herbnarusskom.24bank.su Open in urlscan Pro
5.9.49.156 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://herbnarusskom.24bank.su/
Effective URL:
https://herbnarusskom.24bank.su/
Submission: On December 02 via api (December 2nd 2022, 9:48:39 am UTC) from US — Scanned from US

Summary HTTP 111 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 16 domains to perform 111 HTTP transactions. The main IP is 5.9.49.156, located in Germany and belongs to HETZNER-AS, DE. The main domain is herbnarusskom.24bank.su.
TLS certificate: Issued by R3 on December 1st 2022. Valid for: 3 months.

This is the only time herbnarusskom.24bank.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	5.9.49.156 5.9.49.156	24940 (HETZNER-AS) (HETZNER-AS)
9	2607:f8b0:400... 2607:f8b0:4006:807::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	185.212.130.7 185.212.130.7	200313 (INTERNET-IT) (INTERNET-IT)
1 9	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:821::200a	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:81c::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
18	2607:f8b0:400... 2607:f8b0:4006:808::200e	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80e::2003	15169 (GOOGLE) (GOOGLE)
14	2607:f8b0:400... 2607:f8b0:4006:80e::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81f::2006	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:816::200a	15169 (GOOGLE) (GOOGLE)
1 3	2607:f8b0:400... 2607:f8b0:4006:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80c::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:824::2016	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:9::9	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:9::6	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4009:15::8	15169 (GOOGLE) (GOOGLE)
111	23

14 5.9.49.156 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.156.49.9.5.clients.your-server.de

herbnarusskom.24bank.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
iherbnarusskom.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:807::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::200a (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.212.130.7 (Virgin Islands (British))

ASN200313 (INTERNET-IT, VG)
PTR: mail8.prohoster.biz

aherbnarusskom.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:81e::2002 (Hudson Falls, United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:821::200a (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:81c::2003 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2607:f8b0:4006:808::200e (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80e::2003 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:80e::2001 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::2006 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:816::200a (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80e::2004 (Hudson Falls, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80c::2001 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2016 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:9::9 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

rr4---sn-ab5sznze.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:9::6 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

rr1---sn-ab5sznze.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4009:15::8 (Naperville, United States)

ASN15169 (GOOGLE, US)

rr3---sn-vgqsrnzs.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	352 KB
18	youtube.com www.youtube.com — Cisco Umbrella Rank: 71	877 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com	147 KB
13	24bank.su 1 redirects herbnarusskom.24bank.su	427 KB
11	googlevideo.com rr4---sn-ab5sznze.googlevideo.com — Cisco Umbrella Rank: 22388 rr1---sn-ab5sznze.googlevideo.com — Cisco Umbrella Rank: 22145 rr3---sn-vgqsrnzs.googlevideo.com — Cisco Umbrella Rank: 20499	485 KB
10	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 static.doubleclick.net — Cisco Umbrella Rank: 199	71 KB
9	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 296 fonts.googleapis.com — Cisco Umbrella Rank: 37 jnn-pa.googleapis.com — Cisco Umbrella Rank: 179	39 KB
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 9421	2 KB
5	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	16 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 240	11 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 182	95 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3665	57 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 83	2 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 859	694 B
1	aherbnarusskom.ru aherbnarusskom.ru	30 KB
1	iherbnarusskom.ru iherbnarusskom.ru	2 KB
111	16

	Domain	Requested by
18	www.youtube.com	herbnarusskom.24bank.su www.youtube.com
14	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
13	herbnarusskom.24bank.su	1 redirects herbnarusskom.24bank.su
9	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
9	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com herbnarusskom.24bank.su www.youtube.com googleads.g.doubleclick.net
9	pagead2.googlesyndication.com	herbnarusskom.24bank.su pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
5	rr3---sn-vgqsrnzs.googlevideo.com	www.youtube.com
5	mc.yandex.com	2 redirects herbnarusskom.24bank.su
4	jnn-pa.googleapis.com	www.youtube.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	ajax.googleapis.com googleads.g.doubleclick.net
3	rr1---sn-ab5sznze.googlevideo.com	www.youtube.com
3	rr4---sn-ab5sznze.googlevideo.com	www.youtube.com
3	www.google.com	1 redirects www.youtube.com tpc.googlesyndication.com
2	yt3.ggpht.com	www.youtube.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	mc.yandex.ru	1 redirects herbnarusskom.24bank.su
1	i.ytimg.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	aherbnarusskom.ru	herbnarusskom.24bank.su
1	ajax.googleapis.com	herbnarusskom.24bank.su
1	iherbnarusskom.ru	herbnarusskom.24bank.su
111	24

This site contains links to these domains. Also see Links.

Domain
ru.iherb.com
www.iherb.com
katuhus.com

Subject Issuer	Validity	Valid
herbnarusskom.24bank.su R3	`2022-12-01` - `2023-03-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
iherbnarusskom.ru R3	`2022-10-08` - `2023-01-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
aherbnarusskom.ru R3	`2022-10-05` - `2023-01-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-11-08` - `2023-01-17`	2 months	crt.sh

This page contains 11 frames:

Primary Page: https://herbnarusskom.24bank.su/
Frame ID: D86AADD3F4964542D261DD9AED23B688
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: D351F11BEA42A110AF303FD739866688
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&adk=1812271804&adf=1573534164&lmt=1669915798&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fherbnarusskom.24bank.su%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669974511592&bpp=4&bdt=474&idt=253&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1041528304092&frm=20&pv=2&ga_vid=1760842626.1669974512&ga_sid=1669974512&ga_hid=476975594&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531705&oid=2&pvsid=2413767052711847&tmod=1446699015&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=284
Frame ID: 022603F91A56E1A6E89FD748B9D0B4FA
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/c7ftDuZ3JRA?showinfo=0&?autoplay=1&controls=0&rel=0&modestbranding=1&iv_load_policy=3&enablejsapi=1&origin=https%3A%2F%2Fherbnarusskom.24bank.su&widgetid=1
Frame ID: 770C6B1BD369E3B0D8A4252A95CBF19A
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: 797203F94433C4CCCDB01DE4C86A25D4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6B039C433FA0B25A27CC21FDD4C5D07C
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 3489FFD3CDEA8494138C5C7F438F9E02
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
Frame ID: B321FAA05C2E7918F7539A30F801CBE7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5EBD76BCEC67FE3051EE52D0DF468FF6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5598D3B15CFC9A9DDC96EE14B5253CF2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D3DB1AC8AF0BDF4BF31995EE08EA0C56
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

iHerb (Айхерб) на русском официальный сайт магазина: каталог, регистрация, скидки и цены

Page URL History Show full URLs

http://herbnarusskom.24bank.su/ HTTP 301
https://herbnarusskom.24bank.su/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

111
Requests

97 %
HTTPS

91 %
IPv6

16
Domains

24
Subdomains

23
IPs

4
Countries

2612 kB
Transfer

6443 kB
Size

18
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://ru.iherb.com/specials/?rcode=JER1039

Search URL Search Domain Scan URL

URL: https://www.iherb.com/?rcode=JER1039
Title: Вход на iHerb

Search URL Search Domain Scan URL

URL: https://katuhus.com/g/ne8o9l7b618f07df86df8753afd1f1/?i=4
Title: <img width=300 height=600 border=0 src=https://ad.admitad.com/b/ne8o9l7b618f07df86df8753afd1f1/ alt="Letyshops [lifetime]">

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://herbnarusskom.24bank.su/ HTTP 301
https://herbnarusskom.24bank.su/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9840.jmcZ0WdwDPxUUDpLOvZiUOYpMVtjKcrLGsjUFg00lU40-8sYWaMFRRIpJwOQt6uE.7dSpsHY5qIlnKMMUGBT3p5MuE_8%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9840.J4uQJYjYrNzr8GEycxZc30ctfD9EccQ7WpvPl9JnyJio6IhJQqGwvDNyKGGjF8naC5iNCeV7ZZRpB7IAoAmIpGHV9Osaf_OuxN1NvpnplSQ%2C.uuzzHMCJXc4ucnjO8e5f8azaVyw%2C

Request Chain 54

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 76

https://mc.yandex.com/watch/69566722?wmode=7&page-url=https%3A%2F%2Fherbnarusskom.24bank.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Assb7e99gu042u1d5clb78%3Afp%3A1223%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1334021893705%3Ahid%3A306399696%3Az%3A0%3Ai%3A20221202094832%3Aet%3A1669974512%3Ac%3A1%3Arn%3A260932190%3Arqn%3A1%3Au%3A1669974512286098202%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C196%2C197%2C2%2C489%2C0%2C%2C512%2C15%2C%2C%2C%2C1402%3Aco%3A0%3Acpf%3A1%3Ans%3A1669974510225%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669974513%3At%3AiHerb%20(%D0%90%D0%B9%D1%85%D0%B5%D1%80%D0%B1)%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BC%D0%B0%D0%B3%D0%B0%D0%B7%D0%B8%D0%BD%D0%B0%3A%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%2C%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%2C%20%D1%81%D0%BA%D0%B8%D0%B4%D0%BA%D0%B8%20%D0%B8%20%D1%86%D0%B5%D0%BD%D1%8B&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/69566722/1?wmode=7&page-url=https%3A%2F%2Fherbnarusskom.24bank.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Assb7e99gu042u1d5clb78%3Afp%3A1223%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1334021893705%3Ahid%3A306399696%3Az%3A0%3Ai%3A20221202094832%3Aet%3A1669974512%3Ac%3A1%3Arn%3A260932190%3Arqn%3A1%3Au%3A1669974512286098202%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C196%2C197%2C2%2C489%2C0%2C%2C512%2C15%2C%2C%2C%2C1402%3Aco%3A0%3Acpf%3A1%3Ans%3A1669974510225%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669974513%3At%3AiHerb%20%28%D0%90%D0%B9%D1%85%D0%B5%D1%80%D0%B1%29%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BC%D0%B0%D0%B3%D0%B0%D0%B7%D0%B8%D0%BD%D0%B0%3A%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%2C%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%2C%20%D1%81%D0%BA%D0%B8%D0%B4%D0%BA%D0%B8%20%D0%B8%20%D1%86%D0%B5%D0%BD%D1%8B&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 89

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

111 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
herbnarusskom.24bank.su/
Redirect Chain

http://herbnarusskom.24bank.su/
https://herbnarusskom.24bank.su/

89 KB
22 KB

394ms
197ms

Document
text/html

5.9.49.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://herbnarusskom.24bank.su/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.49.156 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.156.49.9.5.clients.your-server.de

Software

nginx/1.20.2 /

Resource Hash

468add2fcb72d13ac0e9b791faaada998d8511e32a856dfc4211bef496e5febd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0, public
content-encoding: gzip
content-length: 21900
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 09:48:30 GMT
etag: "558c-5eec791f9fdb3"
expires: Fri, 02 Dec 2022 09:48:30 GMT
last-modified: Thu, 01 Dec 2022 17:29:58 GMT
pragma: public
referrer-policy
server: nginx/1.20.2
strict-transport-security: max-age=31536000
vary: Accept-Encoding,Cookie

Redirect headers

Connection: keep-alive
Content-Length: 169
Content-Type: text/html
Date: Fri, 02 Dec 2022 09:48:30 GMT
Location: https://herbnarusskom.24bank.su/
Server: nginx/1.20.2

GET
H2 200 autoptimize_29952eaf29a0f038fcf3df0fbde1abec.css
herbnarusskom.24bank.su/wp-content/cache/autoptimize/css/ 209 KB
46 KB 102ms
102ms Stylesheet
text/css 5.9.49.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://herbnarusskom.24bank.su/wp-content/cache/autoptimize/css/autoptimize_29952eaf29a0f038fcf3df0fbde1abec.css

Requested by

Host: herbnarusskom.24bank.su
URL: https://herbnarusskom.24bank.su/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.49.156 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.156.49.9.5.clients.your-server.de

Software

nginx/1.20.2 /

Resource Hash

fef6b289c70c1532aad3ea64e088abedbaa3394af62ce70099115b585d1adeb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbnarusskom.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:48:31 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 25 Nov 2022 07:38:37 GMT
server: nginx/1.20.2
etag: W/"638070fd-34559"
content-type: text/css
cache-control: max-age=3888000
expires: Mon, 16 Jan 2023 09:48:31 GMT

GET
H2 200 jquery.js Show response
herbnarusskom.24bank.su/wp-includes/js/jquery/ 95 KB
34 KB 197ms
197ms Script
application/javascript 5.9.49.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://herbnarusskom.24bank.su/wp-includes/js/jquery/jquery.js

Requested by

Host: herbnarusskom.24bank.su
URL: https://herbnarusskom.24bank.su/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.49.156 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.156.49.9.5.clients.your-server.de

Software

nginx/1.20.2 /

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbnarusskom.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:48:31 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 25 Feb 2020 12:13:11 GMT
server: nginx/1.20.2
etag: W/"5e550f57-17a69"
content-type: application/javascript; charset=utf-8
cache-control: max-age=3888000
expires: Mon, 16 Jan 2023 09:48:31 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
48 KB 116ms
90ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: herbnarusskom.24bank.su
URL: https://herbnarusskom.24bank.su/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b467166e22b4bef89768a98bedd65bee52101217ff736d7b442443680db8014

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbnarusskom.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:48:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48937
x-xss-protection: 0
server: cafe
etag: 14855691536603789942
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 02 Dec 2022 09:48:31 GMT

GET
H2 200 logo_min.png
iherbnarusskom.ru/wp-content/uploads/2020/02/ 2 KB
2 KB 661ms
97ms Image
image/png 5.9.49.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iherbnarusskom.ru/wp-content/uploads/2020/02/logo_min.png
Requested by: Host: herbnarusskom.24bank.su
URL: https://herbnarusskom.24bank.su/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.9.49.156 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.156.49.9.5.clients.your-server.de
Software: nginx/1.20.2 /
Resource Hash: 80a52dc4fdbcf9fb5921df423017f0af11a26ad927108e25f34d9f94558abb5e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbnarusskom.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:48:31 GMT
last-modified: Tue, 25 Feb 2020 13:33:48 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "5e55223c-6d9"
content-length: 1753
content-type: image/png

GET
H2 200 lazy_placeholder.gif
herbnarusskom.24bank.su/wp-content/plugins/a3-lazy-load/assets/images/ 42 B
251 B 98ms
96ms Image
image/gif 5.9.49.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herbnarusskom.24bank.su/wp-content/plugins/a3-lazy-load/assets/images/lazy_placeholder.gif

Requested by

Host: herbnarusskom.24bank.su
URL: https://herbnarusskom.24bank.su/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.49.156 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.156.49.9.5.clients.your-server.de

Software

nginx/1.20.2 /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbnarusskom.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:48:31 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Feb 2020 12:15:16 GMT
server: nginx/1.20.2
etag: "5e550fd4-2a"
content-type: image/gif
cache-control: max-age=3888000
accept-ranges: bytes
content-length: 42
expires: Mon, 16 Jan 2023 09:48:31 GMT

GET
H2 200 autoptimize_11d2f2ca718aeaf91dbac89933e2d716.js Show response
herbnarusskom.24bank.su/wp-content/cache/autoptimize/js/ 29 KB
11 KB 101ms
100ms Script
application/javascript 5.9.49.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://herbnarusskom.24bank.su/wp-content/cache/autoptimize/js/autoptimize_11d2f2ca718aeaf91dbac89933e2d716.js

Requested by

Host: herbnarusskom.24bank.su
URL: https://herbnarusskom.24bank.su/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.49.156 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.156.49.9.5.clients.your-server.de

Software

nginx/1.20.2 /

Resource Hash

65a04fa142608a9b1f288d1e0e03f7061e61158828c1f1539cec0dff75805f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbnarusskom.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:48:31 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 25 Nov 2022 07:43:32 GMT
server: nginx/1.20.2
etag: W/"63807224-732e"
content-type: application/javascript; charset=utf-8
cache-control: max-age=3888000
expires: Mon, 16 Jan 2023 09:48:31 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
6 KB 26ms
5ms Script
text/javascript 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: herbnarusskom.24bank.su
URL: https://herbnarusskom.24bank.su/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbnarusskom.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 22:50:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 22:50:20 GMT

GET
H2 200 loading.gif
herbnarusskom.24bank.su/wp-content/plugins/a3-lazy-load/assets/css/ 2 KB
2 KB 97ms
96ms Image
image/gif 5.9.49.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herbnarusskom.24bank.su/wp-content/plugins/a3-lazy-load/assets/css/loading.gif

Requested by

Host: herbnarusskom.24bank.su
URL: https://herbnarusskom.24bank.su/wp-content/cache/autoptimize/css/autoptimize_29952eaf29a0f038fcf3df0fbde1abec.css

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.49.156 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.156.49.9.5.clients.your-server.de

Software

nginx/1.20.2 /

Resource Hash

b6e4dff920e21e3f436a014140d01d43c97177e007556ede69f772f08cb7a7ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbnarusskom.24bank.su/wp-content/cache/autoptimize/css/autoptimize_29952eaf29a0f038fcf3df0fbde1abec.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:48:31 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Feb 2020 12:15:16 GMT
server: nginx/1.20.2
etag: "5e550fd4-69a"
content-type: image/gif
cache-control: max-age=3888000
accept-ranges: bytes
content-length: 1690
expires: Mon, 16 Jan 2023 09:48:31 GMT

GET
H2 200 fontawesome-webfont.woff2
herbnarusskom.24bank.su/wp-content/themes/root/fonts/ 75 KB
76 KB 99ms
98ms Font
font/woff2 5.9.49.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://herbnarusskom.24bank.su/wp-content/themes/root/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: herbnarusskom.24bank.su
URL: https://herbnarusskom.24bank.su/wp-content/cache/autoptimize/css/autoptimize_29952eaf29a0f038fcf3df0fbde1abec.css

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.49.156 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.156.49.9.5.clients.your-server.de

Software

nginx/1.20.2 /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://herbnarusskom.24bank.su/wp-content/cache/autoptimize/css/autoptimize_29952eaf29a0f038fcf3df0fbde1abec.css
Origin: https://herbnarusskom.24bank.su
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:48:31 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Feb 2020 12:13:11 GMT
server: nginx/1.20.2
etag: "5e550f57-12d68"
content-type: font/woff2
cache-control: max-age=3888000
accept-ranges: bytes
content-length: 77160
expires: Mon, 16 Jan 2023 09:48:31 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 160 KB
57 KB 549ms
268ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: herbnarusskom.24bank.su
URL: https://herbnarusskom.24bank.su/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

b9b55eda4118e5fda9876af796e33d19cbb2661da9e0594f2d7837039f0e0ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbnarusskom.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:48:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
etag: "6388ac0c-e14c"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 57676
expires: Fri, 02 Dec 2022 10:48:31 GMT

GET
H2 200 iherb-code.jpg
aherbnarusskom.ru/wp-content/uploads/2020/11/ 30 KB
30 KB 645ms
163ms Image
image/jpeg 185.212.130.7
INTERNET-IT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aherbnarusskom.ru/wp-content/uploads/2020/11/iherb-code.jpg

Requested by

Host: herbnarusskom.24bank.su
URL: https://herbnarusskom.24bank.su/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.212.130.7 , Virgin Islands (British), ASN200313 (INTERNET-IT, VG),

Reverse DNS

mail8.prohoster.biz

Software

nginx/1.20.1 /

Resource Hash

8c5a339dc4b8a652bfe822a0ee3ee074632db57f096ad9452ee46e38b9a6f6bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbnarusskom.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:48:33 GMT
strict-transport-security: max-age=31536000;
last-modified: Thu, 19 Nov 2020 12:26:45 GMT
server: nginx/1.20.1
etag: "5fb66485-76ef"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 30447
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/ 354 KB
117 KB 59ms
58ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

506085489a41c95684f355a8b1aede576cdd7d68f9249e32ae4c50d2eafbed00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbnarusskom.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:48:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119162
x-xss-protection: 0
server: cafe
etag: 2055464198303699085
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Dec 2022 09:48:31 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame D351 10 KB
5 KB 37ms
12ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://herbnarusskom.24bank.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 10316
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 06:56:35 GMT
etag: 10353107486223812946
expires: Fri, 16 Dec 2022 06:56:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 53ms
22ms Stylesheet
text/css 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400i,700

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df2e2f60eefb3c59e48bdc71278b73e5960febd018b18c2554ad27050bcd3719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbnarusskom.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 02 Dec 2022 09:48:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 08:30:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Dec 2022 09:48:31 GMT

GET
H2 200 jquery.simplemarquee.js Show response
herbnarusskom.24bank.su/wp-content/plugins/videtiser/assets/js/ 13 KB
3 KB 104ms
103ms Script
application/javascript 5.9.49.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://herbnarusskom.24bank.su/wp-content/plugins/videtiser/assets/js/jquery.simplemarquee.js

Requested by

Host: herbnarusskom.24bank.su
URL: https://herbnarusskom.24bank.su/wp-content/cache/autoptimize/js/autoptimize_11d2f2ca718aeaf91dbac89933e2d716.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.49.156 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.156.49.9.5.clients.your-server.de

Software

nginx/1.20.2 /

Resource Hash

8b1d4eaca46e32a9953e73fcdcaeaa623e0b9590245a1359b683ffb27e7d955e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbnarusskom.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:48:31 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 25 Feb 2020 12:13:11 GMT
server: nginx/1.20.2
etag: W/"5e550f57-3222"
content-type: application/javascript; charset=utf-8
cache-control: max-age=3888000
expires: Mon, 16 Jan 2023 09:48:31 GMT

GET
H2 200 videtiser.js Show response
herbnarusskom.24bank.su/wp-content/plugins/videtiser/assets/js/ 7 KB
2 KB 105ms
104ms Script
application/javascript 5.9.49.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://herbnarusskom.24bank.su/wp-content/plugins/videtiser/assets/js/videtiser.js

Requested by

Host: herbnarusskom.24bank.su
URL: https://herbnarusskom.24bank.su/wp-content/cache/autoptimize/js/autoptimize_11d2f2ca718aeaf91dbac89933e2d716.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.49.156 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.156.49.9.5.clients.your-server.de

Software

nginx/1.20.2 /

Resource Hash

a1d3af5ae579dbe85f0ef580837d2a8aa1bf69b7b60592fcb0484ee8244adfb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbnarusskom.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:48:31 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 25 Feb 2020 12:13:11 GMT
server: nginx/1.20.2
etag: W/"5e550f57-1a76"
content-type: application/javascript; charset=utf-8
cache-control: max-age=3888000
expires: Mon, 16 Jan 2023 09:48:31 GMT

GET
H2 200 iherb_1.jpg
herbnarusskom.24bank.su/wp-content/uploads/2020/02/ 131 KB
131 KB 102ms
101ms Image
image/jpeg 5.9.49.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herbnarusskom.24bank.su/wp-content/uploads/2020/02/iherb_1.jpg

Requested by

Host: herbnarusskom.24bank.su
URL: https://herbnarusskom.24bank.su/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.49.156 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.156.49.9.5.clients.your-server.de

Software

nginx/1.20.2 /

Resource Hash

6fa9a36c70a87538889c1c6873ad7c0628aab92f872aaa56628706ac22b2ac5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbnarusskom.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:48:31 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Feb 2020 14:05:29 GMT
server: nginx/1.20.2
etag: "5e5529a9-20ac4"
content-type: image/jpeg
cache-control: max-age=3888000
accept-ranges: bytes
content-length: 133828
expires: Mon, 16 Jan 2023 09:48:31 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 25ms
6ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://herbnarusskom.24bank.su
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 22:31:34 GMT
x-content-type-options: nosniff
age: 127017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 22:31:34 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 23ms
7ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://herbnarusskom.24bank.su
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 13:22:36 GMT
x-content-type-options: nosniff
age: 73555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 13:22:36 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 27ms
12ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://herbnarusskom.24bank.su
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 19:39:16 GMT
x-content-type-options: nosniff
age: 137355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 19:39:16 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 22ms
11ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://herbnarusskom.24bank.su
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 19:41:03 GMT
x-content-type-options: nosniff
age: 137248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 19:41:03 GMT

GET
H3 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 18ms
5ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://herbnarusskom.24bank.su
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 17:38:42 GMT
x-content-type-options: nosniff
age: 58189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 17:38:42 GMT

GET
H3 200 KFOkCnqEu92Fr1Mu51xMIzIFKw.woff2
fonts.gstatic.com/s/roboto/v30/ 10 KB
10 KB 5ms
5ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xMIzIFKw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6933e678530b263486fa7b185a449cac947e1496ef61d496642032f339e9e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://herbnarusskom.24bank.su
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 00:06:18 GMT
x-content-type-options: nosniff
age: 121333
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10292
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 00:06:18 GMT

GET
H2 200 iherb_2.jpg
herbnarusskom.24bank.su/wp-content/uploads/2020/02/ 96 KB
96 KB 97ms
97ms Image
image/jpeg 5.9.49.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herbnarusskom.24bank.su/wp-content/uploads/2020/02/iherb_2.jpg

Requested by

Host: herbnarusskom.24bank.su
URL: https://herbnarusskom.24bank.su/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.49.156 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.156.49.9.5.clients.your-server.de

Software

nginx/1.20.2 /

Resource Hash

13643cfd8909a7a4ff22eb7382896a985a691f1662bf40d32aa6e79962d3b224

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbnarusskom.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:48:31 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Feb 2020 14:10:31 GMT
server: nginx/1.20.2
etag: "5e552ad7-17e63"
content-type: image/jpeg
cache-control: max-age=3888000
accept-ranges: bytes
content-length: 97891
expires: Mon, 16 Jan 2023 09:48:31 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
694 B 41ms
19ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=herbnarusskom.24bank.su&callback=_gfp_s_&client=ca-pub-1114993438075446&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c02305b438489b8cf5f6344a011bde64454e73ad49404d232c2257611e30aac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbnarusskom.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:48:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 38ms
19ms Script
application/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=herbnarusskom.24bank.su

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbnarusskom.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:48:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0226 241 KB
57 KB 354ms
336ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&adk=1812271804&adf=1573534164&lmt=1669915798&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fherbnarusskom.24bank.su%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669974511592&bpp=4&bdt=474&idt=253&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1041528304092&frm=20&pv=2&ga_vid=1760842626.1669974512&ga_sid=1669974512&ga_hid=476975594&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531705&oid=2&pvsid=2413767052711847&tmod=1446699015&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=284

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfc78d45fa53bf23ba38b14316639f3bd5a0b4c50418a1f17b6f70714160a471

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://herbnarusskom.24bank.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 58551
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 09:48:32 GMT
expires: Fri, 02 Dec 2022 09:48:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe_api Show response
www.youtube.com/ 1 KB
2 KB 53ms
33ms Script
text/javascript 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: herbnarusskom.24bank.su
URL: https://herbnarusskom.24bank.su/wp-content/plugins/videtiser/assets/js/videtiser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0762c9e44bfa46e2e56e7908e69696eb5e3b92f93a11d824f6bc43f47244c7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbnarusskom.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:48:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 02 Dec 2022 09:48:31 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/dab28f34/www-widgetapi.vflset/ 161 KB
53 KB 21ms
6ms Script
text/javascript 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dab28f34/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edae723b0ed9ce7951cb1fc7bbb2163f91779db1a85bdacffc78ddf209e5f8ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbnarusskom.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67547
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53976
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 01 Dec 2023 15:02:44 GMT

GET
H3 200 c7ftDuZ3JRA Show response
www.youtube.com/embed/ Frame 770C 69 KB
28 KB 109ms
90ms Document
text/html 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/c7ftDuZ3JRA?showinfo=0&?autoplay=1&controls=0&rel=0&modestbranding=1&iv_load_policy=3&enablejsapi=1&origin=https%3A%2F%2Fherbnarusskom.24bank.su&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9ac20b10990d3ec3c7032d4422dfa55a366479dddde85851d814676ebd34ef0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://herbnarusskom.24bank.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 09:48:32 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9840.jmcZ0WdwDPxUUDpLOvZiUOYpMVtjKcrLGsjUFg00lU40-8sYWaMFRRIpJwOQt6uE.7dSpsHY5qIlnKMMUGBT3p5MuE_8%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9840.J4uQJYjYrNzr8GEycxZc30ctfD9EccQ7WpvPl9JnyJio6IhJQqGwvDNyKGGjF8naC5iNCeV7ZZRpB7IAoAmIpGHV9Osaf_OuxN1NvpnplSQ%2C.uuzzHMCJXc4ucnjO8e5f8azaVyw%2C

75 B
75 B

140ms
139ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9840.J4uQJYjYrNzr8GEycxZc30ctfD9EccQ7WpvPl9JnyJio6IhJQqGwvDNyKGGjF8naC5iNCeV7ZZRpB7IAoAmIpGHV9Osaf_OuxN1NvpnplSQ%2C.uuzzHMCJXc4ucnjO8e5f8azaVyw%2C

Requested by

Host: herbnarusskom.24bank.su
URL: https://herbnarusskom.24bank.su/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbnarusskom.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:48:32 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9840.J4uQJYjYrNzr8GEycxZc30ctfD9EccQ7WpvPl9JnyJio6IhJQqGwvDNyKGGjF8naC5iNCeV7ZZRpB7IAoAmIpGHV9Osaf_OuxN1NvpnplSQ%2C.uuzzHMCJXc4ucnjO8e5f8azaVyw%2C
date: Fri, 02 Dec 2022 09:48:32 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
136 B 139ms
139ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: herbnarusskom.24bank.su
URL: https://herbnarusskom.24bank.su/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbnarusskom.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:48:32 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
etag: "6388ac0c-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 02 Dec 2022 10:48:32 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/dab28f34/ Frame 770C 360 KB
49 KB 6ms
6ms Stylesheet
text/css 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dab28f34/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/c7ftDuZ3JRA?showinfo=0&?autoplay=1&controls=0&rel=0&modestbranding=1&iv_load_policy=3&enablejsapi=1&origin=https%3A%2F%2Fherbnarusskom.24bank.su&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c8fb02f68e820bfcc5da89d05e5903e066828ef585e86d69b585af69f21216e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/c7ftDuZ3JRA?showinfo=0&?autoplay=1&controls=0&rel=0&modestbranding=1&iv_load_policy=3&enablejsapi=1&origin=https%3A%2F%2Fherbnarusskom.24bank.su&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 16:01:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64042
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49849
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 01 Dec 2023 16:01:10 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/dab28f34/www-embed-player.vflset/ Frame 770C 314 KB
97 KB 9ms
7ms Script
text/javascript 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dab28f34/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e266c87ad4ccde16ed22725e4369cbcb9522ad41233d435a2e5636f463907b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/c7ftDuZ3JRA?showinfo=0&?autoplay=1&controls=0&rel=0&modestbranding=1&iv_load_policy=3&enablejsapi=1&origin=https%3A%2F%2Fherbnarusskom.24bank.su&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67548
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99243
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 01 Dec 2023 15:02:44 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/ Frame 770C 2 MB
580 KB 13ms
11ms Script
text/javascript 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c58604b37c66b22b4249bd6d4bc415699d3112f70ef7cbc279aded40d05d8c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/c7ftDuZ3JRA?showinfo=0&?autoplay=1&controls=0&rel=0&modestbranding=1&iv_load_policy=3&enablejsapi=1&origin=https%3A%2F%2Fherbnarusskom.24bank.su&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 16:01:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64042
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 593839
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 01 Dec 2023 16:01:10 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/dab28f34/fetch-polyfill.vflset/ Frame 770C 9 KB
3 KB 16ms
15ms Script
text/javascript 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dab28f34/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/c7ftDuZ3JRA?showinfo=0&?autoplay=1&controls=0&rel=0&modestbranding=1&iv_load_policy=3&enablejsapi=1&origin=https%3A%2F%2Fherbnarusskom.24bank.su&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67548
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 01 Dec 2023 15:02:44 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 770C 15 KB
15 KB 12ms
9ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 15:59:51 GMT
x-content-type-options: nosniff
age: 236921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 29 Nov 2023 15:59:51 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 770C 15 KB
15 KB 13ms
10ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 13:23:45 GMT
x-content-type-options: nosniff
age: 159887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 13:23:45 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/ 150 KB
51 KB 41ms
39ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29f25894a15573fbd2e51fa6e7ffd65e3cd0c2bfa0be8a60860ca462b29b6b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbnarusskom.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:48:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52268
x-xss-protection: 0
server: cafe
etag: 5609290932319849854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Dec 2022 09:48:32 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 35ms
21ms Script
application/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=herbnarusskom.24bank.su

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbnarusskom.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame 7972 10 KB
4 KB 6ms
5ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://herbnarusskom.24bank.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 47562
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Dec 2022 20:35:50 GMT
etag: 10353107486223812946
expires: Thu, 15 Dec 2022 20:35:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame 6B03 10 KB
4 KB 6ms
5ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://herbnarusskom.24bank.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 47562
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Dec 2022 20:35:50 GMT
etag: 10353107486223812946
expires: Thu, 15 Dec 2022 20:35:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 7972 4 KB
636 B 40ms
27ms Stylesheet
text/css 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 02 Dec 2022 09:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 08:21:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Dec 2022 09:48:32 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7972 205 B
744 B 32ms
8ms Image
image/png 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 01:15:19 GMT
x-content-type-options: nosniff
age: 203593
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 30 Nov 2023 01:15:19 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7972 604 B
696 B 33ms
9ms Image
image/png 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 20:46:07 GMT
x-content-type-options: nosniff
age: 219745
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 29 Nov 2023 20:46:07 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 7972 19 KB
8 KB 31ms
9ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 20:49:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46720
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8086
x-xss-protection: 0
server: cafe
etag: 7427986489964165156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Dec 2022 20:49:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6B03 4 KB
621 B 31ms
27ms Stylesheet
text/css 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 02 Dec 2022 09:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 08:03:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Dec 2022 09:48:32 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 6B03 2 KB
846 B 23ms
14ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 20:49:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46719
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Dec 2022 20:49:53 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6B03 0
0 82ms
82ms Fetch
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CoTh078mJY6OOOMeC_gShk6GoBr-9ydtthqnbvPoQv_ey4JUOEAEgtLj-ImDJxqmLwKTYD6ABo7Xu-CjIAQmpAs3GpFCNo7E-qAMByAPLBKoEhwJP0K7kjpcNRp0VEv4EpowGrvg8I3hLbwxzej5PRptm0Xq8IUXPuMzUxXssHQr5wz_xEXWcUEfq3Vr5Fso6fxIENQDGCgAkuFGVkqd99yu7-j66fIuSRHi-by_RRuwrJzST7VaQLYP6OAyMSvoa0Hmth6FfqoKtbOWFhV098iGT9tSeiKHm7DMt6ZgDjidxbkt0W7GQ1UG1-9stmxfhOqRxlsgQpUyn4Ab2cFEePdOVJqZLIkOHV4sT2Vo_3YehzWExKxE7pAKv85tpGPbOWrdnXnc4ah5EqarCpYxYk20cK_5V1W3AyLmHBtLT2sSuuAYDYOJY8Yc2K6r4LFmCjgBq9nrQSAD4csAE2a2RrZ0EkgUECAQYAZIFBAgFGASgBi6AB6PtvtgDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwUQo4SSBtIIDwiAYRABGB8yAooCOgKAQIAKAcgLAbgT5APYEw3QFQGAFwGyFxwKGggAEhRwdWItMTExNDk5MzQzODA3NTQ0NhgA&sigh=vKYGda8Jd1U&uach_m=[UACH]&cid=CAQSGwDq26N9vkS7TBLft7kIfyx-Dq-0fqc0uJnrrhgBIBM&template_id=484

Requested by

Host: herbnarusskom.24bank.su
URL: https://herbnarusskom.24bank.su/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 02 Dec 2022 09:48:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 02 Dec 2022 09:48:32 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 6B03 23 KB
10 KB 10ms
6ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 20:49:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46720
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Dec 2022 20:49:52 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 6B03 3 KB
1 KB 17ms
14ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 23:14:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Dec 2022 23:14:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 6B03 18 KB
7 KB 10ms
7ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 23:14:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Dec 2022 23:14:35 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6B03 155 KB
48 KB 46ms
24ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 02 Dec 2022 09:48:32 GMT

GET
H2 200 83de75e735dabeddf4e705de6f0a2f41.js Show response
www.gstatic.com/mysidia/ Frame 6B03 34 KB
14 KB 12ms
9ms Script
text/javascript 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 20:42:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14157
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 21:37:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Mar 2023 20:42:29 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 770C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
159 B

19ms
19ms

XHR
application/json

2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16d88035f2ae37c1a28a40d6d1a7e8e3a06fe64eb8890ad38fe01a4afbd72182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 02 Dec 2022 09:48:32 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 770C 29 B
588 B 29ms
5ms Script
text/javascript 2607:f8b0:4006:81f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:34:43 GMT
x-content-type-options: nosniff
age: 829
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Dec 2022 09:49:43 GMT

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/809501962018616135/ Frame 6B03 35 KB
35 KB 23ms
7ms Image
image/jpeg 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/809501962018616135/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf3d9c90bca1ba4087166c33563837d773ea43d3650e727414c2b46345421b0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:32:14 GMT
x-content-type-options: nosniff
age: 152178
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36010
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 18:52:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 30 Nov 2023 15:32:14 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8613947210465666894/ Frame 6B03 1 KB
1 KB 24ms
9ms Image
image/png 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8613947210465666894/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c48405cd099aeaefe68cbb972e3fd9e46fae50a6f75cffd3b84814e24cc744ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 02:33:17 GMT
x-content-type-options: nosniff
age: 112515
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1456
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 18:50:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Dec 2023 02:33:17 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 31ms
12ms Preflight
text/html 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Fri, 02 Dec 2022 09:48:32 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 770C 65 KB
30 KB 34ms
21ms XHR
application/json+protobuf 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6ea9195248fff7b0492039092aa87508d99e64a23c5c14c9dae6edfca89cf66b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 02 Dec 2022 09:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30515
x-xss-protection: 0

GET
H2 200 ayf-ZXn06Q-bf2kvL7HvZn-6GmgIdMcaNWCzb_-s5mI.js Show response
www.google.com/js/th/ Frame 770C 36 KB
14 KB 23ms
5ms Script
text/javascript 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/ayf-ZXn06Q-bf2kvL7HvZn-6GmgIdMcaNWCzb_-s5mI.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b27fe6579f4e90f9b7f692f2fb1ef667fba1a680874c71a3560b36ffface662

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 19:39:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14218
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 19:39:00 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/ Frame 770C 26 KB
8 KB 7ms
5ms Script
text/javascript 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

927880808b04d38324c6478d81795bfcc4cf1d4a52a1d8c41a7b59d5bb991b11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/c7ftDuZ3JRA?showinfo=0&?autoplay=1&controls=0&rel=0&modestbranding=1&iv_load_policy=3&enablejsapi=1&origin=https%3A%2F%2Fherbnarusskom.24bank.su&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 16:01:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63999
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8242
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 01 Dec 2023 16:01:53 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3489 8 KB
895 B 28ms
28ms Stylesheet
text/css 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 02 Dec 2022 09:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 08:14:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Dec 2022 09:48:32 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 3489 2 KB
765 B 6ms
5ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 20:49:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46719
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Dec 2022 20:49:53 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 3489 23 KB
9 KB 5ms
4ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 20:49:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46720
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Dec 2022 20:49:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 3489 3 KB
1 KB 9ms
6ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 23:14:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Dec 2022 23:14:35 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 3489 18 KB
7 KB 7ms
5ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 23:14:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Dec 2022 23:14:35 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3489 155 KB
47 KB 56ms
37ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 02 Dec 2022 09:48:32 GMT

GET
H3 200 83de75e735dabeddf4e705de6f0a2f41.js Show response
www.gstatic.com/mysidia/ Frame 3489 34 KB
14 KB 25ms
6ms Script
text/javascript 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 20:42:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14157
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 21:37:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Mar 2023 20:42:29 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 770C 90 B
134 B 17ms
16ms XHR
application/json+protobuf 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f7c4f3973f625c4d375cf740cfba78f8bccb82a815b586877296613a9277add

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 02 Dec 2022 09:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 13ms
13ms Preflight
text/html 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Fri, 02 Dec 2022 09:48:32 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 icons-set2.png
herbnarusskom.24bank.su/wp-content/plugins/videtiser/assets/images/ 4 KB
4 KB 97ms
96ms Image
image/png 5.9.49.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herbnarusskom.24bank.su/wp-content/plugins/videtiser/assets/images/icons-set2.png

Requested by

Host: herbnarusskom.24bank.su
URL: https://herbnarusskom.24bank.su/wp-content/cache/autoptimize/css/autoptimize_29952eaf29a0f038fcf3df0fbde1abec.css

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.49.156 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.156.49.9.5.clients.your-server.de

Software

nginx/1.20.2 /

Resource Hash

ecf86042344cf8688d3f9e2bbd74ef073c23d2f4bd0629c32d0e0dc830d84129

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbnarusskom.24bank.su/wp-content/cache/autoptimize/css/autoptimize_29952eaf29a0f038fcf3df0fbde1abec.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:48:32 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Feb 2020 12:13:11 GMT
server: nginx/1.20.2
etag: "5e550f57-111a"
content-type: image/png
cache-control: max-age=3888000
accept-ranges: bytes
content-length: 4378
expires: Mon, 16 Jan 2023 09:48:32 GMT

GET
DATA 200
OK truncated
/ Frame 770C 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu82oNXEtRqXr8Fg9ZCWBsxSEyNpVGHV-rImbbbh=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 770C 5 KB
5 KB 28ms
4ms Image
image/jpeg 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu82oNXEtRqXr8Fg9ZCWBsxSEyNpVGHV-rImbbbh=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cd814c3065af86ae14ddcd1a9f935e5db670816a790084b132f44d316ca48246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 07:26:39 GMT
x-content-type-options: nosniff
age: 8513
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4703
x-xss-protection: 0
server: fife
etag: "v8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 02 Dec 2022 14:29:53 GMT

GET
H2 200 default.webp
i.ytimg.com/vi_webp/c7ftDuZ3JRA/ Frame 770C 1 KB
2 KB 41ms
19ms Image
image/webp 2607:f8b0:4006:824::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/c7ftDuZ3JRA/default.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2016 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e636cc7654f710c73e8f2aed158fd6881baa1d781170f57adde8ec28bcd9ed24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:48:32 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1050
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 02 Dec 2022 11:48:32 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 770C 10 KB
10 KB 5ms
4ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 03:02:41 GMT
x-content-type-options: nosniff
age: 283551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9832
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 03:02:41 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/69566722/
Redirect Chain

https://mc.yandex.com/watch/69566722?wmode=7&page-url=https%3A%2F%2Fherbnarusskom.24bank.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Assb7e99gu042u1d5clb78%3Afp%3A1223%3Afu%3A0%3Aen%3Autf-8%3Ala%...
https://mc.yandex.com/watch/69566722/1?wmode=7&page-url=https%3A%2F%2Fherbnarusskom.24bank.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Assb7e99gu042u1d5clb78%3Afp%3A1223%3Afu%3A0%3Aen%3Autf-8%3Al...

435 B
517 B

143ms
143ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/69566722/1?wmode=7&page-url=https%3A%2F%2Fherbnarusskom.24bank.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Assb7e99gu042u1d5clb78%3Afp%3A1223%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1334021893705%3Ahid%3A306399696%3Az%3A0%3Ai%3A20221202094832%3Aet%3A1669974512%3Ac%3A1%3Arn%3A260932190%3Arqn%3A1%3Au%3A1669974512286098202%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C196%2C197%2C2%2C489%2C0%2C%2C512%2C15%2C%2C%2C%2C1402%3Aco%3A0%3Acpf%3A1%3Ans%3A1669974510225%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669974513%3At%3AiHerb%20%28%D0%90%D0%B9%D1%85%D0%B5%D1%80%D0%B1%29%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BC%D0%B0%D0%B3%D0%B0%D0%B7%D0%B8%D0%BD%D0%B0%3A%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%2C%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%2C%20%D1%81%D0%BA%D0%B8%D0%B4%D0%BA%D0%B8%20%D0%B8%20%D1%86%D0%B5%D0%BD%D1%8B&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: herbnarusskom.24bank.su
URL: https://herbnarusskom.24bank.su/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

91a07f1de1e6d6038cf68674ca297c95f8b5c869c4bd1f2d8061ffa97a35f160

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbnarusskom.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 09:48:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 02-Dec-2022 09:48:33 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://herbnarusskom.24bank.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Fri, 02-Dec-2022 09:48:33 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 09:48:33 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 02-Dec-2022 09:48:33 GMT
location: /watch/69566722/1?wmode=7&page-url=https%3A%2F%2Fherbnarusskom.24bank.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Assb7e99gu042u1d5clb78%3Afp%3A1223%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1334021893705%3Ahid%3A306399696%3Az%3A0%3Ai%3A20221202094832%3Aet%3A1669974512%3Ac%3A1%3Arn%3A260932190%3Arqn%3A1%3Au%3A1669974512286098202%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C196%2C197%2C2%2C489%2C0%2C%2C512%2C15%2C%2C%2C%2C1402%3Aco%3A0%3Acpf%3A1%3Ans%3A1669974510225%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669974513%3At%3AiHerb%20%28%D0%90%D0%B9%D1%85%D0%B5%D1%80%D0%B1%29%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BC%D0%B0%D0%B3%D0%B0%D0%B7%D0%B8%D0%BD%D0%B0%3A%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%2C%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%2C%20%D1%81%D0%BA%D0%B8%D0%B4%D0%BA%D0%B8%20%D0%B8%20%D1%86%D0%B5%D0%BD%D1%8B&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://herbnarusskom.24bank.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 02-Dec-2022 09:48:33 GMT

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame 770C 60 KB
22 KB 154ms
153ms XHR
application/json 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

8973df61bb689178098f4bb255cd3d70e05f5b5090506facb44f46a9a33704f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/c7ftDuZ3JRA?showinfo=0&?autoplay=1&controls=0&rel=0&modestbranding=1&iv_load_policy=3&enablejsapi=1&origin=https%3A%2F%2Fherbnarusskom.24bank.su&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20221130.01.00
X-Goog-Visitor-Id: CgtjZVkyMG9QQTdkYyjwk6ecBg%3D%3D

Response headers

date: Fri, 02 Dec 2022 09:48:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22543
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6B03 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bbc64be6c752f3d87e01fbd491945ff0393b274cdf009318278419f6f2afe260

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js Show response
pagead2.googlesyndication.com/bg/ Frame B321 36 KB
16 KB 11ms
8ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js

Requested by

Host: herbnarusskom.24bank.su
URL: https://herbnarusskom.24bank.su/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 02:50:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 02:50:43 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5EBD 143 B
166 B 10ms
5ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 497
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 09:40:16 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
www.youtube.com/ Frame 770C 0
10 B 6ms
5ms Image
text/plain 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?QpErTg
Requested by: Host: herbnarusskom.24bank.su
URL: https://herbnarusskom.24bank.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:808::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/c7ftDuZ3JRA?showinfo=0&?autoplay=1&controls=0&rel=0&modestbranding=1&iv_load_policy=3&enablejsapi=1&origin=https%3A%2F%2Fherbnarusskom.24bank.su&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:48:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame 770C 0
19 B 28ms
27ms XHR
text/html 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=134&afmt=251&cpn=0nLVluhX4MBQOGRM&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24249178%2C24255165%2C24292955%2C24293803%2C24406605%2C24406620%2C24407200%2C24408610%2C24414162%2C24415865%2C24423785%2C24425861&cl=492015358&seq=1&docid=c7ftDuZ3JRA&ei=8cmJY4jMApmA_9EP4NSI-A4&event=streamingstats&plid=AAXu1T2jlyoxxmGW&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fc7ftDuZ3JRA%3Fshowinfo%3D0%26%3Fautoplay%3D1%26controls%3D0%26rel%3D0%26modestbranding%3D1%26iv_load_policy%3D3%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fherbnarusskom.24bank.su%26widgetid%3D1&cbr=Chrome&cbrver=108.0.5359.71&c=WEB_EMBEDDED_PLAYER&cver=1.20221130.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.014:B,0.255:B,0.255:B&cmt=0.014:0.000,0.255:0.000&afs=0.255:251::i&vfs=0.255:134:134::r&view=0.255:300:150&bwe=0.255:130000&bat=0.255:1:1&vis=0.255:0&bh=0.255:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/c7ftDuZ3JRA?showinfo=0&?autoplay=1&controls=0&rel=0&modestbranding=1&iv_load_policy=3&enablejsapi=1&origin=https%3A%2F%2Fherbnarusskom.24bank.su&widgetid=1
X-YouTube-Client-Version: 1.20221130.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtjZVkyMG9QQTdkYyjwk6ecBg%3D%3D
X-YouTube-Ad-Signals: dt=1669974512556&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C150&vis=1&wgl=true&ca_type=image&bid=ANyPxKo5HEka4gip8pyEFdHNXF89weuzRX_AXxlHTRgaUiEflUJuf0KLbNIljSmLAwshTg6s8PlJN-nGLY7oWhpYKZc3-obPmA

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 09:48:33 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK videoplayback Show response
rr4---sn-ab5sznze.googlevideo.com/ Frame 770C 1 KB
2 KB 54ms
5ms Fetch
text/plain 2607:f8b0:4006:9::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-ab5sznze.googlevideo.com/videoplayback?expire=1669996113&ei=8cmJY4jMApmA_9EP4NSI-A4&ip=2a0d%3A5600%3A24%3A1500%3A1012%3Add53%3A2acd%3Ad137&id=o-AJ91sLBc10dZudqEBsUHnIFq2SPxRWIgxnyDk24WRRd1&itag=134&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=7Z&mm=31%2C29&mn=sn-ab5sznze%2Csn-ab5l6nk6&ms=au%2Crdu&mv=m&mvi=4&pl=48&initcwndbps=187500&spc=SFxXNkhITXrXRcEF08Tjy4vRqVHPb9I&vprv=1&mime=video%2Fmp4&ns=jtqdUUw34mzo9aw1e1wkr2kJ&gir=yes&clen=2191565&otfp=1&dur=208.999&lmt=1582027573862504&mt=1669974098&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6216222&n=FMpdSBVtSKjIgw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhALLzZcKyi3qUv08vM_wS90fLsIxnd3zgSD5jEE_LxiZoAiB89x7ZVYsMGYl8AUsFFil1bykFP19LIalO81n70nYjgA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhANGt_h6MdzVt8TCeG3CJNMnXOJ5J34f4MAOD7gLcL9ZoAiBMFYPzZje9P3dvwq2bXZpZp6G0OJhYJv_Mopiz3yXz9w%3D%3D&alr=yes&cpn=0nLVluhX4MBQOGRM&cver=1.20221130.01.00&range=0-66776&rn=1&rbuf=0&pot=DyjV_uUQtnRVKO3mtFpnHgsml4YGrOouLtLztTNfrrCHLe4wVYAUH8OLUhRRsxXhY1Z82o17R52-pluocrcEPcA_FW3K0cfDjyZ26yawcWzt4dZrpdDcOOW8N0aDJ6lG0cGcKd0=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:9::9 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

2b2efff059eacdbcd02cde4b335b49e5685bafaaec4cc7dd24a6a55396da38e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 09:48:33 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1294
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Fri, 02 Dec 2022 09:48:33 GMT

POST
H/1.1 200
OK videoplayback Show response
rr4---sn-ab5sznze.googlevideo.com/ Frame 770C 1 KB
2 KB 53ms
6ms Fetch
text/plain 2607:f8b0:4006:9::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-ab5sznze.googlevideo.com/videoplayback?expire=1669996113&ei=8cmJY4jMApmA_9EP4NSI-A4&ip=2a0d%3A5600%3A24%3A1500%3A1012%3Add53%3A2acd%3Ad137&id=o-AJ91sLBc10dZudqEBsUHnIFq2SPxRWIgxnyDk24WRRd1&itag=251&source=youtube&requiressl=yes&mh=7Z&mm=31%2C29&mn=sn-ab5sznze%2Csn-ab5l6nk6&ms=au%2Crdu&mv=m&mvi=4&pl=48&initcwndbps=187500&spc=SFxXNkhITXrXRcEF08Tjy4vRqVHPb9I&vprv=1&mime=audio%2Fwebm&ns=jtqdUUw34mzo9aw1e1wkr2kJ&gir=yes&clen=2775960&otfp=1&dur=209.021&lmt=1582027571264540&mt=1669974098&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=FMpdSBVtSKjIgw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgVozkz6902JcYhVj6RFBKoDyhtS08WdabdOgymQanuXQCIQDimV9HHHbZ8NA-ys8tdyPTTBNFBMamSWUsVNeJA6GDUg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhANGt_h6MdzVt8TCeG3CJNMnXOJ5J34f4MAOD7gLcL9ZoAiBMFYPzZje9P3dvwq2bXZpZp6G0OJhYJv_Mopiz3yXz9w%3D%3D&alr=yes&cpn=0nLVluhX4MBQOGRM&cver=1.20221130.01.00&range=0-66148&rn=2&rbuf=0&pot=DyjV_uUQtnRVKO3mtFpnHgsml4YGrOouLtLztTNfrrCHLe4wVYAUH8OLUhRRsxXhY1Z82o17R52-pluocrcEPcA_FW3K0cfDjyZ26yawcWzt4dZrpdDcOOW8N0aDJ6lG0cGcKd0=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:9::9 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

9969dd95f330f81b723524f4c36377dfb4630df29f4651b82236387fbf64895f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 09:48:33 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1228
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Fri, 02 Dec 2022 09:48:33 GMT

GET
H3 200 captions.js Show response
www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/ Frame 770C 67 KB
25 KB 7ms
6ms Script
text/javascript 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2811e1bc50f27a2a5981f961abf61cab8d0ed34aa7a4ab5e8831624073ecf2a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/c7ftDuZ3JRA?showinfo=0&?autoplay=1&controls=0&rel=0&modestbranding=1&iv_load_policy=3&enablejsapi=1&origin=https%3A%2F%2Fherbnarusskom.24bank.su&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 16:01:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63999
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25411
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 01 Dec 2023 16:01:54 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/ Frame 770C 32 KB
9 KB 8ms
7ms Script
text/javascript 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7b5f95c41c61459b383f6bf63d80863936904d19b70c026a775e40abda9e817

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/c7ftDuZ3JRA?showinfo=0&?autoplay=1&controls=0&rel=0&modestbranding=1&iv_load_policy=3&enablejsapi=1&origin=https%3A%2F%2Fherbnarusskom.24bank.su&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 16:01:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63999
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8759
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 01 Dec 2023 16:01:54 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame 770C 9 KB
3 KB 189ms
188ms XHR
application/json 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

7feb62745ab8f02918e922c4f7a053d97faffeb65c8c91d61bd4036fc12a08b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/c7ftDuZ3JRA?showinfo=0&?autoplay=1&controls=0&rel=0&modestbranding=1&iv_load_policy=3&enablejsapi=1&origin=https%3A%2F%2Fherbnarusskom.24bank.su&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20221130.01.00
X-Goog-Visitor-Id: CgtjZVkyMG9QQTdkYyjwk6ecBg%3D%3D

Response headers

date: Fri, 02 Dec 2022 09:48:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3080
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 52ms
40ms XHR
application/json 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ff068806ee274accca1a7ecb1de7ce683b9484179c6240d71ab25e7cf48bda8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbnarusskom.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:48:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11167
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5EBD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

30ms
29ms

Document
text/html

2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 09:48:33 GMT
expires: Fri, 02 Dec 2022 09:48:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 09:48:33 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 videoplayback Show response
rr1---sn-ab5sznze.googlevideo.com/ Frame 770C 1 KB
1 KB 34ms
6ms Fetch
text/plain 2607:f8b0:4006:9::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-ab5sznze.googlevideo.com/videoplayback?expire=1669996113&ei=8cmJY4jMApmA_9EP4NSI-A4&ip=2a0d%3A5600%3A24%3A1500%3A1012%3Add53%3A2acd%3Ad137&id=o-AJ91sLBc10dZudqEBsUHnIFq2SPxRWIgxnyDk24WRRd1&itag=134&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=7Z&mm=31%2C29&mn=sn-ab5sznze%2Csn-ab5l6nk6&ms=au%2Crdu&mv=m&mvi=4&pl=48&initcwndbps=187500&spc=SFxXNkhITXrXRcEF08Tjy4vRqVHPb9I&vprv=1&mime=video%2Fmp4&ns=jtqdUUw34mzo9aw1e1wkr2kJ&gir=yes&clen=2191565&otfp=1&dur=208.999&lmt=1582027573862504&mt=1669974098&fvip=1&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6216222&n=FMpdSBVtSKjIgw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhALLzZcKyi3qUv08vM_wS90fLsIxnd3zgSD5jEE_LxiZoAiB89x7ZVYsMGYl8AUsFFil1bykFP19LIalO81n70nYjgA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhANGt_h6MdzVt8TCeG3CJNMnXOJ5J34f4MAOD7gLcL9ZoAiBMFYPzZje9P3dvwq2bXZpZp6G0OJhYJv_Mopiz3yXz9w%3D%3D&alr=yes&cpn=0nLVluhX4MBQOGRM&cver=1.20221130.01.00&ir=1,&rr=12,&range=0-66776&rn=3&rbuf=0&pot=DyjV_uUQtnRVKO3mtFpnHgsml4YGrOouLtLztTNfrrCHLe4wVYAUH8OLUhRRsxXhY1Z82o17R52-pluocrcEPcA_FW3K0cfDjyZ26yawcWzt4dZrpdDcOOW8N0aDJ6lG0cGcKd0=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:9::6 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

a54ebbf77e0e40e032c1b3b08d562b8a98c3f4cac9e43e0badd1685eb80192eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

client-protocol: quic
date: Fri, 02 Dec 2022 09:48:33 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1290
last-modified: Wed, 02 May 2007 10:26:10 GMT
server: gvs 1.0
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Fri, 02 Dec 2022 09:48:33 GMT

POST
H3 200 videoplayback Show response
rr1---sn-ab5sznze.googlevideo.com/ Frame 770C 1 KB
1 KB 30ms
5ms Fetch
text/plain 2607:f8b0:4006:9::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-ab5sznze.googlevideo.com/videoplayback?expire=1669996113&ei=8cmJY4jMApmA_9EP4NSI-A4&ip=2a0d%3A5600%3A24%3A1500%3A1012%3Add53%3A2acd%3Ad137&id=o-AJ91sLBc10dZudqEBsUHnIFq2SPxRWIgxnyDk24WRRd1&itag=251&source=youtube&requiressl=yes&mh=7Z&mm=31%2C29&mn=sn-ab5sznze%2Csn-ab5l6nk6&ms=au%2Crdu&mv=m&mvi=4&pl=48&initcwndbps=187500&spc=SFxXNkhITXrXRcEF08Tjy4vRqVHPb9I&vprv=1&mime=audio%2Fwebm&ns=jtqdUUw34mzo9aw1e1wkr2kJ&gir=yes&clen=2775960&otfp=1&dur=209.021&lmt=1582027571264540&mt=1669974098&fvip=1&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=FMpdSBVtSKjIgw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgVozkz6902JcYhVj6RFBKoDyhtS08WdabdOgymQanuXQCIQDimV9HHHbZ8NA-ys8tdyPTTBNFBMamSWUsVNeJA6GDUg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhANGt_h6MdzVt8TCeG3CJNMnXOJ5J34f4MAOD7gLcL9ZoAiBMFYPzZje9P3dvwq2bXZpZp6G0OJhYJv_Mopiz3yXz9w%3D%3D&alr=yes&cpn=0nLVluhX4MBQOGRM&cver=1.20221130.01.00&ir=1,&rr=12,&range=0-66148&rn=4&rbuf=0&pot=DyjV_uUQtnRVKO3mtFpnHgsml4YGrOouLtLztTNfrrCHLe4wVYAUH8OLUhRRsxXhY1Z82o17R52-pluocrcEPcA_FW3K0cfDjyZ26yawcWzt4dZrpdDcOOW8N0aDJ6lG0cGcKd0=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:9::6 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

e5eedb4b70396fc41141d31e29fc3dcfd6633bae3ed59755d87dd5f1142f056b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

client-protocol: quic
date: Fri, 02 Dec 2022 09:48:33 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1224
last-modified: Wed, 02 May 2007 10:26:10 GMT
server: gvs 1.0
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Fri, 02 Dec 2022 09:48:33 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 48ms
48ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbnarusskom.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:48:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 02 Dec 2022 09:48:33 GMT

POST
H3 200 videoplayback Show response
rr3---sn-vgqsrnzs.googlevideo.com/ Frame 770C 65 KB
65 KB 115ms
63ms Fetch
audio/webm 2607:f8b0:4009:15::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-vgqsrnzs.googlevideo.com/videoplayback?expire=1669996113&ei=8cmJY4jMApmA_9EP4NSI-A4&ip=2a0d%3A5600%3A24%3A1500%3A1012%3Add53%3A2acd%3Ad137&id=o-AJ91sLBc10dZudqEBsUHnIFq2SPxRWIgxnyDk24WRRd1&itag=251&source=youtube&requiressl=yes&spc=SFxXNkhITXrXRcEF08Tjy4vRqVHPb9I&vprv=1&mime=audio%2Fwebm&ns=jtqdUUw34mzo9aw1e1wkr2kJ&gir=yes&clen=2775960&otfp=1&dur=209.021&lmt=1582027571264540&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=FMpdSBVtSKjIgw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgVozkz6902JcYhVj6RFBKoDyhtS08WdabdOgymQanuXQCIQDimV9HHHbZ8NA-ys8tdyPTTBNFBMamSWUsVNeJA6GDUg%3D%3D&alr=yes&cpn=0nLVluhX4MBQOGRM&cver=1.20221130.01.00&redirect_counter=1&cm2rm=sn-ab5ee67e&cms_redirect=yes&cmsv=e&mh=7Z&mm=34&mn=sn-vgqsrnzs&ms=ltu&mt=1669974306&mv=m&mvi=3&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMFDRuWWHuewJnjBiSFmKpxnsulZzPW4tYaz3fHbtNEMAiAy2KoHrGuP8YN4gRvQfR9lURfvUZTFq51dnhncMqSyCg%3D%3D&range=0-66148&rn=5&rbuf=0&pot=DyjV_uUQtnRVKO3mtFpnHgsml4YGrOouLtLztTNfrrCHLe4wVYAUH8OLUhRRsxXhY1Z82o17R52-pluocrcEPcA_FW3K0cfDjyZ26yawcWzt4dZrpdDcOOW8N0aDJ6lG0cGcKd0=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4009:15::8 Naperville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

2e5462c67e2a1518741c8217f8b9e719c922ab81da870bf133b070fd919adae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

client-protocol: quic
date: Fri, 02 Dec 2022 09:48:33 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66149
last-modified: Tue, 18 Feb 2020 12:06:11 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Fri, 02 Dec 2022 09:48:33 GMT

POST
H3 200 videoplayback Show response
rr4---sn-ab5sznze.googlevideo.com/ Frame 770C 1 KB
1 KB 17ms
8ms Fetch
text/plain 2607:f8b0:4006:9::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-ab5sznze.googlevideo.com/videoplayback?expire=1669996113&ei=8cmJY4jMApmA_9EP4NSI-A4&ip=2a0d%3A5600%3A24%3A1500%3A1012%3Add53%3A2acd%3Ad137&id=o-AJ91sLBc10dZudqEBsUHnIFq2SPxRWIgxnyDk24WRRd1&itag=134&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=7Z&mm=31%2C29&mn=sn-ab5sznze%2Csn-ab5l6nk6&ms=au%2Crdu&mv=m&mvi=4&pl=48&initcwndbps=187500&spc=SFxXNkhITXrXRcEF08Tjy4vRqVHPb9I&vprv=1&mime=video%2Fmp4&ns=jtqdUUw34mzo9aw1e1wkr2kJ&gir=yes&clen=2191565&otfp=1&dur=208.999&lmt=1582027573862504&mt=1669974098&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6216222&n=FMpdSBVtSKjIgw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhALLzZcKyi3qUv08vM_wS90fLsIxnd3zgSD5jEE_LxiZoAiB89x7ZVYsMGYl8AUsFFil1bykFP19LIalO81n70nYjgA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhANGt_h6MdzVt8TCeG3CJNMnXOJ5J34f4MAOD7gLcL9ZoAiBMFYPzZje9P3dvwq2bXZpZp6G0OJhYJv_Mopiz3yXz9w%3D%3D&alr=yes&cpn=0nLVluhX4MBQOGRM&cver=1.20221130.01.00&range=0-66776&rn=6&rbuf=0&pot=DyjV_uUQtnRVKO3mtFpnHgsml4YGrOouLtLztTNfrrCHLe4wVYAUH8OLUhRRsxXhY1Z82o17R52-pluocrcEPcA_FW3K0cfDjyZ26yawcWzt4dZrpdDcOOW8N0aDJ6lG0cGcKd0=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:9::9 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

cadb5dc404cfe843525a79132cd73ea84831b9738953e647987add820d8c1125

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

client-protocol: quic
date: Fri, 02 Dec 2022 09:48:33 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1294
last-modified: Wed, 02 May 2007 10:26:10 GMT
server: gvs 1.0
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Fri, 02 Dec 2022 09:48:33 GMT

GET
H3 200 AMLnZu82oNXEtRqXr8Fg9ZCWBsxSEyNpVGHV-rImbbbh=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 770C 6 KB
6 KB 22ms
5ms Image
image/jpeg 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu82oNXEtRqXr8Fg9ZCWBsxSEyNpVGHV-rImbbbh=s88-c-k-c0x00ffffff-no-rj

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

91da98c280424767ddbd8effdc4ca360740d244617acb61fc2545a4cd55123be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 07:26:40 GMT
x-content-type-options: nosniff
age: 8513
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6579
x-xss-protection: 0
server: fife
etag: "v8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 02 Dec 2022 14:37:43 GMT

POST
H3 200 videoplayback Show response
rr1---sn-ab5sznze.googlevideo.com/ Frame 770C 1 KB
1 KB 6ms
5ms Fetch
text/plain 2607:f8b0:4006:9::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-ab5sznze.googlevideo.com/videoplayback?expire=1669996113&ei=8cmJY4jMApmA_9EP4NSI-A4&ip=2a0d%3A5600%3A24%3A1500%3A1012%3Add53%3A2acd%3Ad137&id=o-AJ91sLBc10dZudqEBsUHnIFq2SPxRWIgxnyDk24WRRd1&itag=134&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=7Z&mm=31%2C29&mn=sn-ab5sznze%2Csn-ab5l6nk6&ms=au%2Crdu&mv=m&mvi=4&pl=48&initcwndbps=187500&spc=SFxXNkhITXrXRcEF08Tjy4vRqVHPb9I&vprv=1&mime=video%2Fmp4&ns=jtqdUUw34mzo9aw1e1wkr2kJ&gir=yes&clen=2191565&otfp=1&dur=208.999&lmt=1582027573862504&mt=1669974098&fvip=1&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6216222&n=FMpdSBVtSKjIgw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhALLzZcKyi3qUv08vM_wS90fLsIxnd3zgSD5jEE_LxiZoAiB89x7ZVYsMGYl8AUsFFil1bykFP19LIalO81n70nYjgA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhANGt_h6MdzVt8TCeG3CJNMnXOJ5J34f4MAOD7gLcL9ZoAiBMFYPzZje9P3dvwq2bXZpZp6G0OJhYJv_Mopiz3yXz9w%3D%3D&alr=yes&cpn=0nLVluhX4MBQOGRM&cver=1.20221130.01.00&ir=1,&rr=12,&range=0-66776&rn=7&rbuf=0&pot=DyjV_uUQtnRVKO3mtFpnHgsml4YGrOouLtLztTNfrrCHLe4wVYAUH8OLUhRRsxXhY1Z82o17R52-pluocrcEPcA_FW3K0cfDjyZ26yawcWzt4dZrpdDcOOW8N0aDJ6lG0cGcKd0=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:9::6 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5637de2d712d4a964c78f4257db069705bf316754346a70f544371ca03911f67

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

client-protocol: quic
date: Fri, 02 Dec 2022 09:48:33 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1282
last-modified: Wed, 02 May 2007 10:26:10 GMT
server: gvs 1.0
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Fri, 02 Dec 2022 09:48:33 GMT

POST
H3 200 videoplayback Show response
rr3---sn-vgqsrnzs.googlevideo.com/ Frame 770C 65 KB
65 KB 67ms
49ms Fetch
video/mp4 2607:f8b0:4009:15::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-vgqsrnzs.googlevideo.com/videoplayback?expire=1669996113&ei=8cmJY4jMApmA_9EP4NSI-A4&ip=2a0d%3A5600%3A24%3A1500%3A1012%3Add53%3A2acd%3Ad137&id=o-AJ91sLBc10dZudqEBsUHnIFq2SPxRWIgxnyDk24WRRd1&itag=134&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&spc=SFxXNkhITXrXRcEF08Tjy4vRqVHPb9I&vprv=1&mime=video%2Fmp4&ns=jtqdUUw34mzo9aw1e1wkr2kJ&gir=yes&clen=2191565&otfp=1&dur=208.999&lmt=1582027573862504&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6216222&n=FMpdSBVtSKjIgw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhALLzZcKyi3qUv08vM_wS90fLsIxnd3zgSD5jEE_LxiZoAiB89x7ZVYsMGYl8AUsFFil1bykFP19LIalO81n70nYjgA%3D%3D&alr=yes&cpn=0nLVluhX4MBQOGRM&cver=1.20221130.01.00&redirect_counter=1&cm2rm=sn-ab5ee67e&cms_redirect=yes&cmsv=e&mh=7Z&mm=34&mn=sn-vgqsrnzs&ms=ltu&mt=1669974306&mv=m&mvi=3&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgRe2XDMW445vTrZSP6Yi8f3GZGZldUzHr4x6cFGGcFQwCIFlWA78ibgdfmQF5uzJKI3apUItGyzqC-o8bAVvpOYl_&range=0-66776&rn=8&rbuf=0&pot=DyjV_uUQtnRVKO3mtFpnHgsml4YGrOouLtLztTNfrrCHLe4wVYAUH8OLUhRRsxXhY1Z82o17R52-pluocrcEPcA_FW3K0cfDjyZ26yawcWzt4dZrpdDcOOW8N0aDJ6lG0cGcKd0=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4009:15::8 Naperville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

303a0164e796810efa8b5d6c42ce3b048610be2abc574246131e954a27aa40e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

client-protocol: quic
date: Fri, 02 Dec 2022 09:48:33 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66777
last-modified: Tue, 18 Feb 2020 12:06:13 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Fri, 02 Dec 2022 09:48:33 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5598 13 KB
5 KB 10ms
5ms Document
text/html 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://herbnarusskom.24bank.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 10134
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 06:59:39 GMT
expires: Sat, 02 Dec 2023 06:59:39 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D3DB 783 B
535 B 25ms
24ms Document
text/html 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

10a72fd4a9e0fb12149a1d766353b9a9e30272410bf48481d3ec868b97ac2953

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HhdYrybwbX4FXWUqHT8j5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://herbnarusskom.24bank.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-HhdYrybwbX4FXWUqHT8j5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 09:48:33 GMT
expires: Fri, 02 Dec 2022 09:48:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js Show response
pagead2.googlesyndication.com/bg/ Frame 5598 36 KB
16 KB 5ms
4ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 02:50:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 02:50:43 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D3DB 0
0 64ms
64ms Image
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=2413767052711847&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:807::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

POST
H3 200 videoplayback Show response
rr3---sn-vgqsrnzs.googlevideo.com/ Frame 770C 64 KB
64 KB 24ms
23ms Fetch
audio/webm 2607:f8b0:4009:15::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-vgqsrnzs.googlevideo.com/videoplayback?expire=1669996113&ei=8cmJY4jMApmA_9EP4NSI-A4&ip=2a0d%3A5600%3A24%3A1500%3A1012%3Add53%3A2acd%3Ad137&id=o-AJ91sLBc10dZudqEBsUHnIFq2SPxRWIgxnyDk24WRRd1&itag=251&source=youtube&requiressl=yes&spc=SFxXNkhITXrXRcEF08Tjy4vRqVHPb9I&vprv=1&mime=audio%2Fwebm&ns=jtqdUUw34mzo9aw1e1wkr2kJ&gir=yes&clen=2775960&otfp=1&dur=209.021&lmt=1582027571264540&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=FMpdSBVtSKjIgw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgVozkz6902JcYhVj6RFBKoDyhtS08WdabdOgymQanuXQCIQDimV9HHHbZ8NA-ys8tdyPTTBNFBMamSWUsVNeJA6GDUg%3D%3D&alr=yes&cpn=0nLVluhX4MBQOGRM&cver=1.20221130.01.00&redirect_counter=1&cm2rm=sn-ab5ee67e&cms_redirect=yes&cmsv=e&mh=7Z&mm=34&mn=sn-vgqsrnzs&ms=ltu&mt=1669974306&mv=m&mvi=3&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMFDRuWWHuewJnjBiSFmKpxnsulZzPW4tYaz3fHbtNEMAiAy2KoHrGuP8YN4gRvQfR9lURfvUZTFq51dnhncMqSyCg%3D%3D&range=66149-131971&rn=9&rbuf=4682&pot=DyjV_uUQtnRVKO3mtFpnHgsml4YGrOouLtLztTNfrrCHLe4wVYAUH8OLUhRRsxXhY1Z82o17R52-pluocrcEPcA_FW3K0cfDjyZ26yawcWzt4dZrpdDcOOW8N0aDJ6lG0cGcKd0=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4009:15::8 Naperville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0dda67068d3bf47086a3b944e57ea84b42f292877d1914472caa1d56b1512ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

client-protocol: quic
date: Fri, 02 Dec 2022 09:48:33 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65823
last-modified: Tue, 18 Feb 2020 12:06:11 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Fri, 02 Dec 2022 09:48:33 GMT

POST
H3 200 videoplayback Show response
rr3---sn-vgqsrnzs.googlevideo.com/ Frame 770C 152 KB
152 KB 23ms
22ms Fetch
video/mp4 2607:f8b0:4009:15::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-vgqsrnzs.googlevideo.com/videoplayback?expire=1669996113&ei=8cmJY4jMApmA_9EP4NSI-A4&ip=2a0d%3A5600%3A24%3A1500%3A1012%3Add53%3A2acd%3Ad137&id=o-AJ91sLBc10dZudqEBsUHnIFq2SPxRWIgxnyDk24WRRd1&itag=134&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&spc=SFxXNkhITXrXRcEF08Tjy4vRqVHPb9I&vprv=1&mime=video%2Fmp4&ns=jtqdUUw34mzo9aw1e1wkr2kJ&gir=yes&clen=2191565&otfp=1&dur=208.999&lmt=1582027573862504&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6216222&n=FMpdSBVtSKjIgw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhALLzZcKyi3qUv08vM_wS90fLsIxnd3zgSD5jEE_LxiZoAiB89x7ZVYsMGYl8AUsFFil1bykFP19LIalO81n70nYjgA%3D%3D&alr=yes&cpn=0nLVluhX4MBQOGRM&cver=1.20221130.01.00&redirect_counter=1&cm2rm=sn-ab5ee67e&cms_redirect=yes&cmsv=e&mh=7Z&mm=34&mn=sn-vgqsrnzs&ms=ltu&mt=1669974306&mv=m&mvi=3&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgRe2XDMW445vTrZSP6Yi8f3GZGZldUzHr4x6cFGGcFQwCIFlWA78ibgdfmQF5uzJKI3apUItGyzqC-o8bAVvpOYl_&range=66777-222725&rn=10&rbuf=6945&pot=DyjV_uUQtnRVKO3mtFpnHgsml4YGrOouLtLztTNfrrCHLe4wVYAUH8OLUhRRsxXhY1Z82o17R52-pluocrcEPcA_FW3K0cfDjyZ26yawcWzt4dZrpdDcOOW8N0aDJ6lG0cGcKd0=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4009:15::8 Naperville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

89f7ad6e1145dbd262f1149c51acd9a41fcea71ab3a3f89c5062655598c59e20

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

client-protocol: quic
date: Fri, 02 Dec 2022 09:48:33 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 155949
last-modified: Tue, 18 Feb 2020 12:06:13 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Fri, 02 Dec 2022 09:48:33 GMT

POST
H3 200 videoplayback Show response
rr3---sn-vgqsrnzs.googlevideo.com/ Frame 770C 129 KB
129 KB 23ms
22ms Fetch
audio/webm 2607:f8b0:4009:15::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-vgqsrnzs.googlevideo.com/videoplayback?expire=1669996113&ei=8cmJY4jMApmA_9EP4NSI-A4&ip=2a0d%3A5600%3A24%3A1500%3A1012%3Add53%3A2acd%3Ad137&id=o-AJ91sLBc10dZudqEBsUHnIFq2SPxRWIgxnyDk24WRRd1&itag=251&source=youtube&requiressl=yes&spc=SFxXNkhITXrXRcEF08Tjy4vRqVHPb9I&vprv=1&mime=audio%2Fwebm&ns=jtqdUUw34mzo9aw1e1wkr2kJ&gir=yes&clen=2775960&otfp=1&dur=209.021&lmt=1582027571264540&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=FMpdSBVtSKjIgw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgVozkz6902JcYhVj6RFBKoDyhtS08WdabdOgymQanuXQCIQDimV9HHHbZ8NA-ys8tdyPTTBNFBMamSWUsVNeJA6GDUg%3D%3D&alr=yes&cpn=0nLVluhX4MBQOGRM&cver=1.20221130.01.00&redirect_counter=1&cm2rm=sn-ab5ee67e&cms_redirect=yes&cmsv=e&mh=7Z&mm=34&mn=sn-vgqsrnzs&ms=ltu&mt=1669974306&mv=m&mvi=3&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMFDRuWWHuewJnjBiSFmKpxnsulZzPW4tYaz3fHbtNEMAiAy2KoHrGuP8YN4gRvQfR9lURfvUZTFq51dnhncMqSyCg%3D%3D&range=131972-263628&rn=11&rbuf=9364&pot=DyjV_uUQtnRVKO3mtFpnHgsml4YGrOouLtLztTNfrrCHLe4wVYAUH8OLUhRRsxXhY1Z82o17R52-pluocrcEPcA_FW3K0cfDjyZ26yawcWzt4dZrpdDcOOW8N0aDJ6lG0cGcKd0=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4009:15::8 Naperville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

931ad70981820258dc556d9d0140e4620157fc50628380f5b95d065a9a7d1727

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

client-protocol: quic
date: Fri, 02 Dec 2022 09:48:33 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131657
last-modified: Tue, 18 Feb 2020 12:06:11 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Fri, 02 Dec 2022 09:48:33 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5598 0
10 B 5ms
4ms Image
text/plain 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?539QfA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:48:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 playback Show response
www.youtube.com/api/stats/ Frame 770C 0
17 B 28ms
28ms XHR
text/html 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=0nLVluhX4MBQOGRM&ver=2&cmt=0.076&fmt=134&fs=0&rt=0.794&euri=https%3A%2F%2Fherbnarusskom.24bank.su%2F&lact=510&cl=492015358&mos=1&volume=100&cbr=Chrome&cbrver=108.0.5359.71&c=WEB_EMBEDDED_PLAYER&cver=1.20221130.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&splay=1&hl=en_US&cr=US&len=209.021&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24249178%2C24255165%2C24292955%2C24293803%2C24406605%2C24406620%2C24407200%2C24408610%2C24414162%2C24415865%2C24423785%2C24425861&rtn=6&afmt=251&size=300%3A150&inview=1&muted=1&docid=c7ftDuZ3JRA&ei=8cmJY4jMApmA_9EP4NSI-A4&plid=AAXu1T2jlyoxxmGW&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fc7ftDuZ3JRA%3Fshowinfo%3D0%26%3Fautoplay%3D1%26controls%3D0%26rel%3D0%26modestbranding%3D1%26iv_load_policy%3D3%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fherbnarusskom.24bank.su%26widgetid%3D1&of=wbAUJoLFDaeeOSJrHXH1sg&vm=CAEQABgEOjJBUEV3RWxSUHg1NDJKa1dIemtoY3ZUOF9RZFRRQi1nUzlJUTdPdjloclE1WE9ud1FWZ2JPQVBta0tESlJBWmVJTGlXckdBbmFXa05PZ1ZqeGpWN0tBdUNRdkNJazRuSzltVU5CaElKMHdkaE5ianE1YzdnczUwRGJ6VXNRbkpfOVQ1SWgB

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/c7ftDuZ3JRA?showinfo=0&?autoplay=1&controls=0&rel=0&modestbranding=1&iv_load_policy=3&enablejsapi=1&origin=https%3A%2F%2Fherbnarusskom.24bank.su&widgetid=1
X-YouTube-Client-Version: 1.20221130.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtjZVkyMG9QQTdkYyjwk6ecBg%3D%3D
X-YouTube-Ad-Signals: dt=1669974512556&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C150&vis=1&wgl=true&ca_type=image&bid=ANyPxKo5HEka4gip8pyEFdHNXF89weuzRX_AXxlHTRgaUiEflUJuf0KLbNIljSmLAwshTg6s8PlJN-nGLY7oWhpYKZc3-obPmA

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 09:48:33 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking Show response
www.youtube.com/ Frame 770C 0
17 B 23ms
22ms XHR
text/html 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=c7ftDuZ3JRA&cpn=0nLVluhX4MBQOGRM&ei=8cmJY4jMApmA_9EP4NSI-A4&ptk=youtube_none&pltype=contentugc

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/c7ftDuZ3JRA?showinfo=0&?autoplay=1&controls=0&rel=0&modestbranding=1&iv_load_policy=3&enablejsapi=1&origin=https%3A%2F%2Fherbnarusskom.24bank.su&widgetid=1
X-YouTube-Client-Version: 1.20221130.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtjZVkyMG9QQTdkYyjwk6ecBg%3D%3D
X-YouTube-Ad-Signals: dt=1669974512556&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C150&vis=1&wgl=true&ca_type=image&bid=ANyPxKo5HEka4gip8pyEFdHNXF89weuzRX_AXxlHTRgaUiEflUJuf0KLbNIljSmLAwshTg6s8PlJN-nGLY7oWhpYKZc3-obPmA

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 09:48:33 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 770C 28 B
50 B 53ms
53ms XHR
application/json 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
X-Goog-Request-Time: 1669974513823
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/c7ftDuZ3JRA?showinfo=0&?autoplay=1&controls=0&rel=0&modestbranding=1&iv_load_policy=3&enablejsapi=1&origin=https%3A%2F%2Fherbnarusskom.24bank.su&widgetid=1
X-YouTube-Client-Version: 1.20221130.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtjZVkyMG9QQTdkYyjwk6ecBg%3D%3D
X-YouTube-Ad-Signals: dt=1669974512380&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C150&vis=1&wgl=true&ca_type=image&bid=ANyPxKo5HEka4gip8pyEFdHNXF89weuzRX_AXxlHTRgaUiEflUJuf0KLbNIljSmLAwshTg6s8PlJN-nGLY7oWhpYKZc3-obPmA

Response headers

date: Fri, 02 Dec 2022 09:48:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6B03 42 B
64 B 68ms
68ms Fetch
image/gif 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuL5gSbxcmq4_MdQU2Cm_OFfKjjaju1P-jhgT6mR6lpwwsMXz3sf3mNBf9ono9iuQzlEta_clWLIVP_Doz2Bhm7dMLji5py0IzBDMGnmy3iGOFcNfcgWZ9HlbD7RBGbNQlReYw&sai=AMfl-YSo7oO-iG1ATWksnMqSeGxEr6FY8_gqmNHiA4zusOzKYNU_e_IXFVCoKsM2NLbNtrD3lunCz9XEzvc3WYM&sig=Cg0ArKJSzCyZvOpYPUVQEAE&cid=CAQSGwDq26N9vkS7TBLft7kIfyx-Dq-0fqc0uJnrrhgBIBM&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=351,1000,1000,1000,1000&tos=351,649,0,0,0&v=20221130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669974512434&rpt=632&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 09:48:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 68ms
68ms Image
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=2413767052711847&bg=!CAulC0_NAAbvMpMzzzI7ACkAdvg8WpN-ml13MoCTTJuwGtTgp_YceKMm5nFTS8F95g4Woo2rVkknDQIAAADVUgAAAARoAQeZArF6C00naAOaJyMiGUASyLzAMQ7TTg7gYo0Rgd5U7iaei11AAIdtHbRIXyV7zFgbOXlMzDKTduI56VUZWOXCcPvR7wLe5XbVKftpAbeJ2Afpr6DDhvcB7l_IP4EdiIGuR5jMqwte0S-9rHVGSdV4awkz6-xI9DdKw-wRcEkONOWl1W3VDkM1FIwszxWh6s0ckY9RgW-2kf2D4JFWX5Lmjr3a9L_BqOqW0ctlZ_TnxiJ_FAt4V39NMGRu0iKtuQMLd-_XxSKGjK0P-FmrhVjFEW8brTkS67wXC9u0cWcPqCIW4fGUXKkRXrfRkjJIDQYgs2lThhkLzv16iaQ_B6CzW6sk7SPYdY-Q8_cl5zaO6iSTV5wkYNNv2b_EsCV8-URugPjRCRsZ7nfx1D1nP6tOlc3AJXg0IRh9MNX-cBiHKZjK9VibL7aAeZHX98S7vGAGMQJcKVsAOhNMO-Lq76G6uqSbd4gw0j15oMviN7ZlIjvesLs7ETAjoDXSibYo1EZhqWs3vOJ3ixfHHIMyZRNc7MQLSJlvI-2mddu6d8r6plsfXOMHQEnlH_sL_6t8FEFgALsL3_g7_QdBwarH3xxi7o8KcVyzxRCipYiX8dJtewaMwEUFLZwWAcd0Z6OIHOO3UF5mZ3Jjpe4rT922aE2qFL28GWA1yJqbxZp8HL4CtNrribU1RjHmZu_W2eK_Bi--MnC9be_1aDb0aKLFtr7s9KNozl9s9KwNJyPHRfqpr4sZ_USqYh5r0oCun1SmatzSXDbQ8qdJkS8SE7_FWBBdBx_Ej6VHqm3JxQHrimnirEsF1hjHIipwwSFpByd9hVOQqXIBtljzi-PQWN_Uo0Gjf6qYd-LvcG1JOo7NO_YVPehz0hcV0B1WiwSDfhkrWuhItvymFSfFgVwnMn4cJiQdL2Uuyg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:807::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbnarusskom.24bank.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

POST
H3 204 atr Show response
www.youtube.com/api/stats/ Frame 770C 0
19 B 36ms
35ms XHR
text/html 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=0nLVluhX4MBQOGRM&ver=2&cmt=4.613&fmt=134&fs=0&rt=5.33&euri=https%3A%2F%2Fherbnarusskom.24bank.su%2F&lact=5045&cl=492015358&mos=1&volume=100&cbr=Chrome&cbrver=108.0.5359.71&c=WEB_EMBEDDED_PLAYER&cver=1.20221130.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&splay=1&hl=en_US&cr=US&len=209.021&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24249178%2C24255165%2C24292955%2C24293803%2C24406605%2C24406620%2C24407200%2C24408610%2C24414162%2C24415865%2C24423785%2C24425861&afmt=251&muted=1&docid=c7ftDuZ3JRA&ei=8cmJY4jMApmA_9EP4NSI-A4&plid=AAXu1T2jlyoxxmGW&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fc7ftDuZ3JRA%3Fshowinfo%3D0%26%3Fautoplay%3D1%26controls%3D0%26rel%3D0%26modestbranding%3D1%26iv_load_policy%3D3%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fherbnarusskom.24bank.su%26widgetid%3D1&of=wbAUJoLFDaeeOSJrHXH1sg&vm=CAEQABgEOjJBUEV3RWxSUHg1NDJKa1dIemtoY3ZUOF9RZFRRQi1nUzlJUTdPdjloclE1WE9ud1FWZ2JPQVBta0tESlJBWmVJTGlXckdBbmFXa05PZ1ZqeGpWN0tBdUNRdkNJazRuSzltVU5CaElKMHdkaE5ianE1YzdnczUwRGJ6VXNRbkpfOVQ1SWgB

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/c7ftDuZ3JRA?showinfo=0&?autoplay=1&controls=0&rel=0&modestbranding=1&iv_load_policy=3&enablejsapi=1&origin=https%3A%2F%2Fherbnarusskom.24bank.su&widgetid=1
X-YouTube-Client-Version: 1.20221130.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtjZVkyMG9QQTdkYyjwk6ecBg%3D%3D
X-YouTube-Ad-Signals: dt=1669974512556&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C150&vis=1&wgl=true&ca_type=image&bid=ANyPxKo5HEka4gip8pyEFdHNXF89weuzRX_AXxlHTRgaUiEflUJuf0KLbNIljSmLAwshTg6s8PlJN-nGLY7oWhpYKZc3-obPmA

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 09:48:38 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

154 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
herbnarusskom.24bank.su/	1969-12-31 23:59:59	Name: flat_r_mb Value: %2F%2F%2F%3Adirect
.24bank.su/	1970-01-20 17:14:30	Name: __gads Value: ID=d5d646f8061a9dbb-224a3e8f93d80098:T=1669974511:RT=1669974511:S=ALNI_MZWvTPapZvBjm7ulYuRv1x39x3nEQ
.24bank.su/	1970-01-20 17:14:30	Name: __gpi Value: UID=000008c2ec577920:T=1669974511:RT=1669974511:S=ALNI_MZAxrJ_NXvnK3thxA3oGMvriFDPhQ
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: _7eE1xM_NPY
.youtube.com/	1970-01-20 12:12:06	Name: VISITOR_INFO1_LIVE Value: ceY20oPA7dc
herbnarusskom.24bank.su/	1970-01-20 08:36:06	Name: videtiser_views Value: 1
.24bank.su/	1970-01-20 16:38:30	Name: _ym_uid Value: 1669974512286098202
.24bank.su/	1970-01-20 16:38:30	Name: _ym_d Value: 1669974512
.mc.yandex.com/	1970-01-20 07:52:55	Name: sync_cookie_csrf Value: 3915242970fake
.24bank.su/	1970-01-20 07:54:06	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 07:52:55	Name: sync_cookie_csrf Value: 1547826392fake
.doubleclick.net/	1970-01-20 17:28:54	Name: IDE Value: AHWqTUnllunsE8Z7F7NCX72Rh69O7XdcqHL9WBTXbyqXvI1CthVzewPecvC6XSqAC7c
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 673013901669974513
.yandex.com/	1970-01-20 17:28:54	Name: i Value: R2j7taB6vreC+na+8CXxxYnsXayJ8cYJtlema3FVQZ2ZzBwzibScX8T6AVWh+lxMer9+ru68K9aBFSQwwPXqD1FFbXo=
.yandex.com/	1970-01-20 16:38:30	Name: yandexuid Value: 8026061681669974513
.yandex.com/	1970-01-20 16:38:30	Name: yuidss Value: 8026061681669974513
.yandex.com/	1970-01-20 16:38:30	Name: ymex Value: 1701510513.yc.1669974513#1701510513.yrts.1669974513#1701510513.yrtsi.1669974513
.doubleclick.net/	1970-01-20 07:52:58	Name: DSID Value: NO_DATA

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	error	Message: Failed to set referrer policy: The value '' is not one of 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9840.J4uQJYjYrNzr8GEycxZc30ctfD9EccQ7WpvPl9JnyJio6IhJQqGwvDNyKGGjF8naC5iNCeV7ZZRpB7IAoAmIpGHV9Osaf_OuxN1NvpnplSQ%2C.uuzzHMCJXc4ucnjO8e5f8azaVyw%2C Message: Failed to load resource: the server responded with a status of 400 ()
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-1114993438075446&fa=1&ifi=3&uci=a!3&btvi=1&xpc=faZnGoTilA&p=https%3A//herbnarusskom.24bank.su Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
aherbnarusskom.ru
ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
herbnarusskom.24bank.su
i.ytimg.com
iherbnarusskom.ru
jnn-pa.googleapis.com
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
rr1---sn-ab5sznze.googlevideo.com
rr3---sn-vgqsrnzs.googlevideo.com
rr4---sn-ab5sznze.googlevideo.com
static.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
185.212.130.7
2607:f8b0:4006:807::2002
2607:f8b0:4006:808::200e
2607:f8b0:4006:809::2002
2607:f8b0:4006:80c::2001
2607:f8b0:4006:80e::2001
2607:f8b0:4006:80e::2003
2607:f8b0:4006:80e::2004
2607:f8b0:4006:816::2002
2607:f8b0:4006:816::200a
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81f::2006
2607:f8b0:4006:821::2002
2607:f8b0:4006:821::200a
2607:f8b0:4006:824::2016
2607:f8b0:4006:9::6
2607:f8b0:4006:9::9
2607:f8b0:4009:15::8
2a02:6b8::1:119
5.9.49.156
0762c9e44bfa46e2e56e7908e69696eb5e3b92f93a11d824f6bc43f47244c7f1
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0dda67068d3bf47086a3b944e57ea84b42f292877d1914472caa1d56b1512ba8
10a72fd4a9e0fb12149a1d766353b9a9e30272410bf48481d3ec868b97ac2953
13643cfd8909a7a4ff22eb7382896a985a691f1662bf40d32aa6e79962d3b224
16d88035f2ae37c1a28a40d6d1a7e8e3a06fe64eb8890ad38fe01a4afbd72182
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c8fb02f68e820bfcc5da89d05e5903e066828ef585e86d69b585af69f21216e
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1ff068806ee274accca1a7ecb1de7ce683b9484179c6240d71ab25e7cf48bda8
2811e1bc50f27a2a5981f961abf61cab8d0ed34aa7a4ab5e8831624073ecf2a1
29f25894a15573fbd2e51fa6e7ffd65e3cd0c2bfa0be8a60860ca462b29b6b8a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b2efff059eacdbcd02cde4b335b49e5685bafaaec4cc7dd24a6a55396da38e6
2e5462c67e2a1518741c8217f8b9e719c922ab81da870bf133b070fd919adae4
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
303a0164e796810efa8b5d6c42ce3b048610be2abc574246131e954a27aa40e5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7
3b467166e22b4bef89768a98bedd65bee52101217ff736d7b442443680db8014
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
468add2fcb72d13ac0e9b791faaada998d8511e32a856dfc4211bef496e5febd
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f7c4f3973f625c4d375cf740cfba78f8bccb82a815b586877296613a9277add
506085489a41c95684f355a8b1aede576cdd7d68f9249e32ae4c50d2eafbed00
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5637de2d712d4a964c78f4257db069705bf316754346a70f544371ca03911f67
578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65a04fa142608a9b1f288d1e0e03f7061e61158828c1f1539cec0dff75805f3a
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b27fe6579f4e90f9b7f692f2fb1ef667fba1a680874c71a3560b36ffface662
6c58604b37c66b22b4249bd6d4bc415699d3112f70ef7cbc279aded40d05d8c5
6ea9195248fff7b0492039092aa87508d99e64a23c5c14c9dae6edfca89cf66b
6fa9a36c70a87538889c1c6873ad7c0628aab92f872aaa56628706ac22b2ac5e
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7feb62745ab8f02918e922c4f7a053d97faffeb65c8c91d61bd4036fc12a08b6
80a52dc4fdbcf9fb5921df423017f0af11a26ad927108e25f34d9f94558abb5e
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8973df61bb689178098f4bb255cd3d70e05f5b5090506facb44f46a9a33704f1
89f7ad6e1145dbd262f1149c51acd9a41fcea71ab3a3f89c5062655598c59e20
8b1d4eaca46e32a9953e73fcdcaeaa623e0b9590245a1359b683ffb27e7d955e
8c5a339dc4b8a652bfe822a0ee3ee074632db57f096ad9452ee46e38b9a6f6bc
91a07f1de1e6d6038cf68674ca297c95f8b5c869c4bd1f2d8061ffa97a35f160
91da98c280424767ddbd8effdc4ca360740d244617acb61fc2545a4cd55123be
927880808b04d38324c6478d81795bfcc4cf1d4a52a1d8c41a7b59d5bb991b11
931ad70981820258dc556d9d0140e4620157fc50628380f5b95d065a9a7d1727
9969dd95f330f81b723524f4c36377dfb4630df29f4651b82236387fbf64895f
9ac20b10990d3ec3c7032d4422dfa55a366479dddde85851d814676ebd34ef0d
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e266c87ad4ccde16ed22725e4369cbcb9522ad41233d435a2e5636f463907b2
a1d3af5ae579dbe85f0ef580837d2a8aa1bf69b7b60592fcb0484ee8244adfb3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a54ebbf77e0e40e032c1b3b08d562b8a98c3f4cac9e43e0badd1685eb80192eb
a6933e678530b263486fa7b185a449cac947e1496ef61d496642032f339e9e43
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
b6e4dff920e21e3f436a014140d01d43c97177e007556ede69f772f08cb7a7ec
b9b55eda4118e5fda9876af796e33d19cbb2661da9e0594f2d7837039f0e0ac1
bbc64be6c752f3d87e01fbd491945ff0393b274cdf009318278419f6f2afe260
bf3d9c90bca1ba4087166c33563837d773ea43d3650e727414c2b46345421b0a
c02305b438489b8cf5f6344a011bde64454e73ad49404d232c2257611e30aac1
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c48405cd099aeaefe68cbb972e3fd9e46fae50a6f75cffd3b84814e24cc744ad
cadb5dc404cfe843525a79132cd73ea84831b9738953e647987add820d8c1125
cd814c3065af86ae14ddcd1a9f935e5db670816a790084b132f44d316ca48246
d7b5f95c41c61459b383f6bf63d80863936904d19b70c026a775e40abda9e817
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
df2e2f60eefb3c59e48bdc71278b73e5960febd018b18c2554ad27050bcd3719
dfc78d45fa53bf23ba38b14316639f3bd5a0b4c50418a1f17b6f70714160a471
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5eedb4b70396fc41141d31e29fc3dcfd6633bae3ed59755d87dd5f1142f056b
e636cc7654f710c73e8f2aed158fd6881baa1d781170f57adde8ec28bcd9ed24
ecf86042344cf8688d3f9e2bbd74ef073c23d2f4bd0629c32d0e0dc830d84129
edae723b0ed9ce7951cb1fc7bbb2163f91779db1a85bdacffc78ddf209e5f8ff
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a
fef6b289c70c1532aad3ea64e088abedbaa3394af62ce70099115b585d1adeb6

herbnarusskom.24bank.su Open in urlscan Pro 5.9.49.156 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

111 Requests

97 %HTTPS

91 %IPv6

16 Domains

24 Subdomains

23 IPs

4 Countries

2612 kBTransfer

6443 kBSize

18 Cookies

3 Outgoing links

Page URL History

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

herbnarusskom.24bank.su Open in urlscan Pro
5.9.49.156 Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

97 %
HTTPS

91 %
IPv6

16
Domains

24
Subdomains

23
IPs

4
Countries

2612 kB
Transfer

6443 kB
Size

18
Cookies

111 HTTP transactions
2 data transactions