URL: https://mdbizcon.com/
Submission: On June 11 via api from US

Summary

This website contacted 24 IPs in 4 countries across 18 domains to perform 61 HTTP transactions. The main IP is 2606:4700:3035::ac43:9e83, located in United States and belongs to CLOUDFLARENET, US. The main domain is mdbizcon.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 30th 2020. Valid for: a year.
This is the only time mdbizcon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.225.73.226 ()
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 185.105.66.16 16376 (SYSGROUP-...)
2 2a03:2880:f02... 32934 (FACEBOOK)
12 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 35.192.151.63 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
61 24
Domain Requested by
15 www.youtube.com mdbizcon.com
www.youtube.com
10 mdbizcon.com mdbizcon.com
8 r1---sn-4g5e6nld.googlevideo.com www.youtube.com
3 fonts.gstatic.com www.youtube.com
fonts.googleapis.com
3 clicks.responsegenius.com mdbizcon.com
clicks.responsegenius.com
2 yt3.ggpht.com www.youtube.com
2 www.facebook.com mdbizcon.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 api.leadpages.io js.center.io
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net mdbizcon.com
connect.facebook.net
2 js.center.io mdbizcon.com
js.center.io
2 fonts.googleapis.com mdbizcon.com
clicks.responsegenius.com
1 www.gstatic.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 www.googletagmanager.com mdbizcon.com
1 jwpsrv.com mdbizcon.com
1 cdnjs.cloudflare.com mdbizcon.com
61 20

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-30 -
2021-07-30
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-05-10 -
2021-08-02
3 months crt.sh
jwpsrv.com
Amazon
2021-05-19 -
2022-06-17
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-05-10 -
2021-08-02
3 months crt.sh
*.center.io
Go Daddy Secure Certificate Authority - G2
2020-01-21 -
2022-01-21
2 years crt.sh
*.google.com
GTS CA 1C3
2021-05-17 -
2021-08-09
3 months crt.sh
control.responsegenius.com
R3
2021-05-22 -
2021-08-20
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-05-26 -
2021-08-24
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-05-17 -
2021-08-09
3 months crt.sh
*.leadpages.io
Go Daddy Secure Certificate Authority - G2
2019-11-12 -
2021-11-12
2 years crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-05-10 -
2021-08-02
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2021-05-17 -
2021-08-09
3 months crt.sh
www.google.com
GTS CA 1C3
2021-05-17 -
2021-08-09
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2021-05-10 -
2021-08-02
3 months crt.sh
*.c.docs.google.com
GTS CA 1O1
2021-06-01 -
2021-08-10
2 months crt.sh
edgestatic.com
GTS CA 1C3
2021-05-17 -
2021-08-09
3 months crt.sh

This page contains 4 frames:

Primary Page: https://mdbizcon.com/
Frame ID: 1A3D46974814CF5BAADF5447156BA4FC
Requests: 23 HTTP requests in this frame

Frame: https://www.youtube.com/embed/DkvD8S8fRyU?rel=0&autoplay=1
Frame ID: 27096C586BFED739E81FA980FD85A39D
Requests: 33 HTTP requests in this frame

Frame: https://clicks.responsegenius.com/data_form/58d54d5c66f42069667388
Frame ID: C757E4F269A7B7195E59BD4543C7612E
Requests: 6 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 0D9C96D14F24A2E1EEB1DC7A01623853
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

61
Requests

100 %
HTTPS

88 %
IPv6

18
Domains

20
Subdomains

24
IPs

4
Countries

2117 kB
Transfer

4815 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

61 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
mdbizcon.com/
77 KB
14 KB
Document
General
Full URL
https://mdbizcon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9e83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d92507b51bd5ccb8f30202cff5fbaea52922fa18304c5139c92508ea11d4efe6

Request headers

:method
GET
:authority
mdbizcon.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 13:41:24 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
md_session=djt86rdva39c2sjvrfaf9t788jgvv1rj; expires=Fri, 11-Jun-2021 15:41:23 GMT; Max-Age=7200; path=/; HttpOnly
cf-cache-status
DYNAMIC
cf-request-id
0a9ce7672f00002c52c1991000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=le6d8PW35pAEbsctVMzOUBJYWHTaerotbQfj1gOifdx9PsMRGyJNrj%2FyDJECPCgUU6x4gpC26TZEa52NiIaKEwMKjwZMoHWxwqX5Emf5Fb93XWxYU7UenIx6NB40Z48XLrQMJ7x7"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
65db41b84d9b2c52-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
css
fonts.googleapis.com/
708 B
473 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato&display=swap
Requested by
Host: mdbizcon.com
URL: https://mdbizcon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1b21d7945f9a9e83d3218aa05a9a97c91d0db52e4682e6392dac56496134ce2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mdbizcon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 11 Jun 2021 13:25:02 GMT
server
ESF
date
Fri, 11 Jun 2021 13:41:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 11 Jun 2021 13:41:24 GMT
bootstrap.min.css
mdbizcon.com/assets/lib/bootstrap/css/
118 KB
18 KB
Stylesheet
General
Full URL
https://mdbizcon.com/assets/lib/bootstrap/css/bootstrap.min.css
Requested by
Host: mdbizcon.com
URL: https://mdbizcon.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9e83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eba2466470b8c15cd1c6eff448161218c807d42bab78e708945d08537269baed

Request headers

:path
/assets/lib/bootstrap/css/bootstrap.min.css
pragma
no-cache
cookie
md_session=djt86rdva39c2sjvrfaf9t788jgvv1rj
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
mdbizcon.com
referer
https://mdbizcon.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mdbizcon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 13:41:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 13 Jun 2020 04:48:10 GMT
server
cloudflare
age
2994
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eadq1WCP7i2aOl5r%2FPTIzgMj4%2F3LoM83Pr%2BwDbwFBT3zbrSkRIQ4MHMlH70u3%2FHHwLoU8uUXnGpc7QmS2C9aKKDZJ0PjrJBs%2BWZVviZqTMIOz94c53H0FrDhf0qx8li%2B%2F5VnfYq3"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
65db41ba7bdbc295-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9ce7689b0000c2953e28f000000001
font-awesome.min.css
mdbizcon.com/assets/lib/font-awesome/css/
21 KB
5 KB
Stylesheet
General
Full URL
https://mdbizcon.com/assets/lib/font-awesome/css/font-awesome.min.css
Requested by
Host: mdbizcon.com
URL: https://mdbizcon.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9e83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50dbecb3ed007ae3c814e0c220f9e9a153d02fbafa3d9465c4b222042976a8ec

Request headers

:path
/assets/lib/font-awesome/css/font-awesome.min.css
pragma
no-cache
cookie
md_session=djt86rdva39c2sjvrfaf9t788jgvv1rj
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
mdbizcon.com
referer
https://mdbizcon.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mdbizcon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 13:41:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 13 Jun 2020 04:48:10 GMT
server
cloudflare
age
2994
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sN8lF5XfCDYblUOYVXG8zujIizs%2BHcvH41bO%2B3m5Gis3K4II6XjxoAY6gVLU%2BmUhKlFJmXUV9iQxq0Yje5tw6D4Y%2BRnJwTiaFBDF65LW%2Bm%2Bsymotpx3ei8EbFA6w4Nk675cif2CR"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
65db41ba8c02c295-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9ce768ac0000c29559a9d000000001
style.css
mdbizcon.com/assets/frontend/mainsite/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://mdbizcon.com/assets/frontend/mainsite/css/style.css?1310239836
Requested by
Host: mdbizcon.com
URL: https://mdbizcon.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9e83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a385b5c97c266efda35652bb12704eacde42d666ea99aa6cb101859e8fee0b46

Request headers

:path
/assets/frontend/mainsite/css/style.css?1310239836
pragma
no-cache
cookie
md_session=djt86rdva39c2sjvrfaf9t788jgvv1rj
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
mdbizcon.com
referer
https://mdbizcon.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mdbizcon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 13:41:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 10 Feb 2021 10:08:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ux11QrTsmembfnWumpZbSCKNCMPxpiPAd43g9KUGGaJsg%2F2RVghGL%2FEZ6XLa%2BVlGeHc%2BYXkO%2FK7%2BsfZnKSUCNCJllD4znoK6kqw%2FVDJw6Br73k38VLsnJJ9B1henq6VzDmyszuGe"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
65db41ba8bf1c295-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9ce768950000c29525bdc000000001
wp-pages-style.css
mdbizcon.com/assets/css/
474 B
752 B
Stylesheet
General
Full URL
https://mdbizcon.com/assets/css/wp-pages-style.css?658327925
Requested by
Host: mdbizcon.com
URL: https://mdbizcon.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9e83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab75e8d031c9a57ffa5f8d2fad131144d3374c6ce5fdc06fdf5c6f199f6b1ccd

Request headers

:path
/assets/css/wp-pages-style.css?658327925
pragma
no-cache
cookie
md_session=djt86rdva39c2sjvrfaf9t788jgvv1rj
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
mdbizcon.com
referer
https://mdbizcon.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mdbizcon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 13:41:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 29 May 2019 12:53:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CDw4K0lRbchCSsh4tWshRBrkeyB61zEl24nSJl7K6j3ftxTBhMk9JIHxHPCyzI6q4o33kMjuLuPWn0Xws63Gzy1q3%2F8c3seyZ9vgseb2faO4E5AqNMxDba5EjTcfY37rLhjiEe6X"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
65db41ba8bf7c295-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9ce768a90000c2952804f000000001
jquery-3.2.1.min.js
mdbizcon.com/assets/lib/jquery/js/
85 KB
29 KB
Script
General
Full URL
https://mdbizcon.com/assets/lib/jquery/js/jquery-3.2.1.min.js
Requested by
Host: mdbizcon.com
URL: https://mdbizcon.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9e83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f

Request headers

:path
/assets/lib/jquery/js/jquery-3.2.1.min.js
pragma
no-cache
cookie
md_session=djt86rdva39c2sjvrfaf9t788jgvv1rj
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mdbizcon.com
referer
https://mdbizcon.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mdbizcon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 13:41:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 13 Jun 2020 04:48:10 GMT
server
cloudflare
age
2994
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RZ414cs%2FYD3VxIQJu6%2FiwddaFBt80G8nmj6djKzyJd7ylqV0ZKVvwsD5pIJB6INTe79pMeWV6z3tnG2m54Gb%2BVdBtRKHYca2TpZL24fL3UEHKEF3Ptg6S289uU3Syj57y3%2B37j%2Bt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
65db41baccb2c295-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9ce768c60000c29528052000000001
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/
21 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
Requested by
Host: mdbizcon.com
URL: https://mdbizcon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://mdbizcon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 13:41:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6971384
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6646
cf-request-id
0a9ce768ba00004ac3c9b84000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-520c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cpgheAYM5g7rItK89%2BoF4mu05rCx76YKOX87qZ7SkblS6PjUxTVqCP806dTCajon40298rv5eyYMtHq37D%2B6%2Ff7tHMGXDrkSIiRL7ety%2F3LQ%2FHT0VymuXabB8RhxQ%2F50EGmuLJzwe45Dx30TAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
65db41bace164ac3-FRA
expires
Wed, 01 Jun 2022 13:41:24 GMT
bootstrap.min.js
mdbizcon.com/assets/lib/bootstrap/js/
36 KB
10 KB
Script
General
Full URL
https://mdbizcon.com/assets/lib/bootstrap/js/bootstrap.min.js
Requested by
Host: mdbizcon.com
URL: https://mdbizcon.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9e83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64

Request headers

:path
/assets/lib/bootstrap/js/bootstrap.min.js
pragma
no-cache
cookie
md_session=djt86rdva39c2sjvrfaf9t788jgvv1rj
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mdbizcon.com
referer
https://mdbizcon.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mdbizcon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 13:41:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 13 Jun 2020 04:48:10 GMT
server
cloudflare
age
2994
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Y7IxVdNRlQfpFknjkkLGTQaKLHQDluYPAiQ%2FCNl6GX54AfD7XcgakUY3Mj%2FmOfSaJqD1iTMdpnc4sQgZVqVbJKw1dQgueDFqDvBngZ2oGZwsozUVyTGynW4bJuYi7msiFshSJ6vQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
65db41baccb5c295-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9ce768d00000c295533d8000000001
jquery.form-validator.min.js
mdbizcon.com/assets/lib/jquery/js/
29 KB
9 KB
Script
General
Full URL
https://mdbizcon.com/assets/lib/jquery/js/jquery.form-validator.min.js
Requested by
Host: mdbizcon.com
URL: https://mdbizcon.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9e83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3521f0e6e99fad9307635bdd4fc5db3ec368b2964236a8f2ef7148d6934715b1

Request headers

:path
/assets/lib/jquery/js/jquery.form-validator.min.js
pragma
no-cache
cookie
md_session=djt86rdva39c2sjvrfaf9t788jgvv1rj
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mdbizcon.com
referer
https://mdbizcon.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mdbizcon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 13:41:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 13 Jun 2020 04:48:10 GMT
server
cloudflare
age
2994
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ibQN7s8Bhn30gaZnrIsYZv4pqWBVuwOBrABYLUaZ82o9KQaM1vP8lGuaM3FDRU%2B5auqdotftMjq%2FL9elhfhDS61yFBEzbvaAy2c5MrRzfcgxIxefPQWPAJZuZ6sZdkaEndKCrglF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
65db41baccb9c295-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9ce768d10000c2951432f000000001
jquery.maskedinput.min.js
mdbizcon.com/assets/lib/jquery/js/
4 KB
2 KB
Script
General
Full URL
https://mdbizcon.com/assets/lib/jquery/js/jquery.maskedinput.min.js
Requested by
Host: mdbizcon.com
URL: https://mdbizcon.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9e83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c13ddf07e939b7f6f07f37a86bc947d0971485155234916bdc28419d2f662f81

Request headers

:path
/assets/lib/jquery/js/jquery.maskedinput.min.js
pragma
no-cache
cookie
md_session=djt86rdva39c2sjvrfaf9t788jgvv1rj
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mdbizcon.com
referer
https://mdbizcon.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mdbizcon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 13:41:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 13 Jun 2020 04:48:10 GMT
server
cloudflare
age
2994
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rq7Dwuk8BX%2F9AdTGUy94dvh2i1zQA9RRTI%2BzxoqTwIkSb%2BwnMYXqr%2BfAtkQN30Y6tH3kdNi97jjyIyQvIqIBysGfQt3UMbz8C7I9YhaJtSf8i9HNukoNiQZ6j7cakTgWvCRm4A5r"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
65db41baccbcc295-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9ce768e30000c295623b4000000001
fOkofh_LEeODoSIACusDuQ.js
jwpsrv.com/library/
125 KB
40 KB
Script
General
Full URL
https://jwpsrv.com/library/fOkofh_LEeODoSIACusDuQ.js
Requested by
Host: mdbizcon.com
URL: https://mdbizcon.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.73.226 , United States, ASN (),
Reverse DNS
server-13-225-73-226.fra2.r.cloudfront.net
Software
openresty /
Resource Hash
8392b5a7089299d42e45e59b957935059f5587264fd4d2be48445e3cbc576626

Request headers

Referer
https://mdbizcon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 13:41:24 GMT
Content-Encoding
gzip
Server
openresty
X-Amz-Cf-Pop
FRA2-C2
X-Cache
Miss from cloudfront
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=150, max-stale=180
Connection
keep-alive
Content-Length
40753
Via
1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
X-Amz-Cf-Id
nOeLtUP99WKKOxXDnd4fmW_G8y3YatGI7iQIDfIzyW_8gVldUuVDMg==
Expires
Fri, 11 Jun 2021 13:43:53 GMT
jwplayer.js
mdbizcon.com/jwplayer/
49 KB
17 KB
Script
General
Full URL
https://mdbizcon.com/jwplayer/jwplayer.js
Requested by
Host: mdbizcon.com
URL: https://mdbizcon.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9e83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da42ccf0561b421cd0de9fbb901b0930c366bfe8181142c7f59d0f5c2413224c

Request headers

:path
/jwplayer/jwplayer.js
pragma
no-cache
cookie
md_session=djt86rdva39c2sjvrfaf9t788jgvv1rj
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mdbizcon.com
referer
https://mdbizcon.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mdbizcon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 13:41:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 03 Oct 2013 00:46:54 GMT
server
cloudflare
age
2994
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xa6ke7jbft%2Fn0dbwDVJ%2F6y89%2F0FYxYFqwBDWUHR9TvM9gpy2jDOTN9KGfTYE87dI4roPtd1xorxi2zKJ2enBlvy9t4F1u25OUanhJWyvFnB%2BfmV24S4YAou6YCea7fRPqP4apIfB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
65db41bacd11c295-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9ce768eb0000c29536b6f000000001
gtm.js
www.googletagmanager.com/
81 KB
32 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KXJD9XS
Requested by
Host: mdbizcon.com
URL: https://mdbizcon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ce3a560a6b1820b9c727960fa098fcb86f481b6bc612a3af97765a8a5399f059
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://mdbizcon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 13:41:25 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32563
x-xss-protection
0
last-modified
Fri, 11 Jun 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 11 Jun 2021 13:41:25 GMT
center.js
js.center.io/
12 KB
5 KB
Script
General
Full URL
https://js.center.io/center.js
Requested by
Host: mdbizcon.com
URL: https://mdbizcon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

Referer
https://mdbizcon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 13:37:19 GMT
content-encoding
gzip
server
Google Frontend
age
246
etag
"OMWYXg"
content-type
application/javascript
x-cloud-trace-context
a0eec92d7ae468180bfc2847bba09278
cache-control
public, max-age=300
content-length
5417
expires
Fri, 11 Jun 2021 13:42:19 GMT
DkvD8S8fRyU
www.youtube.com/embed/ Frame 2709
53 KB
22 KB
Document
General
Full URL
https://www.youtube.com/embed/DkvD8S8fRyU?rel=0&autoplay=1
Requested by
Host: mdbizcon.com
URL: https://mdbizcon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f21afca4237629952bf3a9bdc5bbccaea4ac5dd8250f2c562abfe1f4ac62a544
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/DkvD8S8fRyU?rel=0&autoplay=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mdbizcon.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://mdbizcon.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 11 Jun 2021 13:41:25 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=LoqR9W_cXbE; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=gfrYD_Kw34A; Domain=.youtube.com; Expires=Wed, 08-Dec-2021 13:41:25 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+677; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
58d54d5c66f42069667388
clicks.responsegenius.com/data_form/ Frame C757
6 KB
6 KB
Document
General
Full URL
https://clicks.responsegenius.com/data_form/58d54d5c66f42069667388
Requested by
Host: mdbizcon.com
URL: https://mdbizcon.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.105.66.16 , United Kingdom, ASN16376 (SYSGROUP-PLC SysGroup Plc, GB),
Reverse DNS
Software
nginx /
Resource Hash
bcd3f64768960f044898df1f363c6847b512c063b2db6e697a262a860f1f2a9f

Request headers

Host
clicks.responsegenius.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mdbizcon.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://mdbizcon.com/

Response headers

Server
nginx
Date
Fri, 11 Jun 2021 13:41:25 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
6135
Connection
keep-alive
X-server-tag
ldex-mail-001.instillerhq.com
X-Instiller-Secure-Track
: true
fbevents.js
connect.facebook.net/en_US/
94 KB
24 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: mdbizcon.com
URL: https://mdbizcon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
412979f99062018cc1b3ba7cc84a0c6d03f86f1c1f07f1ee90fa0402ba2d93ed
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://mdbizcon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24515
x-fb-rlafr
0
pragma
public
x-fb-debug
8RU08nxjqk+/XPfwVtE4a3UnKB7dG56XLjKcHmJomy7LqxHNq8MNvIwD2QDJ+E8jpciajCsn4wFkWpTSHsuh1w==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 11 Jun 2021 13:41:25 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
identify.html
js.center.io/ Frame 0D9C
4 KB
2 KB
Document
General
Full URL
https://js.center.io/identify.html
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

:method
GET
:authority
js.center.io
:scheme
https
:path
/identify.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mdbizcon.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://mdbizcon.com/

Response headers

date
Fri, 11 Jun 2021 13:38:20 GMT
expires
Fri, 11 Jun 2021 13:43:20 GMT
etag
"OMWYXg"
x-cloud-trace-context
7de1d5df954bf4d5f496e0c8bed4c0d4
content-type
text/html
content-encoding
gzip
server
Google Frontend
content-length
2016
age
185
cache-control
public, max-age=300
www-player-webp.css
www.youtube.com/s/player/a0094ae9/ Frame 2709
359 KB
45 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/a0094ae9/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DkvD8S8fRyU?rel=0&autoplay=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
357c32cc007cdab793d90935dbf5cf143a8270ef0ffaa4fa3f6893d0b2fa8c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/DkvD8S8fRyU?rel=0&autoplay=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 14:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 10 Jun 2021 00:16:44 GMT
server
sffe
age
82521
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46251
x-xss-protection
0
expires
Fri, 10 Jun 2022 14:46:04 GMT
www-embed-player.js
www.youtube.com/s/player/a0094ae9/www-embed-player.vflset/ Frame 2709
193 KB
64 KB
Script
General
Full URL
https://www.youtube.com/s/player/a0094ae9/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DkvD8S8fRyU?rel=0&autoplay=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3439175095de850d714058bd2de5bc1533a676a2128685c90d8e8c4225063d44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/DkvD8S8fRyU?rel=0&autoplay=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 14:45:46 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 10 Jun 2021 00:16:44 GMT
server
sffe
age
82539
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65030
x-xss-protection
0
expires
Fri, 10 Jun 2022 14:45:46 GMT
base.js
www.youtube.com/s/player/a0094ae9/player_ias.vflset/en_US/ Frame 2709
2 MB
468 KB
Script
General
Full URL
https://www.youtube.com/s/player/a0094ae9/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DkvD8S8fRyU?rel=0&autoplay=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2e7aa7efd08bb577c4c8d9e51e354a3222185e2d58f2e8a973b5b553841db64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/DkvD8S8fRyU?rel=0&autoplay=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 14:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 10 Jun 2021 00:16:44 GMT
server
sffe
age
82511
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
479190
x-xss-protection
0
expires
Fri, 10 Jun 2022 14:46:14 GMT
fetch-polyfill.js
www.youtube.com/s/player/a0094ae9/fetch-polyfill.vflset/ Frame 2709
8 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/a0094ae9/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DkvD8S8fRyU?rel=0&autoplay=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/DkvD8S8fRyU?rel=0&autoplay=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 14:45:46 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 10 Jun 2021 00:16:44 GMT
server
sffe
age
82539
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
expires
Fri, 10 Jun 2022 14:45:46 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2709
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DkvD8S8fRyU?rel=0&autoplay=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 20:53:18 GMT
x-content-type-options
nosniff
age
233287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 20:53:18 GMT
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXJD9XS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mdbizcon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
153
date
Fri, 11 Jun 2021 13:38:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Fri, 11 Jun 2021 15:38:52 GMT
207764782919509
connect.facebook.net/signals/config/
260 KB
74 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/207764782919509?v=2.9.41&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7a25e34101cecd2bd6be05650801d6283c2b9ef0c0099142f54162a1fbd4d1f0
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://mdbizcon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
Zf2sffMQArguUeyblbPi9OeXjO6IpBBEmNb8W1+Co7IJvQZ0EQ9p0oBcF480e4TwZGWfySECMdN84IER25eWyQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 11 Jun 2021 13:41:25 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
capture
api.leadpages.io/analytics/v1/events/
35 B
661 B
XHR
General
Full URL
https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=sScbM65mPHqixAXA8JbcC5&v=&e=&st=&lc=en-US&pid=7YsmNzeBpWs9sYJ5obxWma&uid=7ewbCedpxeJihDa4K498Gf&sid=4vTXFaeRPos9PUFajgLwWi&cid=lp-sScbM65mPHqixAXA8JbcC5&uri=https%3A%2F%2Fmdbizcon.com%2F&rf=&rx=1600&ry=1200&tz=%2B02%3A00
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://mdbizcon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 13:41:25 GMT
Server
Stargate
Transfer-Encoding
chunked
X-Forwarded-For
37.120.155.217
Content-Type
image/gif
access-control-allow-origin
https://mdbizcon.com
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
access-control-max-age
600
Connection
keep-alive
x-request-id
0067obo6ovlo3i8dmbfg
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1904682297&t=pageview&_s=1&dl=https%3A%2F%2Fmdbizcon.com%2F&ul=en-us&de=UTF-8&dt=Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=884895148&gjid=291496873&cid=1919103995.1623418885&tid=UA-192907638-1&_gid=522315028.1623418885&_r=1&gtm=2wg690KXJD9XS&z=277128844
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mdbizcon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 13:41:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mdbizcon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 2709
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
161 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DkvD8S8fRyU?rel=0&autoplay=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e4bbee0469bca7d49fc347cd8718092a23b3961944d09c1969be436e224b3aa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 13:41:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 11 Jun 2021 13:41:25 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 2709
29 B
90 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a0094ae9/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 13:31:13 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
612
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Fri, 11 Jun 2021 13:46:13 GMT
fo8Bg2I45l6LF4Ccd5uvJuNi56VSDAmZhom8VOVrPUc.js
www.google.com/js/th/ Frame 2709
35 KB
13 KB
Script
General
Full URL
https://www.google.com/js/th/fo8Bg2I45l6LF4Ccd5uvJuNi56VSDAmZhom8VOVrPUc.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a0094ae9/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e8f01836238e65e8b17809c779baf26e362e7a5520c09998689bc54e56b3d47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 06:48:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
197572
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13337
x-xss-protection
0
last-modified
Mon, 31 May 2021 09:00:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Jun 2022 06:48:33 GMT
embed.js
www.youtube.com/s/player/a0094ae9/player_ias.vflset/en_US/ Frame 2709
25 KB
7 KB
Script
General
Full URL
https://www.youtube.com/s/player/a0094ae9/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a0094ae9/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed19c4ca5616b5e4ab07ad52dbff6446a96b8a01d4a9e949cd7ad063215b0f7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/DkvD8S8fRyU?rel=0&autoplay=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 14:46:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
82510
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7463
x-xss-protection
0
last-modified
Thu, 10 Jun 2021 00:16:44 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jun 2022 14:46:15 GMT
/
www.facebook.com/tr/
44 B
147 B
Image
General
Full URL
https://www.facebook.com/tr/?id=207764782919509&ev=AddToCart&dl=https%3A%2F%2Fmdbizcon.com%2F&rl=&if=false&ts=1623418885296&sw=1600&sh=1200&v=2.9.41&r=stable&ec=0&o=30&fbp=fb.1.1623418885295.755166922&it=1623418885081&coo=false&rqm=GET
Requested by
Host: mdbizcon.com
URL: https://mdbizcon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mdbizcon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 13:41:25 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 11 Jun 2021 13:41:25 GMT
truncated
/ Frame 2709
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AAUvwniHTzPeIJZzrOFu5VRBndNNObdZZqdKjnm8q-Bd=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 2709
3 KB
3 KB
Image
General
Full URL
https://yt3.ggpht.com/ytc/AAUvwniHTzPeIJZzrOFu5VRBndNNObdZZqdKjnm8q-Bd=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DkvD8S8fRyU?rel=0&autoplay=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
3864933b1f612ab18362ffef12a35345144ebba832e2caecbb06e2b79fc56072
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 12:51:32 GMT
x-content-type-options
nosniff
age
2993
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3114
x-xss-protection
0
server
fife
etag
"v4c"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 12 Jun 2021 12:51:32 GMT
truncated
/ Frame 2709
246 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6e69b3b2cfc115884df33f10a053fab1c2657546c322aedaed45808eafe0c124

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame C757
6 KB
708 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700
Requested by
Host: clicks.responsegenius.com
URL: https://clicks.responsegenius.com/data_form/58d54d5c66f42069667388
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
67bc675875f4e5e7d636dbc7da38268c23f3a5370233ac2331a7193add7cfd76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://clicks.responsegenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 11 Jun 2021 11:43:17 GMT
server
ESF
date
Fri, 11 Jun 2021 13:41:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 11 Jun 2021 13:41:25 GMT
data_form.css
clicks.responsegenius.com/Downloads/17042810_form_content_15/ Frame C757
0
0
Stylesheet
General
Full URL
https://clicks.responsegenius.com/Downloads/17042810_form_content_15/data_form.css
Requested by
Host: clicks.responsegenius.com
URL: https://clicks.responsegenius.com/data_form/58d54d5c66f42069667388
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.105.66.16 , United Kingdom, ASN16376 (SYSGROUP-PLC SysGroup Plc, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://clicks.responsegenius.com/data_form/58d54d5c66f42069667388
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-server-tag
ldex-app-001
Date
Fri, 11 Jun 2021 13:41:25 GMT
Server
nginx
Connection
keep-alive
Content-Length
6279
Content-Type
text/html; charset=UTF-8
data_form.js
clicks.responsegenius.com/Downloads/17042810_form_content_15/ Frame C757
0
0
Script
General
Full URL
https://clicks.responsegenius.com/Downloads/17042810_form_content_15/data_form.js
Requested by
Host: clicks.responsegenius.com
URL: https://clicks.responsegenius.com/data_form/58d54d5c66f42069667388
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.105.66.16 , United Kingdom, ASN16376 (SYSGROUP-PLC SysGroup Plc, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://clicks.responsegenius.com/data_form/58d54d5c66f42069667388
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-server-tag
ldex-app-003
Date
Fri, 11 Jun 2021 13:41:25 GMT
Server
nginx
Connection
keep-alive
Content-Length
6279
Content-Type
text/html; charset=UTF-8
player
www.youtube.com/youtubei/v1/ Frame 2709
72 KB
17 KB
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a0094ae9/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7055019492d5881c0c0b6efd0e05854fb660e3efc53b7e3966e3c3d02eb43104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/DkvD8S8fRyU?rel=0&autoplay=1
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20210609.1.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Visitor-Id
CgtnZnJZRF9LdzM0QSiF0I2GBg%3D%3D
Content-Type
application/json

Response headers

date
Fri, 11 Jun 2021 13:41:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17627
x-xss-protection
0
expires
Fri, 11 Jun 2021 13:41:25 GMT
generate_204
www.youtube.com/ Frame 2709
0
9 B
Image
General
Full URL
https://www.youtube.com/generate_204?uXoH-Q
Requested by
Host: mdbizcon.com
URL: https://mdbizcon.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/DkvD8S8fRyU?rel=0&autoplay=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 13:41:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
qoe
www.youtube.com/api/stats/ Frame 2709
0
19 B
Ping
General
Full URL
https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=243&afmt=251&cpn=iTbkJ1QHKjICSzGo&ei=BWjDYIbtFcfp1gK_07vgDg&el=embedded&docid=DkvD8S8fRyU&ns=yt&fexp=23983296%2C24001373%2C24004644%2C24007246%2C24015145%2C24034745%2C24042868%2C24044575%2C24050106%2C24052632&cl=378517331&seq=1&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210609.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.214:N&error=0.100:onesie.unavailable.hotconfig:0.000:url.0&bat=0.100:1:1,0.214:1:1&vis=0.100:0&cmt=0.100:0.000,0.214:0.000&bh=0.100:0.000,0.214:0.000&ctmp=cc:t.203;useVodTrack&afs=0.213:251::i&vfs=0.214:243:243::r&view=0.214:421:237&bwe=0.214:130000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a0094ae9/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/DkvD8S8fRyU?rel=0&autoplay=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 13:41:25 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
r1---sn-4g5e6nld.googlevideo.com/ Frame 2709
65 KB
66 KB
XHR
General
Full URL
https://r1---sn-4g5e6nld.googlevideo.com/videoplayback?expire=1623440485&ei=BWjDYIbtFcfp1gK_07vgDg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-APzUj6jiGvCSDHz0qfAkmPPvdTH_7EVbAhLGIOQbccIY&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=YF&mm=31%2C26&mn=sn-4g5e6nld%2Csn-5go7yne6&ms=au%2Conr&mv=m&mvi=1&pl=50&initcwndbps=673750&vprv=1&mime=video%2Fwebm&ns=ySMG3IhR6A4p5kj7rHnsDWQF&gir=yes&clen=2151580&dur=139.681&lmt=1594528631518496&mt=1623418610&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=1211222&n=ohGtuWMsIPKMrw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgYpLAzwHKRItQkJD1g6wFosa4d2IQbCyWvQN9-I_xbBsCIAL2UhbvYsb-KPbA5fQHq91XX1-McklDe-cUSvi2Zawm&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgS1VViQalx01Wws4X232lvhWSHq-84GYB2l5Wz17ZmNwCIQCxD8HJKvFPwQSUKIkrG4aYQ_vLvMDPr35gZeTHlfjBTw%3D%3D&alr=yes&cpn=iTbkJ1QHKjICSzGo&cver=1.20210609.1.0&range=0-66188&rn=1&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a0094ae9/player_ias.vflset/en_US/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:58::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
4200d8892ad4f144ebc45d76e35f3e0f5335cd5ef6d032a1c91721bd9df37483
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 13:41:25 GMT
X-Restrict-Formats-Hint
None
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
66189
Last-Modified
Sun, 12 Jul 2020 04:37:11 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/webm
Access-Control-Allow-Origin
https://www.youtube.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=21300
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
X-Content-Type-Options
nosniff
Expires
Fri, 11 Jun 2021 13:41:25 GMT
videoplayback
r1---sn-4g5e6nld.googlevideo.com/ Frame 2709
64 KB
66 KB
XHR
General
Full URL
https://r1---sn-4g5e6nld.googlevideo.com/videoplayback?expire=1623440485&ei=BWjDYIbtFcfp1gK_07vgDg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-APzUj6jiGvCSDHz0qfAkmPPvdTH_7EVbAhLGIOQbccIY&itag=251&source=youtube&requiressl=yes&mh=YF&mm=31%2C26&mn=sn-4g5e6nld%2Csn-5go7yne6&ms=au%2Conr&mv=m&mvi=1&pl=50&initcwndbps=673750&vprv=1&mime=audio%2Fwebm&ns=ySMG3IhR6A4p5kj7rHnsDWQF&gir=yes&clen=1743556&dur=139.721&lmt=1594528090748343&mt=1623418610&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=1211222&n=ohGtuWMsIPKMrw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgRb4kX7GYHBEBn2L9kXByfdyLRL9iG-cZZgCf-4HamnACIQC6uzHzGbzlXAWGvb4vc1go6ywZ0K6BjzgyZd4MNq2OYQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgS1VViQalx01Wws4X232lvhWSHq-84GYB2l5Wz17ZmNwCIQCxD8HJKvFPwQSUKIkrG4aYQ_vLvMDPr35gZeTHlfjBTw%3D%3D&alr=yes&cpn=iTbkJ1QHKjICSzGo&cver=1.20210609.1.0&range=0-66029&rn=2&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a0094ae9/player_ias.vflset/en_US/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:58::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
f09e17c4e36cc2842a213b9cb6b9e0f840db5c2707d926b9f3576271a7823687
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 13:41:25 GMT
X-Content-Type-Options
nosniff
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
66030
Last-Modified
Sun, 12 Jul 2020 04:28:10 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
audio/webm
Access-Control-Allow-Origin
https://www.youtube.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=21300
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
Expires
Fri, 11 Jun 2021 13:41:25 GMT
remote.js
www.youtube.com/s/player/a0094ae9/player_ias.vflset/en_US/ Frame 2709
98 KB
30 KB
Script
General
Full URL
https://www.youtube.com/s/player/a0094ae9/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a0094ae9/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c35610dcf2f612f0d99726862aa2acab8582ebd3d44cbd55a634db9684071225
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/DkvD8S8fRyU?rel=0&autoplay=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 14:46:15 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 10 Jun 2021 00:16:44 GMT
server
sffe
age
82510
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30990
x-xss-protection
0
expires
Fri, 10 Jun 2022 14:46:15 GMT
captions.js
www.youtube.com/s/player/a0094ae9/player_ias.vflset/en_US/ Frame 2709
62 KB
23 KB
Script
General
Full URL
https://www.youtube.com/s/player/a0094ae9/player_ias.vflset/en_US/captions.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a0094ae9/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e67794b1d502e696631084e355cbc8cf3f837439d3d77a4133fba06398f86dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/DkvD8S8fRyU?rel=0&autoplay=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 14:55:41 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 10 Jun 2021 00:16:44 GMT
server
sffe
age
81944
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23738
x-xss-protection
0
expires
Fri, 10 Jun 2022 14:55:41 GMT
endscreen.js
www.youtube.com/s/player/a0094ae9/player_ias.vflset/en_US/ Frame 2709
26 KB
7 KB
Script
General
Full URL
https://www.youtube.com/s/player/a0094ae9/player_ias.vflset/en_US/endscreen.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a0094ae9/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9317ec9e83ec99181b03fafb0f7fb7e1811c9a919ea25622e89e90aff6c5a8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/DkvD8S8fRyU?rel=0&autoplay=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:30:10 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 10 Jun 2021 00:16:44 GMT
server
sffe
age
11475
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7159
x-xss-protection
0
expires
Sat, 11 Jun 2022 10:30:10 GMT
next
www.youtube.com/youtubei/v1/ Frame 2709
75 KB
6 KB
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a0094ae9/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4a94757b58dec3b22284d15b973e63b663771a3c2931cf62360c672491a1ecbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/DkvD8S8fRyU?rel=0&autoplay=1
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20210609.1.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Visitor-Id
CgtnZnJZRF9LdzM0QSiF0I2GBg%3D%3D
Content-Type
application/json

Response headers

date
Fri, 11 Jun 2021 13:41:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5737
x-xss-protection
0
expires
Fri, 11 Jun 2021 13:41:25 GMT
sddefault.webp
i.ytimg.com/vi_webp/DkvD8S8fRyU/ Frame 2709
23 KB
23 KB
Image
General
Full URL
https://i.ytimg.com/vi_webp/DkvD8S8fRyU/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DkvD8S8fRyU?rel=0&autoplay=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69dd64c0bc42feabb8c5f8f61bdf048be3862714e8c0fbb5a32365441b1a579f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 12:51:31 GMT
x-content-type-options
nosniff
server
sffe
age
2994
etag
"1467907957"
vary
Origin
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23132
x-xss-protection
0
expires
Fri, 11 Jun 2021 14:51:31 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 2709
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a0094ae9/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 13:41:25 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
x-content-type-options
nosniff
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Fri, 11 Jun 2021 13:41:25 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ Frame C757
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://clicks.responsegenius.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 13:15:52 GMT
x-content-type-options
nosniff
age
1533
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:50 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jun 2022 13:15:52 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ Frame C757
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://clicks.responsegenius.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 13:14:26 GMT
x-content-type-options
nosniff
age
260819
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 13:14:26 GMT
videoplayback
r1---sn-4g5e6nld.googlevideo.com/ Frame 2709
72 KB
72 KB
XHR
General
Full URL
https://r1---sn-4g5e6nld.googlevideo.com/videoplayback?expire=1623440485&ei=BWjDYIbtFcfp1gK_07vgDg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-APzUj6jiGvCSDHz0qfAkmPPvdTH_7EVbAhLGIOQbccIY&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=YF&mm=31%2C26&mn=sn-4g5e6nld%2Csn-5go7yne6&ms=au%2Conr&mv=m&mvi=1&pl=50&initcwndbps=673750&vprv=1&mime=video%2Fwebm&ns=ySMG3IhR6A4p5kj7rHnsDWQF&gir=yes&clen=2151580&dur=139.681&lmt=1594528631518496&mt=1623418610&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=1211222&n=ohGtuWMsIPKMrw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgYpLAzwHKRItQkJD1g6wFosa4d2IQbCyWvQN9-I_xbBsCIAL2UhbvYsb-KPbA5fQHq91XX1-McklDe-cUSvi2Zawm&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgS1VViQalx01Wws4X232lvhWSHq-84GYB2l5Wz17ZmNwCIQCxD8HJKvFPwQSUKIkrG4aYQ_vLvMDPr35gZeTHlfjBTw%3D%3D&alr=yes&cpn=iTbkJ1QHKjICSzGo&cver=1.20210609.1.0&range=66189-140318&rn=3&rbuf=3840
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a0094ae9/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:58::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
5378cda94297959f70c0d28aba9e13ded6aad08876e1090e067035fac9fdc915
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 13:41:25 GMT
x-restrict-formats-hint
None
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74130
client-protocol
quic
last-modified
Sun, 12 Jul 2020 04:37:11 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-content-type-options
nosniff
expires
Fri, 11 Jun 2021 13:41:25 GMT
videoplayback
r1---sn-4g5e6nld.googlevideo.com/ Frame 2709
53 KB
53 KB
XHR
General
Full URL
https://r1---sn-4g5e6nld.googlevideo.com/videoplayback?expire=1623440485&ei=BWjDYIbtFcfp1gK_07vgDg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-APzUj6jiGvCSDHz0qfAkmPPvdTH_7EVbAhLGIOQbccIY&itag=251&source=youtube&requiressl=yes&mh=YF&mm=31%2C26&mn=sn-4g5e6nld%2Csn-5go7yne6&ms=au%2Conr&mv=m&mvi=1&pl=50&initcwndbps=673750&vprv=1&mime=audio%2Fwebm&ns=ySMG3IhR6A4p5kj7rHnsDWQF&gir=yes&clen=1743556&dur=139.721&lmt=1594528090748343&mt=1623418610&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=1211222&n=ohGtuWMsIPKMrw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgRb4kX7GYHBEBn2L9kXByfdyLRL9iG-cZZgCf-4HamnACIQC6uzHzGbzlXAWGvb4vc1go6ywZ0K6BjzgyZd4MNq2OYQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgS1VViQalx01Wws4X232lvhWSHq-84GYB2l5Wz17ZmNwCIQCxD8HJKvFPwQSUKIkrG4aYQ_vLvMDPr35gZeTHlfjBTw%3D%3D&alr=yes&cpn=iTbkJ1QHKjICSzGo&cver=1.20210609.1.0&range=66030-119898&rn=4&rbuf=5489
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a0094ae9/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:58::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
ece5d0e112db2606c88397eb5532ee4297e2df962bf26c3bfa88471d036d42e6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 13:41:25 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53869
client-protocol
quic
last-modified
Sun, 12 Jul 2020 04:28:10 GMT
server
gvs 1.0
vary
Origin
content-type
audio/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Fri, 11 Jun 2021 13:41:25 GMT
videoplayback
r1---sn-4g5e6nld.googlevideo.com/ Frame 2709
101 KB
101 KB
XHR
General
Full URL
https://r1---sn-4g5e6nld.googlevideo.com/videoplayback?expire=1623440485&ei=BWjDYIbtFcfp1gK_07vgDg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-APzUj6jiGvCSDHz0qfAkmPPvdTH_7EVbAhLGIOQbccIY&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=YF&mm=31%2C26&mn=sn-4g5e6nld%2Csn-5go7yne6&ms=au%2Conr&mv=m&mvi=1&pl=50&initcwndbps=673750&vprv=1&mime=video%2Fwebm&ns=ySMG3IhR6A4p5kj7rHnsDWQF&gir=yes&clen=2151580&dur=139.681&lmt=1594528631518496&mt=1623418610&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=1211222&n=ohGtuWMsIPKMrw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgYpLAzwHKRItQkJD1g6wFosa4d2IQbCyWvQN9-I_xbBsCIAL2UhbvYsb-KPbA5fQHq91XX1-McklDe-cUSvi2Zawm&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgS1VViQalx01Wws4X232lvhWSHq-84GYB2l5Wz17ZmNwCIQCxD8HJKvFPwQSUKIkrG4aYQ_vLvMDPr35gZeTHlfjBTw%3D%3D&alr=yes&cpn=iTbkJ1QHKjICSzGo&cver=1.20210609.1.0&range=140319-243757&rn=5&rbuf=8747
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a0094ae9/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:58::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
e54de3181a107ab20ba489ad856d70f0dc7da14289ee899bde8ee1ac4ff0a7f6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 13:41:25 GMT
x-restrict-formats-hint
None
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103439
client-protocol
quic
last-modified
Sun, 12 Jul 2020 04:37:11 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-content-type-options
nosniff
expires
Fri, 11 Jun 2021 13:41:25 GMT
videoplayback
r1---sn-4g5e6nld.googlevideo.com/ Frame 2709
128 KB
128 KB
XHR
General
Full URL
https://r1---sn-4g5e6nld.googlevideo.com/videoplayback?expire=1623440485&ei=BWjDYIbtFcfp1gK_07vgDg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-APzUj6jiGvCSDHz0qfAkmPPvdTH_7EVbAhLGIOQbccIY&itag=251&source=youtube&requiressl=yes&mh=YF&mm=31%2C26&mn=sn-4g5e6nld%2Csn-5go7yne6&ms=au%2Conr&mv=m&mvi=1&pl=50&initcwndbps=673750&vprv=1&mime=audio%2Fwebm&ns=ySMG3IhR6A4p5kj7rHnsDWQF&gir=yes&clen=1743556&dur=139.721&lmt=1594528090748343&mt=1623418610&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=1211222&n=ohGtuWMsIPKMrw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgRb4kX7GYHBEBn2L9kXByfdyLRL9iG-cZZgCf-4HamnACIQC6uzHzGbzlXAWGvb4vc1go6ywZ0K6BjzgyZd4MNq2OYQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgS1VViQalx01Wws4X232lvhWSHq-84GYB2l5Wz17ZmNwCIQCxD8HJKvFPwQSUKIkrG4aYQ_vLvMDPr35gZeTHlfjBTw%3D%3D&alr=yes&cpn=iTbkJ1QHKjICSzGo&cver=1.20210609.1.0&range=119899-250478&rn=6&rbuf=10001
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a0094ae9/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:58::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
538e904402b956e31de14770863c235aa7eea88a09f524735c9a1261aaa4b8bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 13:41:25 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130580
client-protocol
quic
last-modified
Sun, 12 Jul 2020 04:28:10 GMT
server
gvs 1.0
vary
Origin
content-type
audio/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Fri, 11 Jun 2021 13:41:25 GMT
AAUvwniHTzPeIJZzrOFu5VRBndNNObdZZqdKjnm8q-Bd=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 2709
4 KB
4 KB
Image
General
Full URL
https://yt3.ggpht.com/ytc/AAUvwniHTzPeIJZzrOFu5VRBndNNObdZZqdKjnm8q-Bd=s88-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DkvD8S8fRyU?rel=0&autoplay=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4b371ce21b2212340112be52fc16bde4d416ca74a86fea7eea8fe5e58322f1ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 12:51:32 GMT
x-content-type-options
nosniff
age
2993
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3975
x-xss-protection
0
server
fife
etag
"v4c"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 12 Jun 2021 12:51:32 GMT
/
www.facebook.com/tr/
44 B
147 B
Image
General
Full URL
https://www.facebook.com/tr/?id=207764782919509&ev=Microdata&dl=https%3A%2F%2Fmdbizcon.com%2F&rl=&if=false&ts=1623418886800&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Home%22%2C%22meta%3Adescription%22%3A%22f%22%2C%22meta%3Akeywords%22%3A%22home%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.41&r=stable&ec=1&o=30&fbp=fb.1.1623418886799.1338644562&it=1623418885081&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mdbizcon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 13:41:26 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 11 Jun 2021 13:41:26 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 2709
28 B
197 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a0094ae9/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/DkvD8S8fRyU?rel=0&autoplay=1
X-YouTube-Client-Version
1.20210609.1.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtnZnJZRF9LdzM0QSiF0I2GBg%3D%3D
X-YouTube-Ad-Signals
dt=1623418885118&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C421%2C237&vis=1&wgl=true&ca_type=image&bid=ANyPxKpNxA0wbVJY69tKHkGCoe8MgJ7PUtfHGvGVIgnBGRKoyMdvEcf5qsbw-jeDKSMsxHHFww_mDdLHoSeUmWUyyP2z8jMSKQ

Response headers

date
Fri, 11 Jun 2021 13:41:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Fri, 11 Jun 2021 13:41:27 GMT
capture
api.leadpages.io/analytics/v1/observations/
35 B
436 B
XHR
General
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=yYuLLD2TXAb5UVzedrMRGJ&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=36.30000305175781,29.699996948242188,1,482.7999954223633
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://mdbizcon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 13:41:29 GMT
Server
Stargate
Transfer-Encoding
chunked
X-Forwarded-For
37.120.155.217
Content-Type
image/gif
access-control-allow-origin
https://mdbizcon.com
access-control-max-age
600
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
0067ocoqtbns7ulm3lig
access-control-expose-headers
LP-Security-Token
qoe
www.youtube.com/api/stats/ Frame 2709
0
56 B
Ping
General
Full URL
https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=243&afmt=251&cpn=iTbkJ1QHKjICSzGo&ei=BWjDYIbtFcfp1gK_07vgDg&el=embedded&docid=DkvD8S8fRyU&ns=yt&fexp=23983296%2C24001373%2C24004644%2C24007246%2C24015145%2C24034745%2C24042868%2C24044575%2C24050106%2C24052632&cl=378517331&seq=2&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210609.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&bwm=10.006:494237:0.230&bwe=10.006:1871965&bat=10.006:1:1&cmt=10.006:0.000&bh=10.006:16.015&df=10.006:0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a0094ae9/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/DkvD8S8fRyU?rel=0&autoplay=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 13:41:35 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
r1---sn-4g5e6nld.googlevideo.com/ Frame 2709
280 KB
281 KB
XHR
General
Full URL
https://r1---sn-4g5e6nld.googlevideo.com/videoplayback?expire=1623440485&ei=BWjDYIbtFcfp1gK_07vgDg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-APzUj6jiGvCSDHz0qfAkmPPvdTH_7EVbAhLGIOQbccIY&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=YF&mm=31%2C26&mn=sn-4g5e6nld%2Csn-5go7yne6&ms=au%2Conr&mv=m&mvi=1&pl=50&initcwndbps=673750&vprv=1&mime=video%2Fwebm&ns=ySMG3IhR6A4p5kj7rHnsDWQF&gir=yes&clen=2151580&dur=139.681&lmt=1594528631518496&mt=1623418610&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=1211222&n=ohGtuWMsIPKMrw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgYpLAzwHKRItQkJD1g6wFosa4d2IQbCyWvQN9-I_xbBsCIAL2UhbvYsb-KPbA5fQHq91XX1-McklDe-cUSvi2Zawm&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgS1VViQalx01Wws4X232lvhWSHq-84GYB2l5Wz17ZmNwCIQCxD8HJKvFPwQSUKIkrG4aYQ_vLvMDPr35gZeTHlfjBTw%3D%3D&alr=yes&cpn=iTbkJ1QHKjICSzGo&cver=1.20210609.1.0&range=243758-530618&rn=7&rbuf=16016
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a0094ae9/player_ias.vflset/en_US/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:58::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
13055c848bb593caa6695990ec11c767733cd57c78df50b7930ca5ff7d709e1c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 13:41:35 GMT
X-Restrict-Formats-Hint
None
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
286861
Last-Modified
Sun, 12 Jul 2020 04:37:11 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/webm
Access-Control-Allow-Origin
https://www.youtube.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=21290
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
X-Content-Type-Options
nosniff
Expires
Fri, 11 Jun 2021 13:41:35 GMT
videoplayback
r1---sn-4g5e6nld.googlevideo.com/ Frame 2709
250 KB
250 KB
XHR
General
Full URL
https://r1---sn-4g5e6nld.googlevideo.com/videoplayback?expire=1623440485&ei=BWjDYIbtFcfp1gK_07vgDg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-APzUj6jiGvCSDHz0qfAkmPPvdTH_7EVbAhLGIOQbccIY&itag=251&source=youtube&requiressl=yes&mh=YF&mm=31%2C26&mn=sn-4g5e6nld%2Csn-5go7yne6&ms=au%2Conr&mv=m&mvi=1&pl=50&initcwndbps=673750&vprv=1&mime=audio%2Fwebm&ns=ySMG3IhR6A4p5kj7rHnsDWQF&gir=yes&clen=1743556&dur=139.721&lmt=1594528090748343&mt=1623418610&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=1211222&n=ohGtuWMsIPKMrw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgRb4kX7GYHBEBn2L9kXByfdyLRL9iG-cZZgCf-4HamnACIQC6uzHzGbzlXAWGvb4vc1go6ywZ0K6BjzgyZd4MNq2OYQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgS1VViQalx01Wws4X232lvhWSHq-84GYB2l5Wz17ZmNwCIQCxD8HJKvFPwQSUKIkrG4aYQ_vLvMDPr35gZeTHlfjBTw%3D%3D&alr=yes&cpn=iTbkJ1QHKjICSzGo&cver=1.20210609.1.0&range=250479-506813&rn=8&rbuf=20001
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a0094ae9/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:58::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
a2857d94bc1420c2427ba98728051ad4cf37fd7a64f64adce8c23443de568a82
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 13:41:35 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
256335
client-protocol
quic
last-modified
Sun, 12 Jul 2020 04:28:10 GMT
server
gvs 1.0
vary
Origin
content-type
audio/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21290
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Fri, 11 Jun 2021 13:41:35 GMT

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer string| LeadPagesCenterObject function| center object| sup function| $ function| jQuery function| Popper object| jwDefaults object| webpackJsonpjwplayer function| jwplayer function| fbq function| _fbq function| playPause object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

7 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: LoqR9W_cXbE
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: gfrYD_Kw34A
.mdbizcon.com/ Name: _gat_UA-192907638-1
Value: 1
mdbizcon.com/ Name: md_session
Value: djt86rdva39c2sjvrfaf9t788jgvv1rj
.mdbizcon.com/ Name: _ga
Value: GA1.2.1919103995.1623418885
.mdbizcon.com/ Name: _fbp
Value: fb.1.1623418885295.755166922
.mdbizcon.com/ Name: _gid
Value: GA1.2.522315028.1623418885

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.leadpages.io
cdnjs.cloudflare.com
clicks.responsegenius.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
js.center.io
jwpsrv.com
mdbizcon.com
r1---sn-4g5e6nld.googlevideo.com
static.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
13.225.73.226
185.105.66.16
2606:4700:3035::ac43:9e83
2606:4700::6810:125e
2a00:1450:4001:58::7
2a00:1450:4001:800::2003
2a00:1450:4001:802::2002
2a00:1450:4001:802::200a
2a00:1450:4001:80e::2006
2a00:1450:4001:810::2003
2a00:1450:4001:810::200e
2a00:1450:4001:813::200a
2a00:1450:4001:813::2013
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:827::2016
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2008
2a00:1450:400d:804::200e
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.192.151.63
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13055c848bb593caa6695990ec11c767733cd57c78df50b7930ca5ff7d709e1c
1b21d7945f9a9e83d3218aa05a9a97c91d0db52e4682e6392dac56496134ce2d
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
3439175095de850d714058bd2de5bc1533a676a2128685c90d8e8c4225063d44
3521f0e6e99fad9307635bdd4fc5db3ec368b2964236a8f2ef7148d6934715b1
357c32cc007cdab793d90935dbf5cf143a8270ef0ffaa4fa3f6893d0b2fa8c2e
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
3864933b1f612ab18362ffef12a35345144ebba832e2caecbb06e2b79fc56072
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
412979f99062018cc1b3ba7cc84a0c6d03f86f1c1f07f1ee90fa0402ba2d93ed
4200d8892ad4f144ebc45d76e35f3e0f5335cd5ef6d032a1c91721bd9df37483
4a94757b58dec3b22284d15b973e63b663771a3c2931cf62360c672491a1ecbe
4b371ce21b2212340112be52fc16bde4d416ca74a86fea7eea8fe5e58322f1ce
50dbecb3ed007ae3c814e0c220f9e9a153d02fbafa3d9465c4b222042976a8ec
5378cda94297959f70c0d28aba9e13ded6aad08876e1090e067035fac9fdc915
538e904402b956e31de14770863c235aa7eea88a09f524735c9a1261aaa4b8bd
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
67bc675875f4e5e7d636dbc7da38268c23f3a5370233ac2331a7193add7cfd76
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69dd64c0bc42feabb8c5f8f61bdf048be3862714e8c0fbb5a32365441b1a579f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e69b3b2cfc115884df33f10a053fab1c2657546c322aedaed45808eafe0c124
7055019492d5881c0c0b6efd0e05854fb660e3efc53b7e3966e3c3d02eb43104
7a25e34101cecd2bd6be05650801d6283c2b9ef0c0099142f54162a1fbd4d1f0
7e8f01836238e65e8b17809c779baf26e362e7a5520c09998689bc54e56b3d47
8392b5a7089299d42e45e59b957935059f5587264fd4d2be48445e3cbc576626
a2857d94bc1420c2427ba98728051ad4cf37fd7a64f64adce8c23443de568a82
a2e7aa7efd08bb577c4c8d9e51e354a3222185e2d58f2e8a973b5b553841db64
a385b5c97c266efda35652bb12704eacde42d666ea99aa6cb101859e8fee0b46
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a9317ec9e83ec99181b03fafb0f7fb7e1811c9a919ea25622e89e90aff6c5a8c
ab75e8d031c9a57ffa5f8d2fad131144d3374c6ce5fdc06fdf5c6f199f6b1ccd
bcd3f64768960f044898df1f363c6847b512c063b2db6e697a262a860f1f2a9f
c13ddf07e939b7f6f07f37a86bc947d0971485155234916bdc28419d2f662f81
c35610dcf2f612f0d99726862aa2acab8582ebd3d44cbd55a634db9684071225
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
ce3a560a6b1820b9c727960fa098fcb86f481b6bc612a3af97765a8a5399f059
d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d92507b51bd5ccb8f30202cff5fbaea52922fa18304c5139c92508ea11d4efe6
da42ccf0561b421cd0de9fbb901b0930c366bfe8181142c7f59d0f5c2413224c
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bbee0469bca7d49fc347cd8718092a23b3961944d09c1969be436e224b3aa8
e54de3181a107ab20ba489ad856d70f0dc7da14289ee899bde8ee1ac4ff0a7f6
e67794b1d502e696631084e355cbc8cf3f837439d3d77a4133fba06398f86dfb
eba2466470b8c15cd1c6eff448161218c807d42bab78e708945d08537269baed
ece5d0e112db2606c88397eb5532ee4297e2df962bf26c3bfa88471d036d42e6
ed19c4ca5616b5e4ab07ad52dbff6446a96b8a01d4a9e949cd7ad063215b0f7d
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f09e17c4e36cc2842a213b9cb6b9e0f840db5c2707d926b9f3576271a7823687
f21afca4237629952bf3a9bdc5bbccaea4ac5dd8250f2c562abfe1f4ac62a544