hrtransformation.online Open in urlscan Pro
185.215.4.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://colourgifts.ru/
Effective URL:
https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Submission: On January 24 via manual (January 24th 2024, 7:50:18 am UTC) from RU — Scanned from NL

Summary HTTP 102 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 24 IPs in 6 countries across 18 domains to perform 102 HTTP transactions. The main IP is 185.215.4.21, located in Russian Federation and belongs to DDOS-GUARD, RU. The main domain is hrtransformation.online.
TLS certificate: Issued by R3 on January 17th 2024. Valid for: 3 months.

This is the only time hrtransformation.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	45.140.19.204 45.140.19.204	212913 (TIMEHOST-AS) (TIMEHOST-AS)
1	185.215.4.21 185.215.4.21	57724 (DDOS-GUARD) (DDOS-GUARD)
1	162.55.188.142 162.55.188.142	24940 (HETZNER-AS) (HETZNER-AS)
36	2a03:90c0:41:... 2a03:90c0:41:2801::62	199524 (GCORE) (GCORE)
2	178.248.236.28 178.248.236.28	51115 (HLL-AS) (HLL-AS)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
5	89.208.228.119 89.208.228.119	47764 (VK-AS) (VK-AS)
2	142.250.181.238 142.250.181.238	15169 (GOOGLE) (GOOGLE)
2	2a13:1ec0::1037 2a13:1ec0::1037	201589 (EDGEAMLLC) (EDGEAMLLC)
15	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.184.200 142.250.184.200	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4 9	77.88.21.119 77.88.21.119	13238 (YANDEX) (YANDEX)
1	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	193.3.17.198 193.3.17.198	210753 (TILDAPUBL...) (TILDAPUBLISHING-RU-1)
1 2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.185.106 142.250.185.106	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2004	() ()
3	142.250.181.225 142.250.181.225	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400e:16::9	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
102	24

2 45.140.19.204 (Netherlands) 2 redirects

ASN212913 (TIMEHOST-AS, UA)
PTR: colourgifts.ru

colourgifts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.215.4.21 (Russian Federation)

ASN57724 (DDOS-GUARD, RU)

hrtransformation.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.188.142 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.142.188.55.162.clients.your-server.de

neo.tildacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a03:90c0:41:2801::62 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

static.tildacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.248.236.28 (Russian Federation)

ASN51115 (HLL-AS, RU)

ws.tildacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 89.208.228.119 (Reutov, Russian Federation)

ASN47764 (VK-AS, RU)
PTR: 119.mcs.mail.ru

cdn-ru.bitrix24.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
quorum.bitrix24.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a13:1ec0::1037 (Armenia)

ASN201589 (EDGEAMLLC, AM)

thumb.tildacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 77.88.21.119 (Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.3.17.198 (Russian Federation)

ASN210753 (TILDAPUBLISHING-RU-1, RU)
PTR: 198-17.addr.tildacdn.net

stat.tildacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400e:16::9 (Ireland)

ASN15169 (GOOGLE, US)

rr4---sn-5hneknek.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	tildacdn.com neo.tildacdn.com — Cisco Umbrella Rank: 85696 static.tildacdn.com — Cisco Umbrella Rank: 62265 ws.tildacdn.com — Cisco Umbrella Rank: 91268 thumb.tildacdn.com — Cisco Umbrella Rank: 85904 stat.tildacdn.com — Cisco Umbrella Rank: 78614	878 KB
17	youtube.com www.youtube.com — Cisco Umbrella Rank: 75	1 MB
8	gstatic.com fonts.gstatic.com	106 KB
6	googlevideo.com rr4---sn-5hneknek.googlevideo.com — Cisco Umbrella Rank: 48679	1 MB
6	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 8747	3 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 jnn-pa.googleapis.com — Cisco Umbrella Rank: 220	42 KB
5	bitrix24.ru cdn-ru.bitrix24.ru — Cisco Umbrella Rank: 160992 quorum.bitrix24.ru	150 KB
3	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 231	11 KB
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3982	72 KB
2	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 static.doubleclick.net Failed	730 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	68 KB
2	colourgifts.ru 2 redirects colourgifts.ru	372 B
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 93	51 KB
1	google.com www.google.com	20 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2029	250 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	84 KB
1	hrtransformation.online hrtransformation.online	13 KB
102	18

	Domain	Requested by
36	static.tildacdn.com	hrtransformation.online
17	www.youtube.com	static.tildacdn.com www.youtube.com
8	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
6	rr4---sn-5hneknek.googlevideo.com	www.youtube.com
6	mc.yandex.com	3 redirects mc.yandex.ru
4	jnn-pa.googleapis.com	www.youtube.com
3	yt3.ggpht.com	www.youtube.com
3	mc.yandex.ru	1 redirects hrtransformation.online
3	cdn-ru.bitrix24.ru	hrtransformation.online cdn-ru.bitrix24.ru
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	connect.facebook.net	hrtransformation.online connect.facebook.net
2	thumb.tildacdn.com
2	quorum.bitrix24.ru	cdn-ru.bitrix24.ru
2	fonts.googleapis.com	hrtransformation.online
2	ws.tildacdn.com	hrtransformation.online
2	colourgifts.ru	2 redirects
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	stat.tildacdn.com	static.tildacdn.com
1	www.facebook.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	hrtransformation.online
1	neo.tildacdn.com	hrtransformation.online
1	hrtransformation.online
0	static.doubleclick.net Failed	www.youtube.com
102	25

This site contains links to these domains. Also see Links.

Domain
www.bitrix24.ru
t.me
quorumconference.ru
wa.me

Subject Issuer	Validity	Valid
hrtransformation.online R3	`2024-01-17` - `2024-04-16`	3 months	crt.sh
*.tildacdn.com GlobeSSL DV CA	`2023-02-21` - `2024-02-21`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.bitrix24.ru Go Daddy Secure Certificate Authority - G2	`2023-11-20` - `2024-12-21`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-02` - `2024-01-31`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-12-26` - `2024-06-05`	5 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2024-01-16` - `2024-03-26`	2 months	crt.sh
edgestatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Frame ID: 2C51D0506FB4583022815A982BEF6EFC
Requests: 69 HTTP requests in this frame

Frame: https://www.youtube.com/embed/_k8Cuy7jCqQ?autoplay=1&loop=1&enablejsapi=1&playerapiid=featuredytplayer&controls=0&modestbranding=1&rel=0&showinfo=0&color=white&iv_load_policy=3&theme=light&wmode=transparent&origin=https://hrtransformation.online&playlist=_k8Cuy7jCqQ&mute=1
Frame ID: AAAC1FFAB4AF7F8A740AE26F654C99CD
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HR-ТРАНСФОРМАЦИЯ 2024

Page URL History Show full URLs

http://colourgifts.ru/ HTTP 301
https://colourgifts.ru/ HTTP 301
https://hrtransformation.online/vidconfhr?utm_source=ivasam/ Page URL

Detected technologies

Tilda (CMS) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+tilda(?:cdn|\.ws|-blocks)
tilda(?:cdn|\.ws|-blocks)

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hammer.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

hammer(?:\.min)?\.js

Highlight.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.])+/)?highlight(?:\.min)?\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

102
Requests

96 %
HTTPS

50 %
IPv6

18
Domains

25
Subdomains

24
IPs

6
Countries

3734 kB
Transfer

7572 kB
Size

28
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bitrix24.ru/abuse/?b24_form_id=218&b24_address=https%3A%2F%2Fquorum.bitrix24.ru&b24_form_address=https%3A%2F%2Fhrtransformation.online%2Fvidconfhr%3Futm_source%3Divasam%2F
Title: Сообщить о нарушении

Search URL Search Domain Scan URL

URL: https://t.me/+Wg4pHxGw5V9hNDM6
Title: Получать в Telegram

Search URL Search Domain Scan URL

URL: https://www.bitrix24.ru/abuse/?b24_form_id=211&b24_address=https%3A%2F%2Fquorum.bitrix24.ru&b24_form_address=https%3A%2F%2Fhrtransformation.online%2Fvidconfhr%3Futm_source%3Divasam%2F
Title: Сообщить о нарушении

Search URL Search Domain Scan URL

URL: http://quorumconference.ru/

Search URL Search Domain Scan URL

URL: https://wa.me/79999994241
Title: WhatsApp |

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://colourgifts.ru/ HTTP 301
https://colourgifts.ru/ HTTP 301
https://hrtransformation.online/vidconfhr?utm_source=ivasam/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10258.JPQIIYzv2MYCA2u08xxuX0paM8AEOIFMjn0Lvr1QYXgrXZvo8ehRIjF5GD6h1-MG.lq20SvQavfK-6mX2Ur-Z4IgOVzc%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10258.UdtylPOmZ2wbMfID0ToT5KrDHsqOhULwJ6MLw6QIoU0FXiPx8Vl1GGm_-rMEI8eYdfvodHysqpl6odIihTxJGKQ_Cg8dPdaL5wCissXX7IG_HEceFKH1Egzb50UPxIvPJzE5nyPCOr4hNTEAxQBizJdPl0llgp7TLhXUDm6G-uzHT44NC0LB6rbn81R7tT2qOYpV3l3uqasEBpW9abtTqXDgKpSs9TESNIzTg1rEmPg%2C.OQveI9iEQeku98q6X2G-9oaqdqg%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10258.FvofcJN5kZabH_cBLNIuwxkLpFVnS6lNoz7J7PwvV7DRBxF-484D2a12JvAVCcPLF4AeEbEEK9G469gizio_bUhsnPXRVvw9WQTbLqmKan2om3n7RTX8c35yP4SArMgGmh6vOHpsGVisd-a154aNsdMO6v5fLs6eWGtJTjhKpc-tU1i68_egBo-lPKREooogG1UsUWy9M2KQNCnTeHUGQw%2C%2C.F1_M2TWIMq-ZA9xseUhskJTRFMw%2C

Request Chain 72

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 81

https://mc.yandex.com/watch/71447122?wmode=7&page-url=https%3A%2F%2Fhrtransformation.online%2Fvidconfhr%3Futm_source%3Divasam%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A1120197847364%3Ahid%3A60078022%3Az%3A60%3Ai%3A20240124085015%3Aet%3A1706082615%3Ac%3A1%3Arn%3A788979828%3Arqn%3A1%3Au%3A1706082615996764073%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C35%2C65%2C1%2C346%2C0%2C%2C603%2C4%2C2346%2C2346%2C2%2C1668%3Aco%3A0%3Acpf%3A1%3Ans%3A1706082611639%3Agi%3AR0ExLjEuMTczMDg1ODUyNS4xNzA2MDgyNjE1%3Afp%3A2241%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706082616%3At%3AHR-%D0%A2%D0%A0%D0%90%D0%9D%D0%A1%D0%A4%D0%9E%D0%A0%D0%9C%D0%90%D0%A6%D0%98%D0%AF%202024&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
https://mc.yandex.com/watch/71447122/1?wmode=7&page-url=https%3A%2F%2Fhrtransformation.online%2Fvidconfhr%3Futm_source%3Divasam%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A1120197847364%3Ahid%3A60078022%3Az%3A60%3Ai%3A20240124085015%3Aet%3A1706082615%3Ac%3A1%3Arn%3A788979828%3Arqn%3A1%3Au%3A1706082615996764073%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C35%2C65%2C1%2C346%2C0%2C%2C603%2C4%2C2346%2C2346%2C2%2C1668%3Aco%3A0%3Acpf%3A1%3Ans%3A1706082611639%3Agi%3AR0ExLjEuMTczMDg1ODUyNS4xNzA2MDgyNjE1%3Afp%3A2241%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706082616%3At%3AHR-%D0%A2%D0%A0%D0%90%D0%9D%D0%A1%D0%A4%D0%9E%D0%A0%D0%9C%D0%90%D0%A6%D0%98%D0%AF%202024&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

102 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request vidconfhr Show response
hrtransformation.online/
Redirect Chain

http://colourgifts.ru/
https://colourgifts.ru/
https://hrtransformation.online/vidconfhr?utm_source=ivasam/

59 KB
13 KB

119ms
65ms

Document
text/html

185.215.4.21
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://hrtransformation.online/vidconfhr?utm_source=ivasam/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.215.4.21 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

Software

ddos-guard /

Resource Hash

c3e8937ab82cbc7ec75bb9438a40afa515b30dbecb1e3c8368b3052517eae1a4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0 public
content-encoding: gzip
content-length: 12958
content-type: text/html; charset=UTF-8
date: Wed, 24 Jan 2024 07:50:12 GMT
etag: "ed8a-60f83f92c309b-gzip"
last-modified: Mon, 22 Jan 2024 07:42:35 GMT
server: ddos-guard
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-host: hrtransformation.online

Redirect headers

content-length: 162
content-type: text/html
date: Wed, 24 Jan 2024 07:50:11 GMT
location: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
server: nginx
strict-transport-security: max-age=31536000

GET
H2 200 tilda-fallback-1.0.min.js Show response
neo.tildacdn.com/js/ 2 KB
1013 B 107ms
22ms Script
application/javascript 162.55.188.142
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://neo.tildacdn.com/js/tilda-fallback-1.0.min.js
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.188.142 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.142.188.55.162.clients.your-server.de
Software: nginx /
Resource Hash: cdf65e26b905a653bce60df182886b032b606940391badb1e3a655f434ca446c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 07:50:12 GMT
content-encoding: gzip
last-modified: Mon, 08 May 2023 11:27:47 GMT
server: nginx
etag: W/"6458dcb3-77e"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *

GET
H2 200 tilda-grid-3.0.min.css
static.tildacdn.com/css/ 4 KB
1 KB 389ms
207ms Stylesheet
text/css 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tildacdn.com/css/tilda-grid-3.0.min.css
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 0b5f664c528f466606c93195975f671fc46c3a9c10fee54426c2cd1cf89b1fec

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc61
date: Wed, 24 Jan 2024 07:50:12 GMT
content-encoding: br
tserver: 11
last-modified: Tue, 21 Feb 2023 12:52:41 GMT
server: nginx
traceparent: 00-07900d3ef9c64b596ab764d5b896a7f6-2d966f3a46886613-01
x-id-shield: am3-hw-edge-gc88
etag: W/"63f4be99-11a2"
vary: Accept-Encoding
x-cached-since: 2023-12-17T11:49:37+00:00, 2024-01-23T13:46:43+00:00
content-type: text/css
x-id-fe: fr5-hw-edge-gc35
cache: HIT, HIT

GET
H/1.1 200
OK tilda-blocks-page42304112.min.css
ws.tildacdn.com/project2469336/ 35 KB
7 KB 243ms
204ms Stylesheet
text/css 178.248.236.28
HLL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.tildacdn.com/project2469336/tilda-blocks-page42304112.min.css?t=1705909354
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.236.28 , Russian Federation, ASN51115 (HLL-AS, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: f23256aa84a75f56793a4fe61d69d32c0a60014fc19d9f87d0ebe341634694ce

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 07:50:12 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Jan 2024 07:42:36 GMT
Server: QRATOR
Transfer-Encoding: chunked
Content-Type: text/css
cache-control: max-age=0, public
X-Host: ws.tildacdn.com
Connection: keep-alive
Keep-Alive: timeout=15

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
823 B 80ms
30ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&subset=latin,cyrillic

Requested by

Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Jan 2024 07:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 06:46:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Jan 2024 07:50:12 GMT

GET
H2 200 tilda-cover-1.0.min.css
static.tildacdn.com/css/ 3 KB
795 B 387ms
206ms Stylesheet
text/css 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tildacdn.com/css/tilda-cover-1.0.min.css
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 094c52d6943f6c49049d4922ae91070587970c60c2153138b3fec9bf421d1811

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc52
date: Wed, 24 Jan 2024 07:50:12 GMT
content-encoding: br
tserver: 11
last-modified: Fri, 04 Aug 2023 07:22:49 GMT
server: nginx
traceparent: 00-f49356ddb2422a5000c02ae33cf14ee2-aaccf3c9d4f16498-01
x-id-shield: am3-hw-edge-gc89
etag: W/"64cca749-a9d"
vary: Accept-Encoding
x-cached-since: 2024-01-11T10:24:23+00:00, 2024-01-12T09:52:23+00:00
content-type: text/css
x-id-fe: fr5-hw-edge-gc35
cache: HIT, HIT

GET
H2 200 tilda-forms-1.0.min.css
static.tildacdn.com/css/ 19 KB
3 KB 566ms
385ms Stylesheet
text/css 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tildacdn.com/css/tilda-forms-1.0.min.css
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1c3389b007dbe39487147e561d573a0e8aab252704bac55399201b5c4fb242e8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc62
date: Wed, 24 Jan 2024 07:50:12 GMT
content-encoding: br
tserver: 9
last-modified: Tue, 23 Jan 2024 09:13:53 GMT
server: nginx
traceparent: 00-9adfd606250fa6697b71b62168aa8844-58564794fe22047e-01
x-id-shield: am3-hw-edge-gc88
etag: W/"65af8351-4c8c"
vary: Accept-Encoding
x-cached-since: 2024-01-23T09:19:04+00:00, 2024-01-23T09:20:22+00:00
content-type: text/css
x-id-fe: fr5-hw-edge-gc35
cache: HIT, HIT

GET
H2 200 tilda-cards-1.0.min.css
static.tildacdn.com/css/ 758 B
393 B 385ms
204ms Stylesheet
text/css 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tildacdn.com/css/tilda-cards-1.0.min.css
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 5d1f6a0c5f49cfeae147b675599153c5118aa2691ccb1c18939fb9035436cc8c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc15
date: Wed, 24 Jan 2024 07:50:12 GMT
content-encoding: br
tserver: 9
last-modified: Thu, 11 May 2023 15:16:55 GMT
server: nginx
traceparent: 00-2c06059f52f3793fd0410c8f942608b0-592dc5d3e95de7bd-01
x-id-shield: am3-hw-edge-gc89
etag: W/"645d06e7-2f6"
vary: Accept-Encoding
x-cached-since: 2023-12-11T15:07:31+00:00, 2023-12-11T15:09:45+00:00
content-type: text/css
x-id-fe: fr5-hw-edge-gc35
cache: HIT, HIT

GET
H2 200 highlight.min.css
static.tildacdn.com/css/ 1 KB
2 KB 315ms
134ms Stylesheet
text/css 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tildacdn.com/css/highlight.min.css
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 07a23b618075104849d8dc806499faf025761532347d5c244e488142de01e106

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-canary-gc28
date: Wed, 24 Jan 2024 07:50:12 GMT
tserver: 10
last-modified: Thu, 18 Mar 2021 12:08:37 GMT
server: nginx
traceparent: 00-7fc7eea99f94a1c7aac15881aef577b2-fc7bb35b54f84699-01
etag: "605342c5-52d"
x-cached-since: 2024-01-14T15:06:53+00:00
content-type: text/css
x-id-fe: fr5-hw-edge-gc35
cache: HIT
accept-ranges: bytes
content-length: 1325

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 79ms
29ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&family=Roboto+Mono:wght@300;400;600;700

Requested by

Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46dd9e10128e270cf52b193592031da0e9e5e8efca95fff4f73c59239e93fe17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Jan 2024 07:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 07:50:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Jan 2024 07:50:12 GMT

GET
H2 200 jquery-1.10.2.min.js Show response
static.tildacdn.com/js/ 91 KB
91 KB 440ms
259ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tildacdn.com/js/jquery-1.10.2.min.js
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc31
date: Wed, 24 Jan 2024 07:50:12 GMT
tserver: 13
last-modified: Sun, 25 Apr 2021 08:11:36 GMT
server: nginx
traceparent: 00-475b94fe30f1d5bcdde02390061c5e12-848de278d90c77f6-01
etag: "60852438-16b88"
x-cached-since: 2024-01-14T14:58:09+00:00
content-type: application/javascript; charset=utf-8
x-id-fe: fr5-hw-edge-gc35
cache: HIT
accept-ranges: bytes
content-length: 93064

GET
H2 200 tilda-scripts-3.0.min.js Show response
static.tildacdn.com/js/ 19 KB
5 KB 414ms
414ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tildacdn.com/js/tilda-scripts-3.0.min.js
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: cc28a4f445a1c48ca09edfce3dd5ad93db127e7c3f44de42a0865124df5269ae

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc32
date: Wed, 24 Jan 2024 07:50:12 GMT
content-encoding: br
tserver: 13
last-modified: Fri, 22 Dec 2023 12:12:56 GMT
server: nginx
traceparent: 00-8ba69c6ff45ed93d7904ba1bae22206a-b39ee4ef00e1fbf1-01
x-id-shield: am3-hw-edge-gc89
etag: W/"65857d48-4b28"
vary: Accept-Encoding
x-cached-since: 2024-01-17T09:53:22+00:00, 2024-01-17T11:02:33+00:00
content-type: application/javascript; charset=utf-8
x-id-fe: fr5-hw-edge-gc35
cache: HIT, HIT

GET
H/1.1 200
OK tilda-blocks-page42304112.min.js Show response
ws.tildacdn.com/project2469336/ 26 KB
7 KB 187ms
185ms Script
application/javascript 178.248.236.28
HLL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.tildacdn.com/project2469336/tilda-blocks-page42304112.min.js?t=1705909354
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.236.28 , Russian Federation, ASN51115 (HLL-AS, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: cbe0e67a227c8e2eb4940831ff759d7a797f293e05bf9429dec014a0777b5ea3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 07:50:12 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Jan 2024 07:42:38 GMT
Server: QRATOR
Transfer-Encoding: chunked
Content-Type: application/javascript
cache-control: max-age=0, public
X-Host: ws.tildacdn.com
Connection: keep-alive
Keep-Alive: timeout=15

GET
H2 200 tilda-lazyload-1.0.min.js Show response
static.tildacdn.com/js/ 24 KB
7 KB 573ms
571ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tildacdn.com/js/tilda-lazyload-1.0.min.js
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 229651dc23f4221cd72c70a39ddcb22810efbe6a7267c37f4ab05890da19b232

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc12
date: Wed, 24 Jan 2024 07:50:12 GMT
content-encoding: br
tserver: 8
last-modified: Tue, 23 Jan 2024 12:50:52 GMT
server: nginx
traceparent: 00-7f12bb3480dbf35d959a89a20d3f7bba-47b9a4f20207c60f-01
x-id-shield: am3-hw-edge-gc89
etag: W/"65afb62c-5f38"
vary: Accept-Encoding
x-cached-since: 2024-01-23T12:52:47+00:00, 2024-01-23T12:52:48+00:00
content-type: application/javascript; charset=utf-8
x-id-fe: fr5-hw-edge-gc35
cache: HIT, HIT

GET
H2 200 tilda-cover-1.0.min.js Show response
static.tildacdn.com/js/ 13 KB
13 KB 573ms
571ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tildacdn.com/js/tilda-cover-1.0.min.js
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 2b991cb47d0d588ba705362a0caf6072c1044422c26c64093abc4f1ee3011c12

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-canary-gc36
date: Wed, 24 Jan 2024 07:50:12 GMT
tserver: 12
last-modified: Tue, 03 Oct 2023 07:17:22 GMT
server: nginx
traceparent: 00-4f9c5fd4ff287ad14471cdc017ff49c9-76ead26d99b26438-01
etag: "651bc002-3366"
x-cached-since: 2024-01-14T15:05:12+00:00
content-type: application/javascript; charset=utf-8
x-id-fe: fr5-hw-edge-gc35
cache: HIT
accept-ranges: bytes
content-length: 13158

GET
H2 200 tilda-forms-1.0.min.js Show response
static.tildacdn.com/js/ 57 KB
15 KB 573ms
571ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tildacdn.com/js/tilda-forms-1.0.min.js
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 54193514faa4462ea838d5019990ad9af8609f559e5bcc55c49d521cd1fa1ebd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc38
date: Wed, 24 Jan 2024 07:50:12 GMT
content-encoding: br
tserver: 7
last-modified: Mon, 15 Jan 2024 11:14:49 GMT
server: nginx
traceparent: 00-e7f358c3f36e2d9e7b830b44e4cde5c5-5a4d1bd925a1b499-01
x-id-shield: am3-hw-edge-gc88
etag: W/"65a513a9-e26e"
vary: Accept-Encoding
x-cached-since: 2024-01-15T11:27:25+00:00, 2024-01-16T11:50:46+00:00
content-type: application/javascript; charset=utf-8
x-id-fe: fr5-hw-edge-gc35
cache: HIT, HIT

GET
H2 200 tilda-cards-1.0.min.js Show response
static.tildacdn.com/js/ 2 KB
763 B 574ms
572ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tildacdn.com/js/tilda-cards-1.0.min.js
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: c0cbb06107c0056343c4e430ba3566e0980cf694c6907acaa4a390a416553651

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc27
date: Wed, 24 Jan 2024 07:50:12 GMT
content-encoding: br
tserver: 7
last-modified: Tue, 12 Dec 2023 07:29:11 GMT
server: nginx
traceparent: 00-365bccc326f803c8636e76f7ed9ac0d8-7f01c1b312637285-01
x-id-shield: am3-hw-edge-gc89
etag: W/"65780bc7-850"
vary: Accept-Encoding
x-cached-since: 2023-12-12T07:50:45+00:00, 2023-12-14T11:51:11+00:00
content-type: application/javascript; charset=utf-8
x-id-fe: fr5-hw-edge-gc35
cache: HIT, HIT

GET
H2 200 tilda-popup-1.0.min.js Show response
static.tildacdn.com/js/ 3 KB
1 KB 574ms
573ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tildacdn.com/js/tilda-popup-1.0.min.js
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 2fc0055d3d9a2cd7c1e8d752a03146d8b6c612495477f70ca8e996443a1510f4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc34
date: Wed, 24 Jan 2024 07:50:12 GMT
content-encoding: br
tserver: 10
last-modified: Tue, 24 Oct 2023 08:22:12 GMT
server: nginx
traceparent: 00-e4959c8b78437a7f2f20cb5139350246-5547207826508a1e-01
x-id-shield: am3-hw-edge-gc88
etag: W/"65377eb4-a0c"
vary: Accept-Encoding
x-cached-since: 2024-01-16T12:00:25+00:00, 2024-01-22T14:20:40+00:00
content-type: application/javascript; charset=utf-8
x-id-fe: fr5-hw-edge-gc35
cache: HIT, HIT

GET
H2 200 hammer.min.js Show response
static.tildacdn.com/js/ 20 KB
7 KB 573ms
572ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tildacdn.com/js/hammer.min.js
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 090a7068a2209545279f858c6f41ff7ae42815e11c3d69463a2a2ea835282bd9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc29
date: Wed, 24 Jan 2024 07:50:12 GMT
content-encoding: br
tserver: 7
last-modified: Mon, 27 Nov 2023 03:18:40 GMT
server: nginx
traceparent: 00-b5d56f6fbd5a7f28bc286b35704cd8da-5e661760bb6dbacb-01
x-id-shield: am3-hw-edge-gc88
etag: W/"65640a90-50f6"
vary: Accept-Encoding
x-cached-since: 2023-12-17T11:21:27+00:00, 2024-01-14T14:59:21+00:00
content-type: application/javascript; charset=utf-8
x-id-fe: fr5-hw-edge-gc35
cache: HIT, HIT

GET
H2 200 tilda-slds-1.4.min.js Show response
static.tildacdn.com/js/ 32 KB
7 KB 573ms
572ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tildacdn.com/js/tilda-slds-1.4.min.js
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: c249c4e3606ec239bd2d92d81adfd54f486d497e8bb6524ab5a761bcf3e7d39d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc26
date: Wed, 24 Jan 2024 07:50:12 GMT
content-encoding: br
tserver: 13
last-modified: Thu, 28 Dec 2023 11:02:29 GMT
server: nginx
traceparent: 00-5226ea94143c1488e4c03798d1b8beef-206f43a435ee2bd4-01
x-id-shield: am3-hw-edge-gc89
etag: W/"658d55c5-7f7d"
vary: Accept-Encoding
x-cached-since: 2023-12-28T11:20:06+00:00, 2023-12-28T11:20:37+00:00
content-type: application/javascript; charset=utf-8
x-id-fe: fr5-hw-edge-gc35
cache: HIT, HIT

GET
H2 200 tilda-menu-1.0.min.js Show response
static.tildacdn.com/js/ 10 KB
3 KB 573ms
572ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tildacdn.com/js/tilda-menu-1.0.min.js
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: d586b2fb362b301b5911af38d7bfe0461ebe7242657956d704aa6f749a0b7bc5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc62
date: Wed, 24 Jan 2024 07:50:12 GMT
content-encoding: br
tserver: 7
last-modified: Tue, 23 Jan 2024 13:48:17 GMT
server: nginx
traceparent: 00-4afabb96ddabe9fa121e0876cbd1c572-60bc2f9c7de534a0-01
x-id-shield: am3-hw-edge-gc89
etag: W/"65afc3a1-2960"
vary: Accept-Encoding
x-cached-since: 2024-01-23T13:48:47+00:00, 2024-01-23T13:48:48+00:00
content-type: application/javascript; charset=utf-8
x-id-fe: fr5-hw-edge-gc35
cache: HIT, HIT

GET
H2 200 highlight.min.js Show response
static.tildacdn.com/js/ 41 KB
17 KB 384ms
204ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tildacdn.com/js/highlight.min.js
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 5ad5171287c6d8cd3f604df3559129c28c5aaea6cc67ccdef3d0a509dbdd7a64

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc17
date: Wed, 24 Jan 2024 07:50:12 GMT
content-encoding: br
tserver: 7
last-modified: Mon, 27 Nov 2023 03:18:41 GMT
server: nginx
traceparent: 00-3f21dffd3bcd0da59d018246443134f1-5636daf72595005a-01
x-id-shield: am3-hw-edge-gc88
etag: W/"65640a91-a5cd"
vary: Accept-Encoding
x-cached-since: 2023-12-17T11:41:46+00:00, 2023-12-29T08:49:36+00:00
content-type: application/javascript; charset=utf-8
x-id-fe: fr5-hw-edge-gc35
cache: HIT, HIT

GET
H2 200 tilda-video-processor-1.0.min.js Show response
static.tildacdn.com/js/ 9 KB
3 KB 572ms
571ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tildacdn.com/js/tilda-video-processor-1.0.min.js
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 508f685ee14a44690c2776a9b949b65d4c04fd4b66bbc3e6307cff21cb6d35d8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc16
date: Wed, 24 Jan 2024 07:50:12 GMT
content-encoding: br
tserver: 9
last-modified: Mon, 07 Nov 2022 11:31:02 GMT
server: nginx
traceparent: 00-aade8ae53c712ba6bfeab4a1cc0f8e97-74e7dc436a50309f-01
x-id-shield: am3-hw-edge-gc88
etag: W/"6368ec76-22ed"
vary: Accept-Encoding
x-cached-since: 2023-11-17T19:26:07+00:00, 2023-12-11T15:28:25+00:00
content-type: application/javascript; charset=utf-8
x-id-fe: fr5-hw-edge-gc35
cache: HIT, HIT

GET
H2 200 tilda-skiplink-1.0.min.js Show response
static.tildacdn.com/js/ 2 KB
976 B 574ms
573ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tildacdn.com/js/tilda-skiplink-1.0.min.js
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e30be28d85f8db5566078029d843d227687fd73ccfd6757d37b69b2fc06bf48d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc12
date: Wed, 24 Jan 2024 07:50:12 GMT
content-encoding: br
tserver: 12
last-modified: Thu, 19 Oct 2023 07:35:23 GMT
server: nginx
traceparent: 00-37818ed09c4fa869982a8042975b9cdd-9510d9d547079ce9-01
x-id-shield: am3-hw-edge-gc88
etag: W/"6530dc3b-757"
vary: Accept-Encoding
x-cached-since: 2023-10-19T07:39:47+00:00, 2023-11-30T09:58:15+00:00
content-type: application/javascript; charset=utf-8
x-id-fe: fr5-hw-edge-gc35
cache: HIT, HIT

GET
H2 200 tilda-events-1.0.min.js Show response
static.tildacdn.com/js/ 14 KB
4 KB 572ms
571ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tildacdn.com/js/tilda-events-1.0.min.js
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: eec8d17cb3211645a235cbe01531669c06d60dfc20c4c7b9693a35121542f2a1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc16
date: Wed, 24 Jan 2024 07:50:12 GMT
content-encoding: br
tserver: 9
last-modified: Fri, 12 Jan 2024 15:40:03 GMT
server: nginx
traceparent: 00-b7238c13b4abc242174a306e8e815fc5-55f8f0c9f3ff9bfe-01
x-id-shield: am3-hw-edge-gc89
etag: W/"65a15d53-375a"
vary: Accept-Encoding
x-cached-since: 2024-01-15T11:15:25+00:00, 2024-01-15T11:15:26+00:00
content-type: application/javascript; charset=utf-8
x-id-fe: fr5-hw-edge-gc35
cache: HIT, HIT

GET
H2 200 QUORUM_logo.jpg
static.tildacdn.com/tild3463-6133-4164-a435-333838643262/ 656 KB
657 KB 329ms
329ms Image
image/jpeg 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tildacdn.com/tild3463-6133-4164-a435-333838643262/QUORUM_logo.jpg
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ed0358ec0de70d5c738f95e541c2b990aab2d3d7c1e150306a60302eb74ca91e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-container-storage-policy-name: Policy-0
x-id: fr5-hw-edge-gc27
date: Wed, 24 Jan 2024 07:50:12 GMT
age: 0
x-cached-since: 2023-12-31T04:14:00+00:00
x-id-fe: fr5-hw-edge-gc35
content-length: 671308
x-trans-id: 1675c65a178cfaf1
tserver: 13
last-modified: Wed, 14 Apr 2021 16:28:52 GMT
server: nginx
traceparent: 00-7c1ab742873f12189414dd2360369dbf-186ba9b08871a2d5-01
x-id-shield: am3-hw-edge-gc88
etag: "71ff785f3a25b57a7c6b11971bde6c7f"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Expires, Cache-Control
cache-control: public
cache: MISS, HIT
x-timestamp: 1618417731.36460
x-container-storage-policy-index: 0
accept-ranges: bytes

GET
H2 200 tilda-popup-1.1.min.css
static.tildacdn.com/css/ 2 KB
769 B 573ms
572ms Stylesheet
text/css 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tildacdn.com/css/tilda-popup-1.1.min.css
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: c9d323c102499633dfe64c95ba5e0043c070ffa04683f796fbb7c5b625ee72c7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc16
date: Wed, 24 Jan 2024 07:50:12 GMT
content-encoding: br
tserver: 7
last-modified: Mon, 27 Nov 2023 03:18:31 GMT
server: nginx
traceparent: 00-13a4633b51123618c1a03d9bb933b2f1-9da0a61cc4ce93d1-01
x-id-shield: am3-hw-edge-gc88
etag: W/"65640a87-961"
vary: Accept-Encoding
x-cached-since: 2024-01-12T11:25:34+00:00, 2024-01-14T09:54:40+00:00
content-type: text/css
x-id-fe: fr5-hw-edge-gc35
cache: HIT, HIT

GET
H2 200 tilda-slds-1.4.min.css
static.tildacdn.com/css/ 12 KB
2 KB 572ms
572ms Stylesheet
text/css 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tildacdn.com/css/tilda-slds-1.4.min.css
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 3c80f7772e0f3841b2ced1722523c2c1299a163dd880857c37b2f2852ccbd7a1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc60
date: Wed, 24 Jan 2024 07:50:12 GMT
content-encoding: br
tserver: 11
last-modified: Thu, 19 Oct 2023 12:57:59 GMT
server: nginx
traceparent: 00-7244a2786d47486b78b40cf714ef20e9-2dd0800d01db7981-01
x-id-shield: am3-hw-edge-gc88
etag: W/"653127d7-2f82"
vary: Accept-Encoding
x-cached-since: 2023-10-19T12:58:52+00:00, 2023-12-05T12:18:38+00:00
content-type: text/css
x-id-fe: fr5-hw-edge-gc35
cache: HIT, HIT

GET
H2 200 __2023-11-09_205919.png
static.tildacdn.com/tild6138-3538-4666-b636-323133653230/-/resize/20x/ 921 B
1 KB 571ms
571ms Image
image/png 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tildacdn.com/tild6138-3538-4666-b636-323133653230/-/resize/20x/__2023-11-09_205919.png
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 7945f0e6ce4fe91f895e882c2bc284582d76f0039e8190286ec39ecb0454767b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc57
date: Wed, 24 Jan 2024 07:50:12 GMT
tserver: 13
server: nginx
traceparent: 00-3436002c3617ccb427b60ae0f7ed36b0-1935877cefc0028c-01
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-01-09T04:43:03+00:00
content-type: image/png
cache-control: public
cache: MISS, HIT
x-id-fe: fr5-hw-edge-gc35
x-resize-server: 1
expires: Sat, 27 Jan 2024 23:59:59 GMT

GET
H2 200 Rakov-fotor.jpg
static.tildacdn.com/tild6138-6362-4462-b135-396466613739/-/resizeb/20x/ 664 B
798 B 571ms
571ms Image
image/jpeg 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tildacdn.com/tild6138-6362-4462-b135-396466613739/-/resizeb/20x/Rakov-fotor.jpg
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 381708a8765e29ee40e02788055e972af2c6ef241d76f69634a070ae0f7a6c65

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 24 Jan 2024 07:50:12 GMT
tserver: 13
server: nginx
traceparent: 00-17510f2abece5ac8a799869bf543d4b2-d26bc657270c9343-01
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-01-24T07:20:39+00:00
content-type: image/jpeg
cache-control: public
cache: MISS, HIT
x-id-fe: fr5-hw-edge-gc35
x-resize-server: 1
expires: Thu, 22 Feb 2024 23:59:59 GMT

GET
H2 200 kondrashova-fotor.jpg
static.tildacdn.com/tild6661-3338-4564-a336-633231666532/-/resizeb/20x/ 662 B
844 B 570ms
570ms Image
image/jpeg 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tildacdn.com/tild6661-3338-4564-a336-633231666532/-/resizeb/20x/kondrashova-fotor.jpg
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 8988145db084c2ded8e2cdd1d024e2ce532fb426d3f7af6d37b786f65c7e4946

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc58
date: Wed, 24 Jan 2024 07:50:12 GMT
tserver: 13
server: nginx
traceparent: 00-c72f6525ae37ca143a14e9b7d40b115a-90ff1ccc83246413-01
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-01-24T07:20:39+00:00
content-type: image/jpeg
cache-control: public
cache: MISS, HIT
x-id-fe: fr5-hw-edge-gc35
x-resize-server: 1
expires: Thu, 22 Feb 2024 23:59:59 GMT

GET
H2 200 noroot.png
static.tildacdn.com/tild6365-6230-4232-a566-633964386530/-/resizeb/20x/ 1 KB
2 KB 570ms
570ms Image
image/png 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tildacdn.com/tild6365-6230-4232-a566-633964386530/-/resizeb/20x/noroot.png
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 5d32d1af5d7b8ead42a2b4293802d946094f39737ff26b0de0605f29ab2c45c5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc26
date: Wed, 24 Jan 2024 07:50:12 GMT
tserver: 13
server: nginx
traceparent: 00-31ea1f74d11c6af7c75568e70627349b-ad62bf1fbdeffa01-01
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-01-24T07:20:39+00:00
content-type: image/png
cache-control: public
cache: MISS, HIT
x-id-fe: fr5-hw-edge-gc35
x-resize-server: 5
expires: Thu, 22 Feb 2024 23:59:59 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 190ms
143ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hrtransformation.online
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:27:41 GMT
x-content-type-options: nosniff
age: 390151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 19:27:41 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 192ms
145ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hrtransformation.online
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:36:17 GMT
x-content-type-options: nosniff
age: 29635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:36:17 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 146ms
99ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hrtransformation.online
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 16:39:21 GMT
x-content-type-options: nosniff
age: 400251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 16:39:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 183ms
142ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hrtransformation.online
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:28:52 GMT
x-content-type-options: nosniff
age: 30080
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:28:52 GMT

GET
H2 200 loader_218.js Show response
cdn-ru.bitrix24.ru/b18375906/crm/form/ 16 KB
4 KB 212ms
90ms Script
application/javascript 89.208.228.119
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ru.bitrix24.ru/b18375906/crm/form/loader_218.js?9478236
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.208.228.119 Reutov, Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: 119.mcs.mail.ru
Software: nginx /
Resource Hash: 98cac47ffae4235743fa270ba71fd4b8eb58b61d98047ffa04f5262e69ef8a40

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 07:50:12 GMT
content-encoding: gzip
last-modified: Wed, 20 Dec 2023 14:12:00 GMT
server: nginx
etag: W/"c22f078f17879e053b8ded3838d3f87b"
content-type: application/javascript
cache-control: max-age=2592000
x-bitrix-lb: mail-lb-02
x-host: hb-bl4
x-req-id: g12LrbcrfN
server-timing: t1;dur=0.033, t2;dur=0.034, t3;dur=0.000, tc1;dur=56750, tc2;dur=5500, tc3;dur=20
expires: Fri, 23 Feb 2024 07:50:12 GMT

GET
H2 200 loader_211.js Show response
cdn-ru.bitrix24.ru/b18375906/crm/form/ 17 KB
4 KB 196ms
74ms Script
application/javascript 89.208.228.119
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ru.bitrix24.ru/b18375906/crm/form/loader_211.js?9478236
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.208.228.119 Reutov, Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: 119.mcs.mail.ru
Software: nginx /
Resource Hash: dac992d581fbf9fdca7ca5141b3f16218048ddac65fd85830e261af5d6eec5bb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 07:50:12 GMT
content-encoding: gzip
last-modified: Wed, 22 Nov 2023 10:53:17 GMT
server: nginx
etag: W/"4c0c9fc18dd8b57d3d6cad8bd23b2578"
content-type: application/javascript
cache-control: max-age=2592000
x-bitrix-lb: mail-lb-02
x-host: hb-bl1
x-req-id: VVCFxqaFtk
server-timing: t1;dur=0.018, t2;dur=0.019, t3;dur=0.000, tc1;dur=56750, tc2;dur=5500, tc3;dur=20
expires: Fri, 23 Feb 2024 07:50:12 GMT

GET
H2 200 fomina-fotor.jpg
static.tildacdn.com/tild3136-6530-4937-a338-366164346230/-/resizeb/20x/ 663 B
845 B 543ms
542ms Image
image/jpeg 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tildacdn.com/tild3136-6530-4937-a338-366164346230/-/resizeb/20x/fomina-fotor.jpg
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: d2f6b3337ee91155438902f9fa898c734484ca71aefd1664be72743272d31b0a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc35
date: Wed, 24 Jan 2024 07:50:12 GMT
tserver: 9
server: nginx
traceparent: 00-f5b93af7b35b70c9e3e9fa37f3bb97ac-cb2abb54e89a957c-01
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-01-21T16:03:29+00:00
content-type: image/jpeg
cache-control: public
cache: MISS, HIT
x-id-fe: fr5-hw-edge-gc35
x-resize-server: 1
expires: Tue, 20 Feb 2024 23:59:59 GMT

GET
H2 200 IMAGE_2024-01-18_101.jpg
static.tildacdn.com/tild6663-6638-4237-a162-366162646331/-/resizeb/20x/ 661 B
832 B 543ms
543ms Image
image/jpeg 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tildacdn.com/tild6663-6638-4237-a162-366162646331/-/resizeb/20x/IMAGE_2024-01-18_101.jpg
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 9b1a1d57fa8848b400efff1cb094c38e8556d75bf1149e7b627334e01e411ab9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-canary-gc36
date: Wed, 24 Jan 2024 07:50:12 GMT
tserver: 9
server: nginx
traceparent: 00-7076d5198243e0979c2814c67c69fab6-008617ac5e0ea041-01
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-01-23T13:57:54+00:00
content-type: image/jpeg
cache-control: public
cache: MISS, HIT
x-id-fe: fr5-hw-edge-gc35
x-resize-server: 1
expires: Thu, 22 Feb 2024 23:59:59 GMT

GET
H2 200 belyashin-fotor.jpg
static.tildacdn.com/tild3332-6339-4235-a364-316163393133/-/resizeb/20x/ 652 B
795 B 543ms
542ms Image
image/jpeg 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tildacdn.com/tild3332-6339-4235-a364-316163393133/-/resizeb/20x/belyashin-fotor.jpg
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 54c6e7f3d20f72eea23155e1e5db832c9cd7cccd0f8dc9499b8c14d058336c71

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc32
date: Wed, 24 Jan 2024 07:50:12 GMT
tserver: 11
server: nginx
traceparent: 00-2fb7e63dfd2f3162e780d3c3fa786bc8-caca1cdb9374dc0e-01
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-01-21T16:03:29+00:00
content-type: image/jpeg
cache-control: public
cache: MISS, HIT
x-id-fe: fr5-hw-edge-gc35
x-resize-server: 7
expires: Tue, 20 Feb 2024 23:59:59 GMT

GET
H2 200 mathilde-langevin-j5.png
static.tildacdn.com/tild3964-3964-4138-b231-383737643365/-/resizeb/20x/ 1 KB
1 KB 542ms
541ms Image
image/png 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tildacdn.com/tild3964-3964-4138-b231-383737643365/-/resizeb/20x/mathilde-langevin-j5.png
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 8bc9f5beda20070941c2c8879359bdf639e6342bd5cf6bdd6b52c1f347bcd645

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc16
date: Wed, 24 Jan 2024 07:50:12 GMT
tserver: 13
server: nginx
traceparent: 00-c41b0edfbd3c2f0874a370cf91ea68d5-f213e7f4f9cb2aec-01
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2023-12-11T13:36:10+00:00
content-type: image/png
cache-control: public
cache: MISS, HIT
x-id-fe: fr5-hw-edge-gc35
x-resize-server: 7
expires: Mon, 25 Dec 2023 23:59:59 GMT

GET
H2 200 1674254325_catherine.jpg
static.tildacdn.com/tild6639-6163-4433-b663-333064393562/-/resizeb/20x/ 625 B
812 B 542ms
542ms Image
image/jpeg 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tildacdn.com/tild6639-6163-4433-b663-333064393562/-/resizeb/20x/1674254325_catherine.jpg
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: a50835418749a7f279b0acd48e91ea88c59245243fb81efb026cdad00b5abe3b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc8
date: Wed, 24 Jan 2024 07:50:12 GMT
tserver: 8
server: nginx
traceparent: 00-2a4db6be49a039e1382e198863a97274-5b045f67c76701bd-01
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-01-23T13:13:47+00:00
content-type: image/jpeg
cache-control: public
cache: MISS, HIT
x-id-fe: fr5-hw-edge-gc35
x-resize-server: 7
expires: Fri, 09 Feb 2024 23:59:59 GMT

GET
H2 200 david-french-N0e6W2W.png
static.tildacdn.com/tild6230-3835-4236-b131-613764363161/-/resizeb/20x/ 1 KB
1 KB 542ms
541ms Image
image/png 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tildacdn.com/tild6230-3835-4236-b131-613764363161/-/resizeb/20x/david-french-N0e6W2W.png
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: fac997a51ec427deebaf0d25efcf5e7b9fa1a04bc75ee401b3309a7c1048fb07

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc22
date: Wed, 24 Jan 2024 07:50:12 GMT
tserver: 7
server: nginx
traceparent: 00-a15a82370bd451c04971bf0163263764-31215856819498a7-01
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2023-12-29T21:05:51+00:00, 2023-12-30T05:10:52+00:00
content-type: image/png
cache-control: public
cache: HIT, HIT
x-id-fe: fr5-hw-edge-gc35
x-resize-server: 5
expires: Sat, 27 Jan 2024 23:59:59 GMT

GET
H2 200 1673313991_krasavica.jpg
static.tildacdn.com/tild6530-3832-4664-b535-303138393363/-/resizeb/20x/ 639 B
820 B 542ms
542ms Image
image/jpeg 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tildacdn.com/tild6530-3832-4664-b535-303138393363/-/resizeb/20x/1673313991_krasavica.jpg
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ff6e102bbabfb18c7214c0c935d7fe4af0054d1e799061cfc8e977e0fb30243a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc61
date: Wed, 24 Jan 2024 07:50:12 GMT
tserver: 13
server: nginx
traceparent: 00-35d45ebcb1ede58a48b6b81f37e0add2-5b62df4fd9b6c565-01
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-01-23T05:28:45+00:00
content-type: image/jpeg
cache-control: public
cache: MISS, HIT
x-id-fe: fr5-hw-edge-gc35
x-resize-server: 7
expires: Tue, 13 Feb 2024 23:59:59 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 10 KB
10 KB 173ms
156ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hrtransformation.online
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:32:07 GMT
x-content-type-options: nosniff
age: 29885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9840
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:32:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 60ms
46ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hrtransformation.online
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 20:44:46 GMT
x-content-type-options: nosniff
age: 39926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 20:44:46 GMT

GET
H2 200 app.js Show response
cdn-ru.bitrix24.ru/b18375906/crm/form/ 85 KB
24 KB 89ms
89ms Script
application/javascript 89.208.228.119
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ru.bitrix24.ru/b18375906/crm/form/app.js?19746
Requested by: Host: cdn-ru.bitrix24.ru
URL: https://cdn-ru.bitrix24.ru/b18375906/crm/form/loader_211.js?9478236
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.208.228.119 Reutov, Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: 119.mcs.mail.ru
Software: nginx /
Resource Hash: 53c90328b96adc766375be39c10503c3b9a6cad5faa6687f5cebb3a4aa43b230

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 07:50:12 GMT
content-encoding: gzip
last-modified: Tue, 23 Jan 2024 11:05:30 GMT
server: nginx
etag: W/"32aa2ae90612ad882e3cd9444b69a62b"
content-type: application/javascript
cache-control: max-age=2592000
x-bitrix-lb: mail-lb-02
x-host: hb-bl1
x-req-id: 35uNEmxZxr
server-timing: t1;dur=0.032, t2;dur=0.032, t3;dur=0.000, tc1;dur=57500, tc2;dur=2250, tc3;dur=20
expires: Fri, 23 Feb 2024 07:50:12 GMT

GET
H2 200 app.bundle.min.css
quorum.bitrix24.ru/bitrix/js/crm/site/form/dist/ 73 KB
17 KB 69ms
60ms Stylesheet
text/css 89.208.228.119
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://quorum.bitrix24.ru/bitrix/js/crm/site/form/dist/app.bundle.min.css?19746

Requested by

Host: cdn-ru.bitrix24.ru
URL: https://cdn-ru.bitrix24.ru/b18375906/crm/form/app.js?19746

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.208.228.119 Reutov, Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

119.mcs.mail.ru

Software

nginx /

Resource Hash

cd74de52cd96084b2a233076552524931f425db6c0ef4412c6f66a9f95642ec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 07:50:13 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
last-modified: Fri, 14 Jul 2023 15:02:40 GMT
server: nginx
content-encoding: gzip
etag: W/"64b16390-124a6"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-bitrix-lb: mail-lb-02
server-timing: t1;dur=0.002, t2;dur=, t3;dur=, tc1;dur=57625, tc2;dur=2500, tc3;dur=24
x-bitrix-ri: 5e0b559d51a4542f20256583ab28f664
expires: Wed, 21 Feb 2024 23:36:43 GMT

GET
H2 200 app.bundle.min.js Show response
quorum.bitrix24.ru/bitrix/js/crm/site/form/dist/ 308 KB
101 KB 123ms
115ms Script
application/x-javascript 89.208.228.119
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://quorum.bitrix24.ru/bitrix/js/crm/site/form/dist/app.bundle.min.js?19746

Requested by

Host: cdn-ru.bitrix24.ru
URL: https://cdn-ru.bitrix24.ru/b18375906/crm/form/app.js?19746

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.208.228.119 Reutov, Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

119.mcs.mail.ru

Software

nginx /

Resource Hash

887580c56328c00b6578f7423ceba0aad851bd662e1e4e3360dbb0b29168b03b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 07:50:13 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
last-modified: Tue, 31 Oct 2023 14:08:59 GMT
server: nginx
content-encoding: gzip
etag: W/"65410a7b-4d003"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: max-age=2592000
x-bitrix-lb: mail-lb-02
server-timing: t1;dur=0.004, t2;dur=, t3;dur=, tc1;dur=57625, tc2;dur=2500, tc3;dur=24
x-bitrix-ri: 62f2ae6fc2e4cf83a0c18260e4785a6a
expires: Thu, 22 Feb 2024 02:23:33 GMT

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 391ms
43ms Script
text/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: static.tildacdn.com
URL: https://static.tildacdn.com/js/tilda-video-processor-1.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

703cc28e737acb7f534f81cbb649d9e790cbb000bc38c67417b19a1f3e3998fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 07:50:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 24 Jan 2024 07:50:13 GMT

GET
H2 200 tilda-popup-1.1.min.css
static.tildacdn.com/css/ 2 KB
732 B 315ms
314ms Stylesheet
text/css 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tildacdn.com/css/tilda-popup-1.1.min.css
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: c9d323c102499633dfe64c95ba5e0043c070ffa04683f796fbb7c5b625ee72c7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc16
date: Wed, 24 Jan 2024 07:50:13 GMT
content-encoding: br
tserver: 7
last-modified: Mon, 27 Nov 2023 03:18:31 GMT
server: nginx
traceparent: 00-fa6622550e0e3d5b293dd90025764dd8-750a5c41bb272128-01
x-id-shield: am3-hw-edge-gc88
etag: W/"65640a87-961"
vary: Accept-Encoding
x-cached-since: 2024-01-12T11:25:34+00:00, 2024-01-14T09:54:40+00:00
content-type: text/css
x-id-fe: fr5-hw-edge-gc35
cache: HIT, HIT

GET
H2 200 tilda-slds-1.4.min.css
static.tildacdn.com/css/ 12 KB
2 KB 315ms
315ms Stylesheet
text/css 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tildacdn.com/css/tilda-slds-1.4.min.css
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 3c80f7772e0f3841b2ced1722523c2c1299a163dd880857c37b2f2852ccbd7a1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc60
date: Wed, 24 Jan 2024 07:50:13 GMT
content-encoding: br
tserver: 11
last-modified: Thu, 19 Oct 2023 12:57:59 GMT
server: nginx
traceparent: 00-f3ba05e6d2eaae4e3c2d6c301d528f88-b1e7d7070a5cf8d7-01
x-id-shield: am3-hw-edge-gc88
etag: W/"653127d7-2f82"
vary: Accept-Encoding
x-cached-since: 2023-10-19T12:58:52+00:00, 2023-12-05T12:18:38+00:00
content-type: text/css
x-id-fe: fr5-hw-edge-gc35
cache: HIT, HIT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/b31b88f2/www-widgetapi.vflset/ 216 KB
67 KB 20ms
20ms Script
text/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b31b88f2/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

sffe /

Resource Hash

c4d07513670eaa456a8c421f89b78eda11dcecbd5d49456a1e60774f3ef491c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3271
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68592
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:13:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Jan 2025 06:55:42 GMT

GET
H2 200 Rakov-fotor.jpg
thumb.tildacdn.com/tild6138-6362-4462-b135-396466613739/-/cover/100x100/center/center/-/format/webp/ 3 KB
3 KB 65ms
16ms Image
image/jpeg 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumb.tildacdn.com/tild6138-6362-4462-b135-396466613739/-/cover/100x100/center/center/-/format/webp/Rakov-fotor.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 07738d6fbfe218660d54d504731ead70709f9ffd750a4080abc7703aae70eb9c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 07:50:14 GMT
last-modified: Wed, 20 Dec 2023 14:16:44 GMT
server: nginx
etag: "6582f74c-a7a"
x-cached-since: 2024-01-23T23:42:37+00:00, 2024-01-24T07:20:43+00:00
content-type: image/jpeg
access-control-allow-origin: *
cache: HIT, HIT
x-tilda-server: 2
accept-ranges: bytes
content-length: 2682
x-node: m9-up-gc35, am4-up-gc95

GET
H3 200 _k8Cuy7jCqQ Show response
www.youtube.com/embed/ Frame AAAC 95 KB
40 KB 109ms
109ms Document
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/_k8Cuy7jCqQ?autoplay=1&loop=1&enablejsapi=1&playerapiid=featuredytplayer&controls=0&modestbranding=1&rel=0&showinfo=0&color=white&iv_load_policy=3&theme=light&wmode=transparent&origin=https://hrtransformation.online&playlist=_k8Cuy7jCqQ&mute=1

Requested by

Host: static.tildacdn.com
URL: https://static.tildacdn.com/js/tilda-video-processor-1.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e7e99da6d5f532514045ebfa401485bc0d68a1df21a60c709b21d8227fd9543d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hrtransformation.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 07:50:14 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Rakov-fotor.jpg
thumb.tildacdn.com/tild6138-6362-4462-b135-396466613739/-/cover/100x100/center/center/-/format/webp/ 3 KB
3 KB 15ms
15ms Image
image/jpeg 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumb.tildacdn.com/tild6138-6362-4462-b135-396466613739/-/cover/100x100/center/center/-/format/webp/Rakov-fotor.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 07738d6fbfe218660d54d504731ead70709f9ffd750a4080abc7703aae70eb9c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 07:50:14 GMT
last-modified: Wed, 20 Dec 2023 14:16:44 GMT
server: nginx
etag: "6582f74c-a7a"
x-cached-since: 2024-01-23T23:42:37+00:00, 2024-01-24T07:20:43+00:00
content-type: image/jpeg
access-control-allow-origin: *
cache: HIT, HIT
x-tilda-server: 2
accept-ranges: bytes
content-length: 2682
x-node: m9-up-gc35, am4-up-gc95

GET
H3 200 www-player.css
www.youtube.com/s/player/b31b88f2/ Frame AAAC 359 KB
46 KB 20ms
20ms Stylesheet
text/css 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b31b88f2/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_k8Cuy7jCqQ?autoplay=1&loop=1&enablejsapi=1&playerapiid=featuredytplayer&controls=0&modestbranding=1&rel=0&showinfo=0&color=white&iv_load_policy=3&theme=light&wmode=transparent&origin=https://hrtransformation.online&playlist=_k8Cuy7jCqQ&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

750b740cf3d6feb3e22d428027094fd0fc10899748f9616271b124cc1b7136d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/_k8Cuy7jCqQ?autoplay=1&loop=1&enablejsapi=1&playerapiid=featuredytplayer&controls=0&modestbranding=1&rel=0&showinfo=0&color=white&iv_load_policy=3&theme=light&wmode=transparent&origin=https://hrtransformation.online&playlist=_k8Cuy7jCqQ&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:41:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4108
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47496
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:13:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Jan 2025 06:41:46 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AAAC 15 KB
15 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 462198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AAAC 15 KB
15 KB 114ms
113ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:08:08 GMT
x-content-type-options: nosniff
age: 164526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jan 2025 10:08:08 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/b31b88f2/www-embed-player.vflset/ Frame AAAC 319 KB
95 KB 121ms
121ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b31b88f2/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ae564acdae2fc6ba5260123cbde9eaf28d1d2b18e47b6d063c956db466accfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/_k8Cuy7jCqQ?autoplay=1&loop=1&enablejsapi=1&playerapiid=featuredytplayer&controls=0&modestbranding=1&rel=0&showinfo=0&color=white&iv_load_policy=3&theme=light&wmode=transparent&origin=https://hrtransformation.online&playlist=_k8Cuy7jCqQ&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:06:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9807
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97378
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:13:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Jan 2025 05:06:47 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/b31b88f2/player_ias.vflset/nl_NL/ Frame AAAC 2 MB
770 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b31b88f2/player_ias.vflset/nl_NL/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

075bad3b13f9dd2be5c2429dd03d056a42814e897bfa1eddb9530edfc3d43bea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/_k8Cuy7jCqQ?autoplay=1&loop=1&enablejsapi=1&playerapiid=featuredytplayer&controls=0&modestbranding=1&rel=0&showinfo=0&color=white&iv_load_policy=3&theme=light&wmode=transparent&origin=https://hrtransformation.online&playlist=_k8Cuy7jCqQ&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:37:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29584
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788412
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:13:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 22 Jan 2025 23:37:10 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
84 KB 383ms
35ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P8R4Z30KVG

Requested by

Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9e2aea494333cf224e8538454c67474be4d77adc7eb90410b4b777b34ef37e6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 07:50:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86115
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 24 Jan 2024 07:50:15 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 213 KB
57 KB 123ms
81ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

74f6b2b975944800f1566e81aaed5cc5dcb7a7170eafd4cdd3e205f88f8e1f5f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 24 Jan 2024 07:50:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57021
x-xss-protection: 0
pragma: public
x-fb-debug: b/43F1+X7O3pNHJiEApu1UBeDJnvbtbKobh5IfRUobzOvmMNddSWDN6OTguJ5LHzhhZ/bcEwKDt5j0W01zWUCQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 204 KB
71 KB 534ms
116ms Script
application/javascript 77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

39a024ead02e1e7562777685bf017a583ca1e43b10ba860b1952609ba0e983f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 07:50:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Mon, 22 Jan 2024 14:13:04 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65ae77f0-11838"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71736
expires: Wed, 24 Jan 2024 08:50:15 GMT

GET
H2 200 tilda-stat-1.0.min.js Show response
static.tildacdn.com/js/ 9 KB
3 KB 323ms
323ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tildacdn.com/js/tilda-stat-1.0.min.js
Requested by: Host: hrtransformation.online
URL: https://hrtransformation.online/vidconfhr?utm_source=ivasam/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 0565de9b4919bf1cbc345d8218425e4951d97c7e8c36263bee72e2d72038c73f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc58
date: Wed, 24 Jan 2024 07:50:14 GMT
content-encoding: br
tserver: 13
last-modified: Wed, 07 Sep 2022 13:40:09 GMT
server: nginx
traceparent: 00-00f4b2af5298556dc8c1a658d51c2635-c5116054d0bb4be8-01
x-id-shield: am3-hw-edge-gc89
etag: W/"63189f39-2211"
vary: Accept-Encoding
x-cached-since: 2023-12-07T11:08:44+00:00, 2023-12-14T11:54:39+00:00
content-type: application/javascript; charset=utf-8
x-id-fe: fr5-hw-edge-gc35
cache: HIT, HIT

GET
H2 200 752246558829665 Show response
connect.facebook.net/signals/config/ 51 KB
11 KB 102ms
102ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/752246558829665?v=2.9.142&r=stable&domain=hrtransformation.online&hme=e82209ddce2f5ef9f00773b102465283e977acad712d554991b839c35823b905&ex_m=62%2C103%2C91%2C95%2C53%2C3%2C87%2C61%2C14%2C85%2C78%2C44%2C46%2C145%2C148%2C159%2C155%2C156%2C158%2C25%2C88%2C45%2C68%2C157%2C140%2C143%2C152%2C153%2C160%2C112%2C13%2C43%2C164%2C163%2C114%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C82%2C15%2C12%2C84%2C81%2C80%2C92%2C94%2C31%2C93%2C26%2C22%2C141%2C144%2C121%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C89%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C79%2C72%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C83%2C75%2C2%2C30%2C55%2C34%2C90%2C38%2C70%2C60%2C40%2C39%2C96%2C52%2C51%2C27%2C86%2C50%2C47%2C42%2C69%2C64%2C97

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8cc1b958ee4f6dc74b8e0785197512a5d4ffd3c1f9ba05a63876dd586f2743dc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 24 Jan 2024 07:50:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 4/bYlU3jxlJ9HS7nhZ1GqHtGMZWsAe1/1nuiNiUgOJTq9UCscwSzFH1eokx2M6KiqSiUbak92gKj5GIeaRM2VQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 348ms
17ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-P8R4Z30KVG&gtm=45je41m0v878487157&_p=1706082614688&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tag_exp=71847096&cid=1730858525.1706082615&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706082615&sct=1&seg=0&dl=https%3A%2F%2Fhrtransformation.online%2Fvidconfhr%3Futm_source%3Divasam%2F&dt=HR-%D0%A2%D0%A0%D0%90%D0%9D%D0%A1%D0%A4%D0%9E%D0%A0%D0%9C%D0%90%D0%A6%D0%98%D0%AF%202024&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3507
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P8R4Z30KVG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 07:50:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hrtransformation.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 316ms
20ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=752246558829665&ev=PageView&dl=https%3A%2F%2Fhrtransformation.online%2Fvidconfhr%3Futm_source%3Divasam%2F&rl=&if=false&ts=1706082615194&sw=1600&sh=1200&v=2.9.142&r=stable&a=pltilda&ec=0&o=4126&fbp=fb.1.1706082615193.2035582548&ler=empty&it=1706082615055&coo=false&exp=d3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 24 Jan 2024 07:50:15 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10258.JPQIIYzv2MYCA2u08xxuX0paM8AEOIFMjn0Lvr1QYXgrXZvo8ehRIjF5GD6h1-MG.lq20SvQavfK-6mX2Ur-Z4IgOVzc%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10258.UdtylPOmZ2wbMfID0ToT5KrDHsqOhULwJ6MLw6QIoU0FXiPx8Vl1GGm_-rMEI8eYdfvodHysqpl6odIihTxJGKQ_Cg8dPdaL5wCissXX7IG_HEceFKH1Egzb50UPxIvPJzE5nyPCOr...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10258.FvofcJN5kZabH_cBLNIuwxkLpFVnS6lNoz7J7PwvV7DRBxF-484D2a12JvAVCcPLF4AeEbEEK9G469gizio_bUhsnPXRVvw9WQTbLqmKan2om...

43 B
581 B

66ms
66ms

Image
image/gif

77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10258.FvofcJN5kZabH_cBLNIuwxkLpFVnS6lNoz7J7PwvV7DRBxF-484D2a12JvAVCcPLF4AeEbEEK9G469gizio_bUhsnPXRVvw9WQTbLqmKan2om3n7RTX8c35yP4SArMgGmh6vOHpsGVisd-a154aNsdMO6v5fLs6eWGtJTjhKpc-tU1i68_egBo-lPKREooogG1UsUWy9M2KQNCnTeHUGQw%2C%2C.F1_M2TWIMq-ZA9xseUhskJTRFMw%2C

Protocol

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 07:50:15 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10258.FvofcJN5kZabH_cBLNIuwxkLpFVnS6lNoz7J7PwvV7DRBxF-484D2a12JvAVCcPLF4AeEbEEK9G469gizio_bUhsnPXRVvw9WQTbLqmKan2om3n7RTX8c35yP4SArMgGmh6vOHpsGVisd-a154aNsdMO6v5fLs6eWGtJTjhKpc-tU1i68_egBo-lPKREooogG1UsUWy9M2KQNCnTeHUGQw%2C%2C.F1_M2TWIMq-ZA9xseUhskJTRFMw%2C
date: Wed, 24 Jan 2024 07:50:15 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
500 B 63ms
59ms Image
image/gif 77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 07:50:15 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 18 Jan 2024 16:14:38 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65a94e6e-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 24 Jan 2024 08:50:15 GMT

POST
H2 200 / Show response
stat.tildacdn.com/event/ 16 B
151 B 142ms
84ms XHR
application/json 193.3.17.198
TILDAPUBLISHING-RU-1

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.tildacdn.com/event/
Requested by: Host: static.tildacdn.com
URL: https://static.tildacdn.com/js/tilda-stat-1.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.3.17.198 , Russian Federation, ASN210753 (TILDAPUBLISHING-RU-1, RU),
Reverse DNS: 198-17.addr.tildacdn.net
Software: /
Resource Hash: fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

Referer: https://hrtransformation.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://hrtransformation.online
date: Wed, 24 Jan 2024 07:50:15 GMT
x-tilda-server: 11
content-type: application/json;charset=utf-8

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame AAAC
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

271ms
270ms

XHR
application/json

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e2a31ae681913baf41b860079bef9bf5ccfc632e994998bbb08353dad8bbe85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 07:50:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 24 Jan 2024 07:50:15 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ad_status.js
static.doubleclick.net/instream/ Frame AAAC 0
0

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 390ms
28ms Preflight
text/html 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 24 Jan 2024 07:50:16 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame AAAC 86 KB
40 KB 35ms
34ms XHR
application/json+protobuf 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b31b88f2/player_ias.vflset/nl_NL/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

ESF /

Resource Hash

64d99d0f26649d119c4209d732b521b4dd9ad8d7fed99a19c3afdea538f5da0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 24 Jan 2024 07:50:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40628
x-xss-protection: 0

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame AAAC 93 KB
32 KB 112ms
112ms XHR
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b31b88f2/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

9bc10c1544f622ee6757b77c7d601bf24a7e1967e52fdadee55a574f8ffa5b58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/_k8Cuy7jCqQ?autoplay=1&loop=1&enablejsapi=1&playerapiid=featuredytplayer&controls=0&modestbranding=1&rel=0&showinfo=0&color=white&iv_load_policy=3&theme=light&wmode=transparent&origin=https://hrtransformation.online&playlist=_k8Cuy7jCqQ&mute=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20240121.00.00
X-Goog-Visitor-Id: CgtLNzNCZWNONHRhQSi2gsOtBjIOCgJOTBIIEgQSAgsMICc%3D

Response headers

date: Wed, 24 Jan 2024 07:50:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32780
x-xss-protection: 0
expires: Wed, 24 Jan 2024 07:50:15 GMT

GET
H2 200 UyQhPWNsNa0oRkd8oSQlA6PkpWpORMW0CLBRczdusu0.js Show response
www.google.com/js/th/ Frame AAAC 51 KB
20 KB 1983ms
20ms Script
text/javascript 2a00:1450:4001:810::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/UyQhPWNsNa0oRkd8oSQlA6PkpWpORMW0CLBRczdusu0.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b31b88f2/player_ias.vflset/nl_NL/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5324213d636c35ad2846477ca1242503a3e4a56a4e44c5b408b05173376eb2ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:27:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19723
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Jan 2025 23:27:33 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/b31b88f2/player_ias.vflset/nl_NL/ Frame AAAC 53 KB
16 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b31b88f2/player_ias.vflset/nl_NL/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b31b88f2/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f30e308162bb438a67752d540e053157f5691ed9affcceac897025bf8c45265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/_k8Cuy7jCqQ?autoplay=1&loop=1&enablejsapi=1&playerapiid=featuredytplayer&controls=0&modestbranding=1&rel=0&showinfo=0&color=white&iv_load_policy=3&theme=light&wmode=transparent&origin=https://hrtransformation.online&playlist=_k8Cuy7jCqQ&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:35:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29680
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16790
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:13:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 22 Jan 2025 23:35:35 GMT

GET
DATA 200
OK truncated
/ Frame AAAC 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 zY7pGSxi4msjdEBiag5c-ij0zeN4jeIFHgLJ90BviNPLQ8_ov5lRj7YDaJmRGq-AFynDid_iV48=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame AAAC 891 B
1 KB 369ms
21ms Image
image/jpeg 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/zY7pGSxi4msjdEBiag5c-ij0zeN4jeIFHgLJ90BviNPLQ8_ov5lRj7YDaJmRGq-AFynDid_iV48=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

fife /

Resource Hash

f61c4b1aa9e5d9de1051f3e90c19baf90eae6499ae25d378d79f3284db4095e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 04:00:00 GMT
x-content-type-options: nosniff
age: 13816
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 891
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 25 Jan 2024 04:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/71447122/
Redirect Chain

https://mc.yandex.com/watch/71447122?wmode=7&page-url=https%3A%2F%2Fhrtransformation.online%2Fvidconfhr%3Futm_source%3Divasam%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632...
https://mc.yandex.com/watch/71447122/1?wmode=7&page-url=https%3A%2F%2Fhrtransformation.online%2Fvidconfhr%3Futm_source%3Divasam%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk6...

447 B
539 B

62ms
61ms

Fetch
application/json

77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/71447122/1?wmode=7&page-url=https%3A%2F%2Fhrtransformation.online%2Fvidconfhr%3Futm_source%3Divasam%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A1120197847364%3Ahid%3A60078022%3Az%3A60%3Ai%3A20240124085015%3Aet%3A1706082615%3Ac%3A1%3Arn%3A788979828%3Arqn%3A1%3Au%3A1706082615996764073%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C35%2C65%2C1%2C346%2C0%2C%2C603%2C4%2C2346%2C2346%2C2%2C1668%3Aco%3A0%3Acpf%3A1%3Ans%3A1706082611639%3Agi%3AR0ExLjEuMTczMDg1ODUyNS4xNzA2MDgyNjE1%3Afp%3A2241%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706082616%3At%3AHR-%D0%A2%D0%A0%D0%90%D0%9D%D0%A1%D0%A4%D0%9E%D0%A0%D0%9C%D0%90%D0%A6%D0%98%D0%AF%202024&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Protocol

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

f9df666292a24cac2cad6bab23370969c527f65466189658cb159b5706b5870e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hrtransformation.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 07:50:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 24-Jan-2024 07:50:15 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hrtransformation.online
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Wed, 24-Jan-2024 07:50:15 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Jan 2024 07:50:15 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 24-Jan-2024 07:50:15 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/71447122/1?wmode=7&page-url=https%3A%2F%2Fhrtransformation.online%2Fvidconfhr%3Futm_source%3Divasam%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A1120197847364%3Ahid%3A60078022%3Az%3A60%3Ai%3A20240124085015%3Aet%3A1706082615%3Ac%3A1%3Arn%3A788979828%3Arqn%3A1%3Au%3A1706082615996764073%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C35%2C65%2C1%2C346%2C0%2C%2C603%2C4%2C2346%2C2346%2C2%2C1668%3Aco%3A0%3Acpf%3A1%3Ans%3A1706082611639%3Agi%3AR0ExLjEuMTczMDg1ODUyNS4xNzA2MDgyNjE1%3Afp%3A2241%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706082616%3At%3AHR-%D0%A2%D0%A0%D0%90%D0%9D%D0%A1%D0%A4%D0%9E%D0%A0%D0%9C%D0%90%D0%A6%D0%98%D0%AF%202024&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin: https://hrtransformation.online
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 24-Jan-2024 07:50:15 GMT

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame AAAC 0
20 B 32ms
32ms XHR
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=399&cpn=N31_DJ3jD96Zs3CP&el=embedded&ns=yt&fexp=v1%2C23858057%2C125239%2C21348%2C2602%2C73492%2C54572%2C73455%2C153828%2C23135%2C53633%2C84737%2C35229%2C1089%2C6271%2C26439494%2C4054%2C1930%2C5181%2C9369%2C1556%2C1141%2C8128%2C11466%2C125%2C4558%2C2305%2C7649%2C2008%2C9433%2C1234%2C1349%2C9190%2C3001%2C1473%2C1598%2C24%2C3436%2C1795%2C113%2C2&cl=600325040&seq=1&docid=_k8Cuy7jCqQ&ei=N8GwZb2cKIyo1wLBlZ-QDA&event=streamingstats&plid=AAYPrFBEGOyL4Dic&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F_k8Cuy7jCqQ%3Fautoplay%3D1%26loop%3D1%26enablejsapi%3D1%26playerapiid%3Dfeaturedytplayer%26controls%3D0%26modestbranding%3D1%26rel%3D0%26showinfo%3D0%26color%3Dwhite%26iv_load_policy%3D3%26theme%3Dlight%26wmode%3Dtransparent%26origin%3Dhttps%3A%2F%2Fhrtransformation.online%26playlist%3D_k8Cuy7jCqQ%26mute%3D1&qclc=ChBOMzFfREozakQ5NlpzM0NQEAE&embargoed=0&cbr=Chrome&cbrver=120.0.6099.224&c=WEB_EMBEDDED_PLAYER&cver=1.20240121.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.005:B,0.203:B,0.203:B&cat=streaming&cmt=0.005:0.000,0.203:0.000&vfs=0.203:399:399::r&view=0.203:2165:1218&bwe=0.203:130000&bat=0.203:1:1&vis=0.203:0&bh=0.203:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b31b88f2/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/_k8Cuy7jCqQ?autoplay=1&loop=1&enablejsapi=1&playerapiid=featuredytplayer&controls=0&modestbranding=1&rel=0&showinfo=0&color=white&iv_load_policy=3&theme=light&wmode=transparent&origin=https://hrtransformation.online&playlist=_k8Cuy7jCqQ&mute=1
X-YouTube-Client-Version: 1.20240121.00.00
X-YouTube-Time-Zone: Europe/Amsterdam
X-Goog-Visitor-Id: CgtLNzNCZWNONHRhQSi2gsOtBjIOCgJOTBIIEgQSAgsMICc%3D
X-YouTube-Ad-Signals: dt=1706082615580&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2165%2C1218&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 07:50:15 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK videoplayback Show response
rr4---sn-5hneknek.googlevideo.com/ Frame AAAC 119 KB
120 KB 90ms
15ms Fetch
application/vnd.yt-ump 2a00:1450:400e:16::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-5hneknek.googlevideo.com/videoplayback?expire=1706104215&ei=N8GwZb2cKIyo1wLBlZ-QDA&ip=2001%3A1af8%3A4020%3Aa034%3A9876%3A%3A11&id=o-AD_PWRN3G6cjv9bVTb1GpQmiZeQSrxjHt6ZEgESjIpNr&itag=399&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278%2C298%2C299%2C302%2C303%2C308%2C315%2C394%2C395%2C396%2C397%2C398%2C399%2C400%2C401&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fx&mm=31%2C29&mn=sn-5hneknek%2Csn-5hne6nzk&ms=au%2Crdu&mv=u&mvi=4&pl=43&spc=UWF9f9rvo3l8S2Ye2Tr3o3rQWTplLbRJ0JKyL3BPNRpgLyY&vprv=1&svpuc=1&mime=video%2Fmp4&ns=8CP95in4fcoFiWX1_cHlzpYQ&gir=yes&clen=315110262&dur=7199.999&lmt=1697000216482592&mt=1706081692&fvip=5&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5537434&n=68heNwTNM4K9oQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhAPR9AEh91sZrNxqY2a6610gNDtdup2kh_0o8RDgFHRhxAiB4xgqCnEuYgHQwZ5Swg2b7t9vELYkdOIGF1ImDXdUyQQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AAO5W4owRgIhAJzMb6ol4Kkc39hmkncaFYukf4UIljT5AQii7EtP0BlwAiEAuMayLdUaMqZElSxYjbX6VTRcoyQO_grnCb9JQkL9iz4%3D&alr=yes&cpn=N31_DJ3jD96Zs3CP&cver=1.20240121.00.00&range=0-121685&rn=1&rbuf=0&pot=IjrUztTNsX4V-ZepoIKatJqNjpmagZqGhqaFnb38s72bupaknYGXqZ6BgIydh5GphZ2VqaeDnY236-eK&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b31b88f2/player_ias.vflset/nl_NL/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:16::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5d651dfc274b74cf12563a1a46b7dd5437c375eaeba81061474edc69c303620a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 07:50:15 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Last-Modified: Wed, 11 Oct 2023 04:56:56 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/vnd.yt-ump
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Expires: Wed, 24 Jan 2024 07:50:15 GMT

POST
H/1.1 200
OK videoplayback Show response
rr4---sn-5hneknek.googlevideo.com/ Frame AAAC 77 KB
78 KB 422ms
136ms Fetch
application/vnd.yt-ump 2a00:1450:400e:16::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-5hneknek.googlevideo.com/videoplayback?expire=1706104215&ei=N8GwZb2cKIyo1wLBlZ-QDA&ip=2001%3A1af8%3A4020%3Aa034%3A9876%3A%3A11&id=o-AD_PWRN3G6cjv9bVTb1GpQmiZeQSrxjHt6ZEgESjIpNr&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fx&mm=31%2C29&mn=sn-5hneknek%2Csn-5hne6nzk&ms=au%2Crdu&mv=u&mvi=4&pl=43&spc=UWF9f9rvo3l8S2Ye2Tr3o3rQWTplLbRJ0JKyL3BPNRpgLyY&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=8CP95in4fcoFiWX1_cHlzpYQ&gir=yes&clen=63223981&dur=7200.021&lmt=1696945224218648&mt=1706081692&fvip=5&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5532434&n=68heNwTNM4K9oQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIgH9G81-dRAOekortZxqEvHD35G-VIO487djA8GDeeq60CIQDo665UFCrCYRzTlksb_TwZ2c8O7BPDTRDDEaIsZ1JUWg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AAO5W4owRgIhAJzMb6ol4Kkc39hmkncaFYukf4UIljT5AQii7EtP0BlwAiEAuMayLdUaMqZElSxYjbX6VTRcoyQO_grnCb9JQkL9iz4%3D&alr=yes&cpn=N31_DJ3jD96Zs3CP&cver=1.20240121.00.00&range=0-78578&rn=2&rbuf=0&pot=IjrY2tjZvWoZ7Zu9rJaWoJaZgo2WlZaSirKJibHov6mXrpqwkZWbvZKVjJiRk529iYmZvauXkZm7_-ue&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b31b88f2/player_ias.vflset/nl_NL/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:16::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

7df6a76531243b4aa3daaeac8d4e2a69925cbb069d32019f76ce22c783bafe48

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 07:50:16 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Last-Modified: Tue, 10 Oct 2023 13:40:24 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/vnd.yt-ump
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Expires: Wed, 24 Jan 2024 07:50:16 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/b31b88f2/player_ias.vflset/nl_NL/ Frame AAAC 33 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b31b88f2/player_ias.vflset/nl_NL/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b31b88f2/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

849df278b22f48e87af44281468cc149aa1b4efc2f2c39075b8f00ac2e7ac55e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/_k8Cuy7jCqQ?autoplay=1&loop=1&enablejsapi=1&playerapiid=featuredytplayer&controls=0&modestbranding=1&rel=0&showinfo=0&color=white&iv_load_policy=3&theme=light&wmode=transparent&origin=https://hrtransformation.online&playlist=_k8Cuy7jCqQ&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:44:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29167
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8382
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:13:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 22 Jan 2025 23:44:08 GMT

GET
H3 200 annotations_module.js Show response
www.youtube.com/s/player/b31b88f2/player_ias.vflset/nl_NL/ Frame AAAC 69 KB
19 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b31b88f2/player_ias.vflset/nl_NL/annotations_module.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b31b88f2/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52d9e5d233f544859741eecce0a7839f062b6fb25ed6f5275c0ffe252c48ec2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/_k8Cuy7jCqQ?autoplay=1&loop=1&enablejsapi=1&playerapiid=featuredytplayer&controls=0&modestbranding=1&rel=0&showinfo=0&color=white&iv_load_policy=3&theme=light&wmode=transparent&origin=https://hrtransformation.online&playlist=_k8Cuy7jCqQ&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:24:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18945
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:13:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 22 Jan 2025 23:24:50 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame AAAC 42 KB
7 KB 323ms
323ms XHR
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b31b88f2/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

36d360cb67fe3466169fc5c783a7ead5dd8877932f69d41df195a5000e65ef8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/_k8Cuy7jCqQ?autoplay=1&loop=1&enablejsapi=1&playerapiid=featuredytplayer&controls=0&modestbranding=1&rel=0&showinfo=0&color=white&iv_load_policy=3&theme=light&wmode=transparent&origin=https://hrtransformation.online&playlist=_k8Cuy7jCqQ&mute=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20240121.00.00
X-Goog-Visitor-Id: CgtLNzNCZWNONHRhQSi2gsOtBjIOCgJOTBIIEgQSAgsMICc%3D

Response headers

date: Wed, 24 Jan 2024 07:50:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7254
x-xss-protection: 0
expires: Wed, 24 Jan 2024 07:50:16 GMT

GET
DATA 200
OK truncated
/ Frame AAAC 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b79ec3853e32493190ce5cc7545de7c741f0960f5f6b7bc4dd6e155a8b67144a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 zY7pGSxi4msjdEBiag5c-ij0zeN4jeIFHgLJ90BviNPLQ8_ov5lRj7YDaJmRGq-AFynDid_iV48=s400-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame AAAC 8 KB
8 KB 122ms
22ms Image
image/jpeg 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/zY7pGSxi4msjdEBiag5c-ij0zeN4jeIFHgLJ90BviNPLQ8_ov5lRj7YDaJmRGq-AFynDid_iV48=s400-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

fife /

Resource Hash

77ed57213f0188670650be077e622177c3f8a75a8410715cdcb6654f51a0da5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:55:18 GMT
x-content-type-options: nosniff
age: 3298
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8563
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 25 Jan 2024 06:55:18 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/IusZccJMF5k/ Frame AAAC 51 KB
51 KB 1288ms
20ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/IusZccJMF5k/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGDUgEyh_MA8=&rs=AOn4CLDevTp0TGGZFHuRuRghtohC0LeZwQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65aa652217d64a0885e50df66339c3004417425f7fc36ca524c6f4ef297c2d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 07:36:22 GMT
x-content-type-options: nosniff
age: 835
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51862
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 24 Jan 2024 09:36:22 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame AAAC 94 B
138 B 32ms
32ms XHR
application/json+protobuf 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b31b88f2/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

766df140aaefd53b5535ed1aad56270c7c5e1c6f1bf0e0b3fef4276d79a849d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 24 Jan 2024 07:50:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 28ms
28ms Preflight
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 24 Jan 2024 07:50:16 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame AAAC 28 B
54 B 35ms
34ms XHR
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b31b88f2/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
X-Goog-Request-Time: 1706082616316
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/_k8Cuy7jCqQ?autoplay=1&loop=1&enablejsapi=1&playerapiid=featuredytplayer&controls=0&modestbranding=1&rel=0&showinfo=0&color=white&iv_load_policy=3&theme=light&wmode=transparent&origin=https://hrtransformation.online&playlist=_k8Cuy7jCqQ&mute=1
X-YouTube-Client-Version: 1.20240121.00.00
X-YouTube-Time-Zone: Europe/Amsterdam
X-Goog-Visitor-Id: CgtLNzNCZWNONHRhQSi2gsOtBjIOCgJOTBIIEgQSAgsMICc%3D
X-YouTube-Ad-Signals: dt=1706082614504&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2165%2C1218&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 24 Jan 2024 07:50:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Wed, 24 Jan 2024 07:50:16 GMT

GET
H2 200 zY7pGSxi4msjdEBiag5c-ij0zeN4jeIFHgLJ90BviNPLQ8_ov5lRj7YDaJmRGq-AFynDid_iV48=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame AAAC 1 KB
1 KB 20ms
20ms Image
image/jpeg 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/zY7pGSxi4msjdEBiag5c-ij0zeN4jeIFHgLJ90BviNPLQ8_ov5lRj7YDaJmRGq-AFynDid_iV48=s88-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

fife /

Resource Hash

ad8df9a1f7874fceea58ca855e43d6d3f9673c3144017bd1c8b4544b76cd54a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 04:21:57 GMT
x-content-type-options: nosniff
age: 12499
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1061
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 25 Jan 2024 04:21:57 GMT

GET
H3 204 playback Show response
www.youtube.com/api/stats/ Frame AAAC 0
18 B 29ms
28ms XHR
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=N31_DJ3jD96Zs3CP&ver=2&cmt=0.019&fmt=399&fs=0&rt=0.786&euri=https%3A%2F%2Fhrtransformation.online%2F&lact=808&cl=600325040&mos=1&volume=0&cbr=Chrome&cbrver=120.0.6099.224&c=WEB_EMBEDDED_PLAYER&cver=1.20240121.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&splay=1&delay=4&hl=nl_NL&cr=NL&len=7200.021&fexp=v1%2C23858057%2C125239%2C21348%2C2602%2C73492%2C54572%2C73455%2C153828%2C23135%2C53633%2C84737%2C35229%2C1089%2C6271%2C26439494%2C4054%2C1930%2C5181%2C9369%2C1556%2C1141%2C8128%2C11466%2C125%2C4558%2C2305%2C7649%2C2008%2C9433%2C1234%2C1349%2C9190%2C3001%2C1473%2C1598%2C24%2C3436%2C1795%2C113%2C2&rtn=3&afmt=251&size=2165%3A1218&inview=0&muted=1&docid=_k8Cuy7jCqQ&ei=N8GwZb2cKIyo1wLBlZ-QDA&plid=AAYPrFBEGOyL4Dic&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F_k8Cuy7jCqQ%3Fautoplay%3D1%26loop%3D1%26enablejsapi%3D1%26playerapiid%3Dfeaturedytplayer%26controls%3D0%26modestbranding%3D1%26rel%3D0%26showinfo%3D0%26color%3Dwhite%26iv_load_policy%3D3%26theme%3Dlight%26wmode%3Dtransparent%26origin%3Dhttps%3A%2F%2Fhrtransformation.online%26playlist%3D_k8Cuy7jCqQ%26mute%3D1&list=TLGG16ari5G9umkyNDAxMjAyNA&of=kYBM_T8IaV2wlreX4Kc2sg&vm=CAEQARgEOjJBSHFpSlRKcW5WcUg2MEczSWhBMzRKdVNRdUpuNV9vYjFFRTNUS2JGaERjUFBwaTRud2JsQVBta0tES3BuZTJMQ3J0RU5hVFptNWZUMmVBaTRyTzFld1plcGFTakhtSWQ5TFQzVXZOM2ZiRTZxbVhZTktkUWdlbTZkcVpJUGpfektPcF80azA0WXNzRVlTTXp3aXQ0SFE3YWJyVmdzSEJTaAI

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b31b88f2/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/_k8Cuy7jCqQ?autoplay=1&loop=1&enablejsapi=1&playerapiid=featuredytplayer&controls=0&modestbranding=1&rel=0&showinfo=0&color=white&iv_load_policy=3&theme=light&wmode=transparent&origin=https://hrtransformation.online&playlist=_k8Cuy7jCqQ&mute=1
X-YouTube-Client-Version: 1.20240121.00.00
X-YouTube-Time-Zone: Europe/Amsterdam
X-Goog-Visitor-Id: CgtLNzNCZWNONHRhQSi2gsOtBjIOCgJOTBIIEgQSAgsMICc%3D
X-YouTube-Ad-Signals: dt=1706082615580&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2165%2C1218&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 07:50:16 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking Show response
www.youtube.com/ Frame AAAC 0
20 B 28ms
28ms XHR
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=_k8Cuy7jCqQ&cpn=N31_DJ3jD96Zs3CP&ei=N8GwZb2cKIyo1wLBlZ-QDA&ptk=youtube_single&oid=oVEvdGhaWWK0dqR1IxzUbw&ptchn=teBfnq0IzcCsi8SKHOQCog&pltype=content

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b31b88f2/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/_k8Cuy7jCqQ?autoplay=1&loop=1&enablejsapi=1&playerapiid=featuredytplayer&controls=0&modestbranding=1&rel=0&showinfo=0&color=white&iv_load_policy=3&theme=light&wmode=transparent&origin=https://hrtransformation.online&playlist=_k8Cuy7jCqQ&mute=1
X-YouTube-Client-Version: 1.20240121.00.00
X-YouTube-Time-Zone: Europe/Amsterdam
X-Goog-Visitor-Id: CgtLNzNCZWNONHRhQSi2gsOtBjIOCgJOTBIIEgQSAgsMICc%3D
X-YouTube-Ad-Signals: dt=1706082615580&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2165%2C1218&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 07:50:16 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 videoplayback Show response
rr4---sn-5hneknek.googlevideo.com/ Frame AAAC 103 KB
103 KB 30ms
14ms Fetch
application/vnd.yt-ump 2a00:1450:400e:16::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-5hneknek.googlevideo.com/videoplayback?expire=1706104215&ei=N8GwZb2cKIyo1wLBlZ-QDA&ip=2001%3A1af8%3A4020%3Aa034%3A9876%3A%3A11&id=o-AD_PWRN3G6cjv9bVTb1GpQmiZeQSrxjHt6ZEgESjIpNr&itag=399&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278%2C298%2C299%2C302%2C303%2C308%2C315%2C394%2C395%2C396%2C397%2C398%2C399%2C400%2C401&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fx&mm=31%2C29&mn=sn-5hneknek%2Csn-5hne6nzk&ms=au%2Crdu&mv=u&mvi=4&pl=43&spc=UWF9f9rvo3l8S2Ye2Tr3o3rQWTplLbRJ0JKyL3BPNRpgLyY&vprv=1&svpuc=1&mime=video%2Fmp4&ns=8CP95in4fcoFiWX1_cHlzpYQ&gir=yes&clen=315110262&dur=7199.999&lmt=1697000216482592&mt=1706081692&fvip=5&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5537434&n=68heNwTNM4K9oQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhAPR9AEh91sZrNxqY2a6610gNDtdup2kh_0o8RDgFHRhxAiB4xgqCnEuYgHQwZ5Swg2b7t9vELYkdOIGF1ImDXdUyQQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AAO5W4owRgIhAJzMb6ol4Kkc39hmkncaFYukf4UIljT5AQii7EtP0BlwAiEAuMayLdUaMqZElSxYjbX6VTRcoyQO_grnCb9JQkL9iz4%3D&alr=yes&cpn=N31_DJ3jD96Zs3CP&cver=1.20240121.00.00&range=121686-227315&rn=3&rbuf=2397&pot=MnoEQXQL5-ezEgR9BSI8C8vhaRnyCxWpxo_SS0H91APlZvY7Or__-agnD26zWwqtGh6VlQVXnd6EqfbO28T2F2hiOtlHU8fFLS-YuVTF2TX2eV5pPMaoaPEV095DIY-1eQQpyAN6k4_a5zulDycSS_FtbPQ8FMxaFZM7ow==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b31b88f2/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:16::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

ee32fa456e509e53e0f8d962844db8f0890e8dc7e1db724882a4b555842a6182

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 24 Jan 2024 07:50:16 GMT
date: Wed, 24 Jan 2024 07:50:16 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
last-modified: Wed, 11 Oct 2023 04:56:56 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

POST
H3 200 videoplayback Show response
rr4---sn-5hneknek.googlevideo.com/ Frame AAAC 248 KB
248 KB 161ms
160ms Fetch
application/vnd.yt-ump 2a00:1450:400e:16::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-5hneknek.googlevideo.com/videoplayback?expire=1706104215&ei=N8GwZb2cKIyo1wLBlZ-QDA&ip=2001%3A1af8%3A4020%3Aa034%3A9876%3A%3A11&id=o-AD_PWRN3G6cjv9bVTb1GpQmiZeQSrxjHt6ZEgESjIpNr&itag=399&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278%2C298%2C299%2C302%2C303%2C308%2C315%2C394%2C395%2C396%2C397%2C398%2C399%2C400%2C401&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fx&mm=31%2C29&mn=sn-5hneknek%2Csn-5hne6nzk&ms=au%2Crdu&mv=u&mvi=4&pl=43&spc=UWF9f9rvo3l8S2Ye2Tr3o3rQWTplLbRJ0JKyL3BPNRpgLyY&vprv=1&svpuc=1&mime=video%2Fmp4&ns=8CP95in4fcoFiWX1_cHlzpYQ&gir=yes&clen=315110262&dur=7199.999&lmt=1697000216482592&mt=1706081692&fvip=5&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5537434&n=68heNwTNM4K9oQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhAPR9AEh91sZrNxqY2a6610gNDtdup2kh_0o8RDgFHRhxAiB4xgqCnEuYgHQwZ5Swg2b7t9vELYkdOIGF1ImDXdUyQQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AAO5W4owRgIhAJzMb6ol4Kkc39hmkncaFYukf4UIljT5AQii7EtP0BlwAiEAuMayLdUaMqZElSxYjbX6VTRcoyQO_grnCb9JQkL9iz4%3D&alr=yes&cpn=N31_DJ3jD96Zs3CP&cver=1.20240121.00.00&range=227316-480993&rn=4&rbuf=4803&pot=MnoEQXQL5-ezEgR9BSI8C8vhaRnyCxWpxo_SS0H91APlZvY7Or__-agnD26zWwqtGh6VlQVXnd6EqfbO28T2F2hiOtlHU8fFLS-YuVTF2TX2eV5pPMaoaPEV095DIY-1eQQpyAN6k4_a5zulDycSS_FtbPQ8FMxaFZM7ow==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b31b88f2/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:16::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

13756ee3f96ec2cb44f91c79b6862dce64b3ab9dfaf747669b678f45b11f1b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 24 Jan 2024 07:50:16 GMT
date: Wed, 24 Jan 2024 07:50:16 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
last-modified: Wed, 11 Oct 2023 04:56:56 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

POST
H3 200 videoplayback Show response
rr4---sn-5hneknek.googlevideo.com/ Frame AAAC 68 KB
68 KB 14ms
14ms Fetch
application/vnd.yt-ump 2a00:1450:400e:16::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-5hneknek.googlevideo.com/videoplayback?expire=1706104215&ei=N8GwZb2cKIyo1wLBlZ-QDA&ip=2001%3A1af8%3A4020%3Aa034%3A9876%3A%3A11&id=o-AD_PWRN3G6cjv9bVTb1GpQmiZeQSrxjHt6ZEgESjIpNr&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fx&mm=31%2C29&mn=sn-5hneknek%2Csn-5hne6nzk&ms=au%2Crdu&mv=u&mvi=4&pl=43&spc=UWF9f9rvo3l8S2Ye2Tr3o3rQWTplLbRJ0JKyL3BPNRpgLyY&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=8CP95in4fcoFiWX1_cHlzpYQ&gir=yes&clen=63223981&dur=7200.021&lmt=1696945224218648&mt=1706081692&fvip=5&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5532434&n=68heNwTNM4K9oQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIgH9G81-dRAOekortZxqEvHD35G-VIO487djA8GDeeq60CIQDo665UFCrCYRzTlksb_TwZ2c8O7BPDTRDDEaIsZ1JUWg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AAO5W4owRgIhAJzMb6ol4Kkc39hmkncaFYukf4UIljT5AQii7EtP0BlwAiEAuMayLdUaMqZElSxYjbX6VTRcoyQO_grnCb9JQkL9iz4%3D&alr=yes&cpn=N31_DJ3jD96Zs3CP&cver=1.20240121.00.00&range=78579-148617&rn=5&rbuf=6962&pot=MnoEQXQL5-ezEgR9BSI8C8vhaRnyCxWpxo_SS0H91APlZvY7Or__-agnD26zWwqtGh6VlQVXnd6EqfbO28T2F2hiOtlHU8fFLS-YuVTF2TX2eV5pPMaoaPEV095DIY-1eQQpyAN6k4_a5zulDycSS_FtbPQ8FMxaFZM7ow==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b31b88f2/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:16::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

07e2e8c99259588f9017e2b1cd21c75ec9f2ee2413b0b132eb89324fe9758e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

client-protocol: quic
date: Wed, 24 Jan 2024 07:50:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Oct 2023 13:40:24 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21298
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires: Wed, 24 Jan 2024 07:50:17 GMT

POST
H3 200 videoplayback Show response
rr4---sn-5hneknek.googlevideo.com/ Frame AAAC 516 KB
516 KB 15ms
14ms Fetch
application/vnd.yt-ump 2a00:1450:400e:16::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-5hneknek.googlevideo.com/videoplayback?expire=1706104215&ei=N8GwZb2cKIyo1wLBlZ-QDA&ip=2001%3A1af8%3A4020%3Aa034%3A9876%3A%3A11&id=o-AD_PWRN3G6cjv9bVTb1GpQmiZeQSrxjHt6ZEgESjIpNr&itag=399&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278%2C298%2C299%2C302%2C303%2C308%2C315%2C394%2C395%2C396%2C397%2C398%2C399%2C400%2C401&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fx&mm=31%2C29&mn=sn-5hneknek%2Csn-5hne6nzk&ms=au%2Crdu&mv=u&mvi=4&pl=43&spc=UWF9f9rvo3l8S2Ye2Tr3o3rQWTplLbRJ0JKyL3BPNRpgLyY&vprv=1&svpuc=1&mime=video%2Fmp4&ns=8CP95in4fcoFiWX1_cHlzpYQ&gir=yes&clen=315110262&dur=7199.999&lmt=1697000216482592&mt=1706081692&fvip=5&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5537434&n=68heNwTNM4K9oQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhAPR9AEh91sZrNxqY2a6610gNDtdup2kh_0o8RDgFHRhxAiB4xgqCnEuYgHQwZ5Swg2b7t9vELYkdOIGF1ImDXdUyQQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AAO5W4owRgIhAJzMb6ol4Kkc39hmkncaFYukf4UIljT5AQii7EtP0BlwAiEAuMayLdUaMqZElSxYjbX6VTRcoyQO_grnCb9JQkL9iz4%3D&alr=yes&cpn=N31_DJ3jD96Zs3CP&cver=1.20240121.00.00&range=480994-1009732&rn=6&rbuf=10011&pot=MnoEQXQL5-ezEgR9BSI8C8vhaRnyCxWpxo_SS0H91APlZvY7Or__-agnD26zWwqtGh6VlQVXnd6EqfbO28T2F2hiOtlHU8fFLS-YuVTF2TX2eV5pPMaoaPEV095DIY-1eQQpyAN6k4_a5zulDycSS_FtbPQ8FMxaFZM7ow==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b31b88f2/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:16::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

3e72b8a0747ad0bbfee257c70a51fa3ede0fa59b2d119b90bf33a091690234b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 24 Jan 2024 07:50:17 GMT
date: Wed, 24 Jan 2024 07:50:17 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
last-modified: Wed, 11 Oct 2023 04:56:56 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21298
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame AAAC 28 B
54 B 31ms
30ms XHR
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b31b88f2/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
X-Goog-Request-Time: 1706082617656
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/_k8Cuy7jCqQ?autoplay=1&loop=1&enablejsapi=1&playerapiid=featuredytplayer&controls=0&modestbranding=1&rel=0&showinfo=0&color=white&iv_load_policy=3&theme=light&wmode=transparent&origin=https://hrtransformation.online&playlist=_k8Cuy7jCqQ&mute=1
X-YouTube-Client-Version: 1.20240121.00.00
X-YouTube-Time-Zone: Europe/Amsterdam
X-Goog-Visitor-Id: CgtLNzNCZWNONHRhQSi2gsOtBjIOCgJOTBIIEgQSAgsMICc%3D
X-YouTube-Ad-Signals: dt=1706082614504&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2165%2C1218&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 24 Jan 2024 07:50:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Wed, 24 Jan 2024 07:50:17 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame AAAC 0
11 B 20ms
19ms Image
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?2lgabA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/_k8Cuy7jCqQ?autoplay=1&loop=1&enablejsapi=1&playerapiid=featuredytplayer&controls=0&modestbranding=1&rel=0&showinfo=0&color=white&iv_load_policy=3&theme=light&wmode=transparent&origin=https://hrtransformation.online&playlist=_k8Cuy7jCqQ&mute=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/_k8Cuy7jCqQ?autoplay=1&loop=1&enablejsapi=1&playerapiid=featuredytplayer&controls=0&modestbranding=1&rel=0&showinfo=0&color=white&iv_load_policy=3&theme=light&wmode=transparent&origin=https://hrtransformation.online&playlist=_k8Cuy7jCqQ&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 07:50:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 71447122
mc.yandex.com/webvisor/ 43 B
0 240ms
180ms Fetch
image/gif 77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/71447122?wv-part=1&wv-type=7&wmode=0&wv-hit=60078022&page-url=https%3A%2F%2Fhrtransformation.online%2Fvidconfhr%3Futm_source%3Divasam%2F&rn=227785481&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1706082618%3Aw%3A1600x1200%3Av%3A1211%3Az%3A60%3Ai%3A20240124085018%3Au%3A1706082615996764073%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Ast%3A1706082618&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hrtransformation.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 07:50:18 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 24-Jan-2024 07:50:18 GMT
content-type: image/gif
access-control-allow-origin: https://hrtransformation.online
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 24-Jan-2024 07:50:18 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.doubleclick.net
URL: https://static.doubleclick.net/instream/ad_status.js

Verdicts & Comments Add Verdict or Comment

290 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hrtransformation.online/	1970-01-21 02:40:18	Name: __ddg1_ Value: 05OVJm9O53tZtTL4JoJY
hrtransformation.online/	1970-01-20 18:37:54	Name: TILDAUTM Value: utm_source%3Divasam%2F%7C%7C%7C
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: J9FDvti1HRc
.youtube.com/	1970-01-20 22:13:54	Name: VISITOR_INFO1_LIVE Value: K73BecN4taA
hrtransformation.online/	1970-01-20 20:04:18	Name: tildauid Value: 1706082615035.518068
hrtransformation.online/	1970-01-20 17:54:44	Name: tildasid Value: 1706082615035.510858
.hrtransformation.online/	1970-01-21 03:30:42	Name: _ga Value: GA1.1.1730858525.1706082615
.hrtransformation.online/	1970-01-20 20:04:18	Name: _fbp Value: fb.1.1706082615193.2035582548
.hrtransformation.online/	1970-01-21 02:40:18	Name: _ym_uid Value: 1706082615996764073
.hrtransformation.online/	1970-01-21 02:40:18	Name: _ym_d Value: 1706082615
.mc.yandex.com/	1970-01-20 17:54:43	Name: sync_cookie_csrf Value: 2999478206fake
.yandex.com/	1970-01-21 03:30:42	Name: i Value: my0j3qr3CQ1FJxnzILMoyVpSuWLOcNtIWWtsRCmlIUk+TYLmmyEy4sYFseUcLZPf1oS3qFXT3MBPZDy5ocV5gJuKRyg=
.yandex.com/	1970-01-21 02:40:18	Name: yandexuid Value: 1851081251706082615
.hrtransformation.online/	1970-01-20 17:55:54	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 17:54:43	Name: sync_cookie_csrf Value: 2617807798fake
.mc.yandex.com/	1970-01-20 17:56:09	Name: sync_cookie_ok Value: synced
hrtransformation.online/	1970-01-20 17:54:44	Name: previousUrl Value: hrtransformation.online%2Fvidconfhr
.yandex.ru/	1970-01-21 03:30:42	Name: yandexuid Value: 1851081251706082615
.yandex.ru/	1970-01-21 03:30:42	Name: yuidss Value: 1851081251706082615
.yandex.ru/	1970-01-21 03:30:42	Name: i Value: my0j3qr3CQ1FJxnzILMoyVpSuWLOcNtIWWtsRCmlIUk+TYLmmyEy4sYFseUcLZPf1oS3qFXT3MBPZDy5ocV5gJuKRyg=
.yandex.ru/	1970-01-21 03:30:42	Name: yp Value: 1706169015.yu.9863940091706082615
.yandex.ru/	1970-01-21 02:40:18	Name: ymex Value: 1708674615.oyu.9863940091706082615
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1478811571706082615
.yandex.com/	1970-01-21 02:40:18	Name: yuidss Value: 1851081251706082615
.yandex.com/	1970-01-21 02:40:18	Name: ymex Value: 1737618615.yrts.1706082615
.yandex.com/	1970-01-21 02:40:18	Name: bh Value: KgI/MA==
.hrtransformation.online/	1970-01-20 17:54:44	Name: _ym_visorc Value: w
.hrtransformation.online/	1970-01-21 03:30:42	Name: _ga_P8R4Z30KVG Value: GS1.1.1706082615.1.0.1706082616.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-ru.bitrix24.ru
colourgifts.ru
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hrtransformation.online
i.ytimg.com
jnn-pa.googleapis.com
mc.yandex.com
mc.yandex.ru
neo.tildacdn.com
quorum.bitrix24.ru
region1.google-analytics.com
rr4---sn-5hneknek.googlevideo.com
stat.tildacdn.com
static.doubleclick.net
static.tildacdn.com
thumb.tildacdn.com
ws.tildacdn.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.youtube.com
yt3.ggpht.com
static.doubleclick.net
142.250.181.225
142.250.181.238
142.250.184.200
142.250.185.106
162.55.188.142
178.248.236.28
185.215.4.21
193.3.17.198
216.239.32.36
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2004
2a00:1450:4001:813::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2016
2a00:1450:400e:16::9
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a03:90c0:41:2801::62
2a13:1ec0::1037
45.140.19.204
77.88.21.119
89.208.228.119
0565de9b4919bf1cbc345d8218425e4951d97c7e8c36263bee72e2d72038c73f
075bad3b13f9dd2be5c2429dd03d056a42814e897bfa1eddb9530edfc3d43bea
07738d6fbfe218660d54d504731ead70709f9ffd750a4080abc7703aae70eb9c
07a23b618075104849d8dc806499faf025761532347d5c244e488142de01e106
07e2e8c99259588f9017e2b1cd21c75ec9f2ee2413b0b132eb89324fe9758e1d
090a7068a2209545279f858c6f41ff7ae42815e11c3d69463a2a2ea835282bd9
094c52d6943f6c49049d4922ae91070587970c60c2153138b3fec9bf421d1811
0b5f664c528f466606c93195975f671fc46c3a9c10fee54426c2cd1cf89b1fec
13756ee3f96ec2cb44f91c79b6862dce64b3ab9dfaf747669b678f45b11f1b7e
1c3389b007dbe39487147e561d573a0e8aab252704bac55399201b5c4fb242e8
229651dc23f4221cd72c70a39ddcb22810efbe6a7267c37f4ab05890da19b232
2b991cb47d0d588ba705362a0caf6072c1044422c26c64093abc4f1ee3011c12
2fc0055d3d9a2cd7c1e8d752a03146d8b6c612495477f70ca8e996443a1510f4
36d360cb67fe3466169fc5c783a7ead5dd8877932f69d41df195a5000e65ef8a
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
381708a8765e29ee40e02788055e972af2c6ef241d76f69634a070ae0f7a6c65
39a024ead02e1e7562777685bf017a583ca1e43b10ba860b1952609ba0e983f5
3c80f7772e0f3841b2ced1722523c2c1299a163dd880857c37b2f2852ccbd7a1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e72b8a0747ad0bbfee257c70a51fa3ede0fa59b2d119b90bf33a091690234b6
46dd9e10128e270cf52b193592031da0e9e5e8efca95fff4f73c59239e93fe17
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
508f685ee14a44690c2776a9b949b65d4c04fd4b66bbc3e6307cff21cb6d35d8
52d9e5d233f544859741eecce0a7839f062b6fb25ed6f5275c0ffe252c48ec2b
5324213d636c35ad2846477ca1242503a3e4a56a4e44c5b408b05173376eb2ed
53c90328b96adc766375be39c10503c3b9a6cad5faa6687f5cebb3a4aa43b230
54193514faa4462ea838d5019990ad9af8609f559e5bcc55c49d521cd1fa1ebd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c6e7f3d20f72eea23155e1e5db832c9cd7cccd0f8dc9499b8c14d058336c71
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ad5171287c6d8cd3f604df3559129c28c5aaea6cc67ccdef3d0a509dbdd7a64
5d1f6a0c5f49cfeae147b675599153c5118aa2691ccb1c18939fb9035436cc8c
5d32d1af5d7b8ead42a2b4293802d946094f39737ff26b0de0605f29ab2c45c5
5d651dfc274b74cf12563a1a46b7dd5437c375eaeba81061474edc69c303620a
64d99d0f26649d119c4209d732b521b4dd9ad8d7fed99a19c3afdea538f5da0b
65aa652217d64a0885e50df66339c3004417425f7fc36ca524c6f4ef297c2d64
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
703cc28e737acb7f534f81cbb649d9e790cbb000bc38c67417b19a1f3e3998fa
74f6b2b975944800f1566e81aaed5cc5dcb7a7170eafd4cdd3e205f88f8e1f5f
750b740cf3d6feb3e22d428027094fd0fc10899748f9616271b124cc1b7136d4
766df140aaefd53b5535ed1aad56270c7c5e1c6f1bf0e0b3fef4276d79a849d6
77ed57213f0188670650be077e622177c3f8a75a8410715cdcb6654f51a0da5a
7945f0e6ce4fe91f895e882c2bc284582d76f0039e8190286ec39ecb0454767b
7df6a76531243b4aa3daaeac8d4e2a69925cbb069d32019f76ce22c783bafe48
7e2a31ae681913baf41b860079bef9bf5ccfc632e994998bbb08353dad8bbe85
849df278b22f48e87af44281468cc149aa1b4efc2f2c39075b8f00ac2e7ac55e
887580c56328c00b6578f7423ceba0aad851bd662e1e4e3360dbb0b29168b03b
8988145db084c2ded8e2cdd1d024e2ce532fb426d3f7af6d37b786f65c7e4946
8ae564acdae2fc6ba5260123cbde9eaf28d1d2b18e47b6d063c956db466accfa
8bc9f5beda20070941c2c8879359bdf639e6342bd5cf6bdd6b52c1f347bcd645
8cc1b958ee4f6dc74b8e0785197512a5d4ffd3c1f9ba05a63876dd586f2743dc
98cac47ffae4235743fa270ba71fd4b8eb58b61d98047ffa04f5262e69ef8a40
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9b1a1d57fa8848b400efff1cb094c38e8556d75bf1149e7b627334e01e411ab9
9bc10c1544f622ee6757b77c7d601bf24a7e1967e52fdadee55a574f8ffa5b58
9e2aea494333cf224e8538454c67474be4d77adc7eb90410b4b777b34ef37e6a
9f30e308162bb438a67752d540e053157f5691ed9affcceac897025bf8c45265
a50835418749a7f279b0acd48e91ea88c59245243fb81efb026cdad00b5abe3b
ad8df9a1f7874fceea58ca855e43d6d3f9673c3144017bd1c8b4544b76cd54a2
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b79ec3853e32493190ce5cc7545de7c741f0960f5f6b7bc4dd6e155a8b67144a
c0cbb06107c0056343c4e430ba3566e0980cf694c6907acaa4a390a416553651
c249c4e3606ec239bd2d92d81adfd54f486d497e8bb6524ab5a761bcf3e7d39d
c3e8937ab82cbc7ec75bb9438a40afa515b30dbecb1e3c8368b3052517eae1a4
c4d07513670eaa456a8c421f89b78eda11dcecbd5d49456a1e60774f3ef491c0
c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc
c9d323c102499633dfe64c95ba5e0043c070ffa04683f796fbb7c5b625ee72c7
cbe0e67a227c8e2eb4940831ff759d7a797f293e05bf9429dec014a0777b5ea3
cc28a4f445a1c48ca09edfce3dd5ad93db127e7c3f44de42a0865124df5269ae
cd74de52cd96084b2a233076552524931f425db6c0ef4412c6f66a9f95642ec2
cdf65e26b905a653bce60df182886b032b606940391badb1e3a655f434ca446c
d2f6b3337ee91155438902f9fa898c734484ca71aefd1664be72743272d31b0a
d586b2fb362b301b5911af38d7bfe0461ebe7242657956d704aa6f749a0b7bc5
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dac992d581fbf9fdca7ca5141b3f16218048ddac65fd85830e261af5d6eec5bb
e30be28d85f8db5566078029d843d227687fd73ccfd6757d37b69b2fc06bf48d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7e99da6d5f532514045ebfa401485bc0d68a1df21a60c709b21d8227fd9543d
ed0358ec0de70d5c738f95e541c2b990aab2d3d7c1e150306a60302eb74ca91e
ee32fa456e509e53e0f8d962844db8f0890e8dc7e1db724882a4b555842a6182
eec8d17cb3211645a235cbe01531669c06d60dfc20c4c7b9693a35121542f2a1
f23256aa84a75f56793a4fe61d69d32c0a60014fc19d9f87d0ebe341634694ce
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f61c4b1aa9e5d9de1051f3e90c19baf90eae6499ae25d378d79f3284db4095e1
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f9df666292a24cac2cad6bab23370969c527f65466189658cb159b5706b5870e
fac997a51ec427deebaf0d25efcf5e7b9fa1a04bc75ee401b3309a7c1048fb07
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce
ff6e102bbabfb18c7214c0c935d7fe4af0054d1e799061cfc8e977e0fb30243a

hrtransformation.online Open in urlscan Pro 185.215.4.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

102 Requests

96 %HTTPS

50 %IPv6

18 Domains

25 Subdomains

24 IPs

6 Countries

3734 kBTransfer

7572 kBSize

28 Cookies

5 Outgoing links

Page URL History

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hrtransformation.online Open in urlscan Pro
185.215.4.21 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

96 %
HTTPS

50 %
IPv6

18
Domains

25
Subdomains

24
IPs

6
Countries

3734 kB
Transfer

7572 kB
Size

28
Cookies

102 HTTP transactions
3 data transactions