aa14dabc129e40a7b9151ec3b0cb1111c
2d4642e81ac658ac0e3612edfb8b6d36ee33ec50f92eb6a6ad18313b83c334e1
3428f73992c9e889fffeb9ac7d2d3979085e7cef774fc5a4aba346e0f5171ed9
376768bb6bd7cb792b17dda2666d23317f9d687aaac1be16196aacd39417e3a5
3b3043a59925da95728c8d505da11bc06e2c7a502486e1c84fcc9445dee2ab96
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4477ee59b97030d6f35483b304d8bd6e71388e45c339d83c22cde5d1dead3d34
4eeacb91e730dedba1f910be8b975ece4d75cf8cf50d0d82f4d4952a0da341c2
5c17a6ef0ab1118b1927464a7928490bf344f0d479377df0e2fc1f70a7cbf308
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69608f37269c9a460831f439056886247a9d34598cbc29ac58c7fd8476f353ba
6e2d2046e9a8880e8cbd01dedd18638c0bc6aadfb438216566379b689a3e6d89
6ef96c95c03fc9bfa3d0a39db27bf5399e4c04e523e117d6b8c80b799b738bd3
88fe0f776292102acc35beae54efe72acf98d3dc0140f4872c19197be357fbfd
8b838fab476b0b972555361c19bfa11475adc6bcb3165ea3823eca1584fe6017
9a43fef9702d6757961a463de457a96adab660d9f5201dd9120c95e3bec4bd81
a0a95f5345eee401264602894c9598cfd529818413f73a07346b7759580cffb5
b1fad57d369304343119651742b6c4a22df985c61fb92ea0197d1f37a5217f21
c81bb8f8a28633d6145436994ec28a7fb2aa7ca85006c720c362722c48a662a1
ce8c37a8a8b711ea32b8bc7a3fc13a350a0fd1513b7f0067e3157b2cad942cc5
d49703142ce18bf8a6c8ee9db9408c0d9758bf180c784aada4b030fb984be945
d537fdc88a004ad2837c80c7a7212b7a17dfcc9cfc294286f5d1bdb9651cd624
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e528809ea53933ab3cbc015942fc6504f59f3ceb90f84d827cf8dfb8e62f70cc
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f0308b66cb2b979ed7a606b4523d62a3a56342906cd69bbaa17490b69cfdd738