luka-ch0rt-cp-win-luka-avtozak.duckdns.org Open in urlscan Pro
139.162.171.151 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/
Submission: On February 11 via manual (February 11th 2021, 2:24:17 pm UTC) from BY

Summary HTTP 280 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 15 domains to perform 280 HTTP transactions. The main IP is 139.162.171.151, located in Frankfurt am Main, Germany and belongs to LINODE-AP Linode, LLC, US. The main domain is luka-ch0rt-cp-win-luka-avtozak.duckdns.org.
TLS certificate: Issued by R3 on February 11th 2021. Valid for: 3 months.

This is the only time luka-ch0rt-cp-win-luka-avtozak.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	139.162.171.151 139.162.171.151	63949 (LINODE-AP...) (LINODE-AP Linode)
6	2001:67c:4e8:... 2001:67c:4e8:1033:6:100:0:a	62041 (TELEGRAM) (TELEGRAM)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.12.193 151.101.12.193	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
6	2001:67c:4e8:... 2001:67c:4e8:1033:4:100:0:a	62041 (TELEGRAM) (TELEGRAM)
3	104.222.176.10 104.222.176.10	6762 (SEABONE-N...) (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A.)
14	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
2	149.154.175.205 149.154.175.205	59930 (TELEGRAM_...) (TELEGRAM_MESSENGER)
15	2a00:1450:400... 2a00:1450:4001:5a::8	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
280	18

10 139.162.171.151 (Frankfurt am Main, Germany)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1488-151.members.linode.com

luka-ch0rt-cp-win-luka-avtozak.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
luku-v-gaagu.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:67c:4e8:1033:6:100:0:a (Netherlands)

ASN62041 (TELEGRAM, VG)

t.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:67c:4e8:1033:4:100:0:a (Netherlands)

ASN62041 (TELEGRAM, VG)

telegram.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.222.176.10 (Wilmington, United States)

ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT)

oauth.tg.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 149.154.175.205 (United Kingdom)

ASN59930 (TELEGRAM_MESSENGER, VG)

cdn1.telesco.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:5a::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r2---sn-4g5ednll.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	googlevideo.com r2---sn-4g5ednll.googlevideo.com	1013 KB
15	youtube.com www.youtube.com	712 KB
10	duckdns.org luka-ch0rt-cp-win-luka-avtozak.duckdns.org luku-v-gaagu.duckdns.org	1 MB
8	gstatic.com fonts.gstatic.com www.gstatic.com	100 KB
6	telegram.org telegram.org	121 KB
6	t.me t.me	10 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net static.doubleclick.net	1 KB
3	tg.dev oauth.tg.dev	16 KB
3	googleapis.com fonts.googleapis.com	1 KB
2	telesco.pe cdn1.telesco.pe Failed	19 KB
1	ytimg.com i.ytimg.com	8 KB
1	ggpht.com yt3.ggpht.com	2 KB
1	google.com www.google.com	9 KB
1	imgur.com i.imgur.com	299 KB
0	vsebel.by Failed vsebel.by Failed
280	15

	Domain	Requested by
15	r2---sn-4g5ednll.googlevideo.com	www.youtube.com
15	www.youtube.com	luka-ch0rt-cp-win-luka-avtozak.duckdns.org www.youtube.com
7	fonts.gstatic.com	www.youtube.com fonts.googleapis.com
6	telegram.org	t.me
6	t.me	luka-ch0rt-cp-win-luka-avtozak.duckdns.org t.me
6	luka-ch0rt-cp-win-luka-avtozak.duckdns.org	luka-ch0rt-cp-win-luka-avtozak.duckdns.org
4	luku-v-gaagu.duckdns.org	luka-ch0rt-cp-win-luka-avtozak.duckdns.org
3	oauth.tg.dev	t.me
3	fonts.googleapis.com	t.me
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	cdn1.telesco.pe	t.me
1	www.gstatic.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	i.imgur.com	luka-ch0rt-cp-win-luka-avtozak.duckdns.org
0	vsebel.by Failed	luka-ch0rt-cp-win-luka-avtozak.duckdns.org
280	18

This site contains links to these domains. Also see Links.

Domain
vsebel.by
t.me

Subject Issuer	Validity	Valid
daloi.cpartisans.org R3	`2021-02-11` - `2021-05-12`	3 months	crt.sh
*.t.me Go Daddy Secure Certificate Authority - G2	`2019-09-10` - `2021-12-05`	2 years	crt.sh
*.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2020-01-15` - `2022-03-16`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.telegram.org Go Daddy Secure Certificate Authority - G2	`2020-09-08` - `2021-10-10`	a year	crt.sh
*.tg.dev Go Daddy Secure Certificate Authority - G2	`2019-06-05` - `2021-06-05`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.telesco.pe Go Daddy Secure Certificate Authority - G2	`2020-03-10` - `2022-04-13`	2 years	crt.sh
*.c.docs.google.com GTS CA 1O1	`2021-02-02` - `2021-04-13`	2 months	crt.sh
edgestatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh

This page contains 24 frames:

Primary Page: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/
Frame ID: 1934057D09E23C004E93F8A799652CAE
Requests: 113 HTTP requests in this frame

Frame: https://t.me/ddcpartisansnews/19?embed=1
Frame ID: 1B884438671D66AF4FD3552F28F74EC0
Requests: 11 HTTP requests in this frame

Frame: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
Frame ID: 76B50865F8F886907D476611263A9977
Requests: 39 HTTP requests in this frame

Frame: https://vsebel.by/?q=916700835193224400000&m=q
Frame ID: 3A5A10187B6E872F96471FDFA33C5439
Requests: 6 HTTP requests in this frame

Frame: https://vsebel.by/?q=646794949300009300000&m=q
Frame ID: 68A01F41CDF72C26C8677E318D7C1631
Requests: 6 HTTP requests in this frame

Frame: https://vsebel.by/?q=170644401566109270000&m=q
Frame ID: F136806557D5C2DC4BD87B5DB8E78E87
Requests: 5 HTTP requests in this frame

Frame: https://vsebel.by/?q=957964921860820600000&m=q
Frame ID: B8A1D591A70415ECE5C26FDA5350AE16
Requests: 5 HTTP requests in this frame

Frame: https://vsebel.by/?q=410620535336800200000&m=q
Frame ID: 1EB3CA3AFD139265F9594CE0B7C6A289
Requests: 5 HTTP requests in this frame

Frame: https://vsebel.by/?q=261044807832440100000&m=q
Frame ID: 58FDBF38DD12C9F4B92F683BD619521A
Requests: 5 HTTP requests in this frame

Frame: https://t.me/ddcpartisansnews/20?embed=1
Frame ID: 8F6022680E07C153BA8EE528FF218C8B
Requests: 25 HTTP requests in this frame

Frame: https://vsebel.by/?q=878357688380501800000&m=q
Frame ID: 79C38E987492CC2B3A91D40C26646BC6
Requests: 5 HTTP requests in this frame

Frame: https://vsebel.by/?q=49199904559090520000&m=q
Frame ID: 0C52114806810C2072A0E12E0DE9A9B1
Requests: 5 HTTP requests in this frame

Frame: https://vsebel.by/?q=293737687233294400000&m=q
Frame ID: 927BEF65063F5258F8C823FC1DD445A5
Requests: 5 HTTP requests in this frame

Frame: https://vsebel.by/?q=811143086856840300000&m=q
Frame ID: 104CFEF9D49DCF69199EA6BDB4D4688F
Requests: 5 HTTP requests in this frame

Frame: https://vsebel.by/?q=511281911951172440000&m=q
Frame ID: DD7BD6BDA129CAE7F57D5CA782503BC0
Requests: 5 HTTP requests in this frame

Frame: https://vsebel.by/?q=450164839497375150000&m=q
Frame ID: 54A128D1BB66D6CB03378AACC27CDD62
Requests: 5 HTTP requests in this frame

Frame: https://vsebel.by/?q=679307597490300600000&m=q
Frame ID: 6ED4E0F1EB4698A9B28E80B4891776CD
Requests: 5 HTTP requests in this frame

Frame: https://vsebel.by/?q=551244659294409800000&m=q
Frame ID: 609EF4EDF079340E2B3F40FE99ECCFE2
Requests: 5 HTTP requests in this frame

Frame: https://vsebel.by/?q=366596349702057400000&m=q
Frame ID: 3A2197B9FB783B342244067B7FBFC13F
Requests: 5 HTTP requests in this frame

Frame: https://vsebel.by/?q=68614905070675690000&m=q
Frame ID: 04C4D5A6145E4083005869BD32E53967
Requests: 5 HTTP requests in this frame

Frame: https://vsebel.by/?q=850835066028938500000&m=q
Frame ID: 540238FBEAD8F90557AEE3864F53AFCF
Requests: 5 HTTP requests in this frame

Frame: https://vsebel.by/?q=882118656807741400000&m=q
Frame ID: 84CEEF72B19DE5903BA65BFAE4B014B7
Requests: 5 HTTP requests in this frame

Frame: https://vsebel.by/?q=153481625749076080000&m=q
Frame ID: 05F1FB720B6D125E4DE0AC7B0AC3A2A9
Requests: 5 HTTP requests in this frame

Frame: https://vsebel.by/?q=889188047525362700000&m=q
Frame ID: 92991E18BE3E9E0E9BF4F50100A701AB
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

280
Requests

24 %
HTTPS

78 %
IPv6

15
Domains

18
Subdomains

18
IPs

4
Countries

3427 kB
Transfer

5503 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://vsebel.by/
Title: ВНС vsebel.by (x50)

Search URL Search Domain Scan URL

URL: https://t.me/cpartisans
Title: 1. ВладимирПутин - 650014478

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

280 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
luka-ch0rt-cp-win-luka-avtozak.duckdns.org/ 2 KB
1 KB 285ms
23ms Document
text/html 139.162.171.151
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 139.162.171.151 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1488-151.members.linode.com
Software: nginx/1.14.2 /
Resource Hash: 69c0da778bbe78e991498731111a24b84b2991c63884be6b7d9425c3d31bf3f0

Request headers

Host: luka-ch0rt-cp-win-luka-avtozak.duckdns.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, ÐºÐ°Ðº Gecko) Chrome / 83.0.4103.61 Safari / 537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Server: nginx/1.14.2
Date: Thu, 11 Feb 2021 14:23:39 GMT
Content-Type: text/html
Last-Modified: Thu, 11 Feb 2021 12:49:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"602527e8-8a7"
Content-Encoding: gzip

GET
H/1.1 200
OK main.8c8fe131.chunk.css
luka-ch0rt-cp-win-luka-avtozak.duckdns.org/static/css/ 2 KB
2 KB 24ms
23ms Stylesheet
text/css 139.162.171.151
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/static/css/main.8c8fe131.chunk.css
Requested by: Host: luka-ch0rt-cp-win-luka-avtozak.duckdns.org
URL: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 139.162.171.151 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1488-151.members.linode.com
Software: nginx/1.14.2 /
Resource Hash: 2b7844dda9103964ad34d76bc3d62e662c55bc54f08715667d78a896fd8b742c

Request headers

Referer: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Date: Thu, 11 Feb 2021 14:23:39 GMT
Last-Modified: Thu, 11 Feb 2021 12:49:44 GMT
Server: nginx/1.14.2
ETag: "602527e8-754"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1876

GET
H/1.1 200
OK 2.5500f2d4.chunk.js Show response
luka-ch0rt-cp-win-luka-avtozak.duckdns.org/static/js/ 1 MB
1 MB 56ms
31ms Script
application/javascript 139.162.171.151
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/static/js/2.5500f2d4.chunk.js
Requested by: Host: luka-ch0rt-cp-win-luka-avtozak.duckdns.org
URL: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 139.162.171.151 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1488-151.members.linode.com
Software: nginx/1.14.2 /
Resource Hash: a868a55afde6b6f4056bdcf2fab16bb1ea9871cf1cdc2e6c789f1edeb637d2e8

Request headers

Referer: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Date: Thu, 11 Feb 2021 14:23:39 GMT
Last-Modified: Thu, 11 Feb 2021 12:49:44 GMT
Server: nginx/1.14.2
ETag: "602527e8-10a96f"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1091951

GET
H/1.1 200
OK main.de5a73d0.chunk.js Show response
luka-ch0rt-cp-win-luka-avtozak.duckdns.org/static/js/ 33 KB
33 KB 134ms
37ms Script
application/javascript 139.162.171.151
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/static/js/main.de5a73d0.chunk.js
Requested by: Host: luka-ch0rt-cp-win-luka-avtozak.duckdns.org
URL: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 139.162.171.151 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1488-151.members.linode.com
Software: nginx/1.14.2 /
Resource Hash: 32d0b7128a191b125454cb0ee57d09c0a5cc48c8dc08462f8acb7fb293a361cd

Request headers

Referer: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Date: Thu, 11 Feb 2021 14:23:39 GMT
Last-Modified: Thu, 11 Feb 2021 12:49:44 GMT
Server: nginx/1.14.2
ETag: "602527e8-8392"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33682

GET
H/1.1 200
OK Cookie set 19 Show response
t.me/ddcpartisansnews/ Frame 1B88 6 KB
3 KB 60ms
33ms Document
text/html 2001:67c:4e8:1033:6:100:0:a
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://t.me/ddcpartisansnews/19?embed=1

Requested by

Host: luka-ch0rt-cp-win-luka-avtozak.duckdns.org
URL: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/static/js/2.5500f2d4.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:1033:6:100:0:a , Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

0a9708250ca622b724b7734165d7ef3ab1a5e0b046a6548e98c0bc75a56908bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=35768000

Request headers

Host: t.me
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, ÐºÐ°Ðº Gecko) Chrome / 83.0.4103.61 Safari / 537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36
Referer: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/

Response headers

Server: nginx/1.16.1
Date: Thu, 11 Feb 2021 14:23:39 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 2864
Connection: keep-alive
Set-Cookie: stel_ssid=15dd21c5acea2aabfb_12676323377197925030; expires=Fri, 12 Feb 2021 14:23:39 GMT; path=/; samesite=None; secure; HttpOnly stel_on=1; expires=Tue, 08 Feb 2022 19:31:55 GMT; path=/; samesite=None; secure; HttpOnly
Pragma: no-cache
Cache-control: no-store
Content-Encoding: gzip
Strict-Transport-Security: max-age=35768000

GET
H2 200 X9Yc6HY2Gec Show response
www.youtube.com/embed/ Frame 76B5 47 KB
20 KB 164ms
164ms Document
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=

Requested by

Host: luka-ch0rt-cp-win-luka-avtozak.duckdns.org
URL: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/static/js/2.5500f2d4.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

f94ab99094d1e8749be517acbfb29fda11b83f0a7c561771c040483d2a94d6b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/X9Yc6HY2Gec?autoplay=1&mute=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, ÐºÐ°Ðº Gecko) Chrome / 83.0.4103.61 Safari / 537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36
Referer: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/

Response headers

expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 11 Feb 2021 14:23:40 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
pragma: no-cache
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-length: 19912
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: YSC=6J8RF2rltq4; Domain=.youtube.com; Path=/; Secure; HttpOnly VISITOR_INFO1_LIVE=ucAgGgeqCd0; Domain=.youtube.com; Expires=Tue, 10-Aug-2021 14:23:40 GMT; Path=/; Secure; HttpOnly CONSENT=PENDING+293; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 VLxSDO0.jpg
i.imgur.com/ 298 KB
299 KB 74ms
24ms Image
image/jpeg 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/VLxSDO0.jpg

Requested by

Host: luka-ch0rt-cp-win-luka-avtozak.duckdns.org
URL: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

a612cd7e341bf6f6432e31b66e80821b939598a708501982bc65355b92634ec7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Referer: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Thu, 11 Feb 2021 14:23:39 GMT
x-content-type-options: nosniff
age: 25441
x-cache: HIT, HIT
x-amz-storage-class: STANDARD_IA
content-length: 305577
x-served-by: cache-bwi5168-BWI, cache-fra19130-FRA
last-modified: Tue, 27 Oct 2020 11:33:29 GMT
server: cat factory 1.0
x-timer: S1613053420.993327,VS0,VE1
etag: "46550c5fa38c18ed36dffb6ff5d9f9c8"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H/1.1 200
OK satellite.e7d0ec25.svg
luka-ch0rt-cp-win-luka-avtozak.duckdns.org/static/media/ 5 KB
5 KB 25ms
24ms Image
image/svg+xml 139.162.171.151
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/static/media/satellite.e7d0ec25.svg
Requested by: Host: luka-ch0rt-cp-win-luka-avtozak.duckdns.org
URL: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 139.162.171.151 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1488-151.members.linode.com
Software: nginx/1.14.2 /
Resource Hash: 65fd7969ab83831226781f793299f5aee0d91c0cb1edef9707435edec3997e6d

Request headers

Referer: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Date: Thu, 11 Feb 2021 14:23:39 GMT
Last-Modified: Thu, 11 Feb 2021 12:49:44 GMT
Server: nginx/1.14.2
ETag: "602527e8-12ee"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4846

GET
H/1.1 200
OK luka.png
luka-ch0rt-cp-win-luka-avtozak.duckdns.org/ 2 KB
2 KB 24ms
23ms Image
image/png 139.162.171.151
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/luka.png
Requested by: Host: luka-ch0rt-cp-win-luka-avtozak.duckdns.org
URL: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 139.162.171.151 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1488-151.members.linode.com
Software: nginx/1.14.2 /
Resource Hash: 70d41d3f7a17f61c5f8b768e87b35a442656f0f035206bc85e12ccb11b798eef

Request headers

Referer: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Date: Thu, 11 Feb 2021 14:23:39 GMT
Last-Modified: Thu, 11 Feb 2021 12:49:44 GMT
Server: nginx/1.14.2
ETag: "602527e8-7d4"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2004

GET
H/1.1 200
OK atconfig Show response
luku-v-gaagu.duckdns.org/ 1 KB
2 KB 258ms
48ms XHR
application/json 139.162.171.151
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://luku-v-gaagu.duckdns.org:666/atconfig
Requested by: Host: luka-ch0rt-cp-win-luka-avtozak.duckdns.org
URL: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/static/js/2.5500f2d4.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.171.151 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1488-151.members.linode.com
Software: / Express
Resource Hash: 2386559ff212d7ce48537854ac2c8cf0a27b720f0f4c0cbe97a92bf74d8774b1

Request headers

Accept: application/json, text/plain, */*
Referer: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Date: Thu, 11 Feb 2021 14:23:40 GMT
Last-Modified: Thu, 11 Feb 2021 13:26:26 GMT
X-Powered-By: Express
ETag: W/"5cd-17791457f42"
Access-Control-Allow-Methods: GET, POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1485

GET /
vsebel.by/ Frame 3A5A 0
0

GET /
vsebel.by/ 0
0

GET
H2 200 css
fonts.googleapis.com/ Frame 1B88 366 B
325 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500

Requested by

Host: t.me
URL: https://t.me/ddcpartisansnews/19?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0575040bff55a78de037bcdddf049c3f584fe15f23c7cff2bdcab852c847e1fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t.me/ddcpartisansnews/19?embed=1
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Thu, 11 Feb 2021 14:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 11 Feb 2021 14:23:40 GMT

GET
H/1.1 200
OK widget-frame.css
telegram.org/css/ Frame 1B88 67 KB
17 KB 52ms
24ms Stylesheet
text/css 2001:67c:4e8:1033:4:100:0:a
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/css/widget-frame.css?45

Requested by

Host: t.me
URL: https://t.me/ddcpartisansnews/19?embed=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:1033:4:100:0:a , Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

d73efe70be2927ba40fb4617468ffa04712439f55dd935568313ce4a09320418

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://t.me/ddcpartisansnews/19?embed=1
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Date: Thu, 11 Feb 2021 14:23:40 GMT
Content-Encoding: gzip
Last-Modified: Fri, 15 Jan 2021 15:20:58 GMT
Server: nginx/1.16.1
ETag: W/"6001b2da-10b33"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 15 Feb 2021 14:23:40 GMT

GET rIjjlrmPu9T_RVbAiygRh3E6j4gWBEBvVgtJgdvtG9s_BddmuqrTPqDKUqyd1U9W6VYCAYanTwYUpSSma_ilUUg1UE-modIePtFEhtyLX2cAjvuU7Zkq5Rz2gJRr00bXHR8ZsPYV0y-mZzSzAxO-1fcvZcw3dYqo7eJiJL7iI-3avI69wRmiWqRogLE_3FUWogfpY...
cdn1.telesco.pe/file/ Frame 1B88 0
0

GET
H/1.1 200
OK telegram-widget.js Show response
oauth.tg.dev/js/ Frame 1B88 17 KB
5 KB 55ms
19ms Script
application/javascript 104.222.176.10
SEABONE-NET TELEC...

General

Check archive.org

Show headers Download Go to

Full URL

https://oauth.tg.dev/js/telegram-widget.js?14

Requested by

Host: t.me
URL: https://t.me/ddcpartisansnews/19?embed=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.222.176.10 Wilmington, United States, ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

d3a9b87553085e20942af12881900b07887fe3cdcb3bb35f46d0c5e2fc7a5364

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://t.me/ddcpartisansnews/19?embed=1
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Date: Thu, 11 Feb 2021 14:23:40 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Nov 2020 09:18:36 GMT
Server: nginx/1.16.1
ETag: W/"5fa514ec-4352"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 15 Feb 2021 14:23:40 GMT

GET
H/1.1 200
OK widget-frame.js Show response
telegram.org/js/ Frame 1B88 81 KB
23 KB 15ms
13ms Script
application/javascript 2001:67c:4e8:1033:4:100:0:a
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/js/widget-frame.js?45

Requested by

Host: t.me
URL: https://t.me/ddcpartisansnews/19?embed=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:1033:4:100:0:a , Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

c2bb8a83cb680e3d24161085b6e6013b2258ea7c42e5f984a619bb9296f82995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://t.me/ddcpartisansnews/19?embed=1
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Date: Thu, 11 Feb 2021 14:23:40 GMT
Content-Encoding: gzip
Last-Modified: Fri, 15 Jan 2021 15:20:58 GMT
Server: nginx/1.16.1
ETag: W/"6001b2da-143ad"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 15 Feb 2021 14:23:40 GMT

GET /
vsebel.by/ Frame 68A0 0
0

GET /
vsebel.by/ 0
0

GET
H3-Q050 200 www-player.css
www.youtube.com/s/player/0ce056a2/ Frame 76B5 339 KB
51 KB 36ms
20ms Stylesheet
text/css 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0ce056a2/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0804d99ddfc24255a34d501b269fb3cc3fa6ce12947283471d420f383c947ca5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Wed, 10 Feb 2021 23:00:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Feb 2021 21:29:21 GMT
server: sffe
age: 55400
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52033
x-xss-protection: 0
expires: Thu, 10 Feb 2022 23:00:20 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/0ce056a2/www-embed-player.vflset/ Frame 76B5 156 KB
57 KB 38ms
22ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0ce056a2/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10fd04f37329ab2879e90dcda365fe5f67420e34c05095736c7d7b708f10bfb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Wed, 10 Feb 2021 23:00:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Feb 2021 21:29:21 GMT
server: sffe
age: 55400
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58163
x-xss-protection: 0
expires: Thu, 10 Feb 2022 23:00:20 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/ Frame 76B5 1 MB
491 KB 38ms
22ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9a149074422323b872412c4ee6790a0ffc3ca2de0f51147c39d2d83e469a943

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Wed, 10 Feb 2021 23:00:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Feb 2021 21:29:21 GMT
server: sffe
age: 55400
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 502450
x-xss-protection: 0
expires: Thu, 10 Feb 2022 23:00:20 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/0ce056a2/fetch-polyfill.vflset/ Frame 76B5 8 KB
3 KB 38ms
22ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0ce056a2/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Wed, 10 Feb 2021 23:00:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Feb 2021 21:29:21 GMT
server: sffe
age: 55400
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Thu, 10 Feb 2022 23:00:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxMKTU1Kg.woff
fonts.gstatic.com/s/roboto/v18/ Frame 76B5 14 KB
14 KB 7ms
6ms Font
font/woff 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxMKTU1Kg.woff

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc4d37779a8cefd1f2d83c5becf8ad92d594f012ae84ab9b16cc80d0000aa687

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Fri, 05 Feb 2021 04:26:02 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:52 GMT
server: sffe
age: 554258
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13988
x-xss-protection: 0
expires: Sat, 05 Feb 2022 04:26:02 GMT

GET /
vsebel.by/ Frame F136 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame B8A1 0
0

GET /
vsebel.by/ 0
0

GET
DATA 200
OK truncated
/ Frame 1B88 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1ef3d3ae5f563bd9b05d778c8cb5261ff05eb0dc32de1d27f78fdc111ed2107

Request headers

Referer
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1B88 683 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5c639313a20041c6986df07dae08542d6e26be05464cadce13a51141b8a8886

Request headers

Referer
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc-AMP6lQ.woff
fonts.gstatic.com/s/roboto/v20/ Frame 1B88 14 KB
14 KB 30ms
14ms Font
font/woff 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc-AMP6lQ.woff

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b731864456e11cb0dbb57959da8e514d6964e4e7e95b1dd69ee1660eaa87c57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://t.me
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Fri, 05 Feb 2021 04:25:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 554270
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14376
x-xss-protection: 0
expires: Sat, 05 Feb 2022 04:25:50 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxMKTU1Kg.woff
fonts.gstatic.com/s/roboto/v20/ Frame 1B88 14 KB
14 KB 29ms
13ms Font
font/woff 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxMKTU1Kg.woff

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ee971ab559e3a2c9b2392868f33fb90d3d17c8564846fd307781ed8acda16d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://t.me
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Wed, 10 Feb 2021 08:43:21 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 106819
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14320
x-xss-protection: 0
expires: Thu, 10 Feb 2022 08:43:21 GMT

POST
H/1.1 200
OK 19 Show response
t.me/ddcpartisansnews/ Frame 1B88 4 B
305 B 17ms
17ms XHR
application/json 2001:67c:4e8:1033:6:100:0:a
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://t.me/ddcpartisansnews/19?embed=1

Requested by

Host: t.me
URL: https://t.me/ddcpartisansnews/19?embed=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:1033:6:100:0:a , Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=35768000

Request headers

Referer: https://t.me/ddcpartisansnews/19?embed=1
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 11 Feb 2021 14:23:40 GMT
Content-Encoding: gzip
Server: nginx/1.16.1
Strict-Transport-Security: max-age=35768000
Content-Type: application/json; charset=utf-8
Cache-control: no-store
Connection: keep-alive
Content-Length: 24

GET /
vsebel.by/ Frame 1EB3 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 58FD 0
0

GET /
vsebel.by/ 0
0

GET 20
t.me/ddcpartisansnews/ Frame 8F60 0
0

GET
H/1.1 200
OK 20 Show response
t.me/ddcpartisansnews/ Frame 8F60 6 KB
3 KB 39ms
39ms Document
text/html 2001:67c:4e8:1033:6:100:0:a
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://t.me/ddcpartisansnews/20?embed=1

Requested by

Host: luka-ch0rt-cp-win-luka-avtozak.duckdns.org
URL: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/static/js/main.de5a73d0.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:1033:6:100:0:a , Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

f7dbaecd25adb7ee6171deb8befc8f7c4d99bbfa79c51a563180f62a8f7de283

Security Headers

Name	Value
Strict-Transport-Security	max-age=35768000

Request headers

Host: t.me
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, ÐºÐ°Ðº Gecko) Chrome / 83.0.4103.61 Safari / 537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: stel_ssid=15dd21c5acea2aabfb_12676323377197925030; stel_on=1; stel_dt=-60
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36
Referer: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/

Response headers

Server: nginx/1.16.1
Date: Thu, 11 Feb 2021 14:23:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 2551
Connection: keep-alive
Pragma: no-cache
Cache-control: no-store
Content-Encoding: gzip
Strict-Transport-Security: max-age=35768000

GET
H/1.1 200
OK ldrs Show response
luku-v-gaagu.duckdns.org/ 422 B
782 B 24ms
23ms XHR
application/json 139.162.171.151
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://luku-v-gaagu.duckdns.org:666/ldrs
Requested by: Host: luka-ch0rt-cp-win-luka-avtozak.duckdns.org
URL: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/static/js/2.5500f2d4.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.171.151 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1488-151.members.linode.com
Software: / Express
Resource Hash: 698f80ccf1a28aad0fa2c7a790348ebdc6081529f354f90a07575162fd016792

Request headers

Accept: application/json, text/plain, */*
Referer: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Date: Thu, 11 Feb 2021 14:23:40 GMT
X-Powered-By: Express
ETag: W/"1a6-oHivuHfCseDzp5Ykpo1JFRAz3YE"
Access-Control-Allow-Methods: GET, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 422

GET
H3-Q050

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 76B5
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
1019 B

68ms
53ms

XHR
application/json

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

638337862381aaa6ab4b05218f78152e155cc1de5573ac7dbe333437dfc61beb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Thu, 11 Feb 2021 14:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 11 Feb 2021 14:23:40 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 76B5 29 B
90 B 9ms
8ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0ce056a2/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Thu, 11 Feb 2021 14:11:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 702
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 11 Feb 2021 14:26:58 GMT

GET
H2 200 cX-F6qM_6ue75AXQ_1jtulhbTER2cyQ4Ai21JxgzHfE.js Show response
www.google.com/js/bg/ Frame 76B5 22 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/cX-F6qM_6ue75AXQ_1jtulhbTER2cyQ4Ai21JxgzHfE.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

717f85eaa33feae7bbe405d0ff58edba585b4c4476732438022db52718331df1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Wed, 10 Feb 2021 08:14:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Feb 2021 11:30:00 GMT
server: sffe
age: 108534
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9395
x-xss-protection: 0
expires: Thu, 10 Feb 2022 08:14:46 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/ Frame 76B5 29 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d696c32e909953f9e477ac0b319245184bb15199ea2a32e92f21ebd951f77b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Wed, 10 Feb 2021 23:00:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Feb 2021 21:29:21 GMT
server: sffe
age: 55399
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9681
x-xss-protection: 0
expires: Thu, 10 Feb 2022 23:00:21 GMT

POST
H3-Q050 200 player Show response
www.youtube.com/youtubei/v1/ Frame 76B5 65 KB
16 KB 85ms
84ms XHR
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0d8f9d85ec3d305f6c8cf84937877ae4a596e5026dc03dbe06134d8f6550b495

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36
X-Goog-Visitor-Id: Cgt1Y0FnR2dlcUNkMCjs-5SBBg%3D%3D
Content-Type: application/json

Response headers

date: Thu, 11 Feb 2021 14:23:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16063
x-xss-protection: 0
expires: Thu, 11 Feb 2021 14:23:40 GMT

GET
DATA 200
OK truncated
/ Frame 76B5 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwnjjZSOZL8VhFFqPfg3XEJGGTV1im1J37iP4Mfpn=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 76B5 2 KB
2 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwnjjZSOZL8VhFFqPfg3XEJGGTV1im1J37iP4Mfpn=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8bafa629dc8a69bacc9bd48d8bc63052189a6734ad56d73c23b96f6ed6884601

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Thu, 11 Feb 2021 12:49:57 GMT
x-content-type-options: nosniff
age: 5623
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2411
x-xss-protection: 0
server: fife
etag: "v67"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 12 Feb 2021 12:49:57 GMT

GET
DATA 200
OK truncated
/ Frame 76B5 283 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10bbbb5c5ae22683c47f305bb0f2987078bf85ee76cb85e6d9bb36947e4fb3a9

Request headers

Referer
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 8F60 366 B
565 B 42ms
28ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500

Requested by

Host: t.me
URL: https://t.me/ddcpartisansnews/20?embed=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0575040bff55a78de037bcdddf049c3f584fe15f23c7cff2bdcab852c847e1fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t.me/ddcpartisansnews/20?embed=1
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Thu, 11 Feb 2021 14:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 11 Feb 2021 14:23:40 GMT

GET
H/1.1 200
OK widget-frame.css
telegram.org/css/ Frame 8F60 67 KB
17 KB 17ms
17ms Stylesheet
text/css 2001:67c:4e8:1033:4:100:0:a
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/css/widget-frame.css?45

Requested by

Host: t.me
URL: https://t.me/ddcpartisansnews/20?embed=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:1033:4:100:0:a , Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

d73efe70be2927ba40fb4617468ffa04712439f55dd935568313ce4a09320418

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://t.me/ddcpartisansnews/20?embed=1
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Date: Thu, 11 Feb 2021 14:23:40 GMT
Content-Encoding: gzip
Last-Modified: Fri, 15 Jan 2021 15:20:58 GMT
Server: nginx/1.16.1
ETag: W/"6001b2da-10b33"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 15 Feb 2021 14:23:40 GMT

GET
H/1.1 200
OK rIjjlrmPu9T_RVbAiygRh3E6j4gWBEBvVgtJgdvtG9s_BddmuqrTPqDKUqyd1U9W6VYCAYanTwYUpSSma_ilUUg1UE-modIePtFEhtyLX2cAjvuU7Zkq5Rz2gJRr00bXHR8ZsPYV0y-mZzSzAxO-1fcvZcw3dYqo7eJiJL7iI-3avI69wRmiWqRogLE_3FUWogfpY...
cdn1.telesco.pe/file/ Frame 8F60 9 KB
9 KB 132ms
128ms Image
image/jpeg 149.154.175.205
TELEGRAM_MESSENGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn1.telesco.pe/file/rIjjlrmPu9T_RVbAiygRh3E6j4gWBEBvVgtJgdvtG9s_BddmuqrTPqDKUqyd1U9W6VYCAYanTwYUpSSma_ilUUg1UE-modIePtFEhtyLX2cAjvuU7Zkq5Rz2gJRr00bXHR8ZsPYV0y-mZzSzAxO-1fcvZcw3dYqo7eJiJL7iI-3avI69wRmiWqRogLE_3FUWogfpYy8bzqIrlqGWXq1Y6rprM1_p_vdhIAM1ieWWlK6-xoGaVE7_c5bkLg0FbQPCaPqMg4rG5b46OC_-QOBjwCUMujJmgDCOTIWXbPADDSOIfKog62xp2r95kik-zJ7aKI2lCclorjiRfUefOO823g.jpg

Requested by

Host: t.me
URL: https://t.me/ddcpartisansnews/20?embed=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.175.205 , United Kingdom, ASN59930 (TELEGRAM_MESSENGER, VG),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

07c9018450b62108c51e42e4e230f7f68db4429a5e08c6330eb449870561728f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://t.me/ddcpartisansnews/20?embed=1
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Date: Thu, 11 Feb 2021 14:23:40 GMT
Last-Modified: Wed, 16 Dec 2020 09:05:02 GMT
Server: nginx/1.16.1
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: 0-9001, bytes
Content-Length: 9001
Expires: Sat, 13 Mar 2021 14:23:40 GMT

GET
H/1.1 200
OK telegram-widget.js Show response
oauth.tg.dev/js/ Frame 8F60 17 KB
5 KB 19ms
18ms Script
application/javascript 104.222.176.10
SEABONE-NET TELEC...

General

Check archive.org

Show headers Download Go to

Full URL

https://oauth.tg.dev/js/telegram-widget.js?14

Requested by

Host: t.me
URL: https://t.me/ddcpartisansnews/20?embed=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.222.176.10 Wilmington, United States, ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

d3a9b87553085e20942af12881900b07887fe3cdcb3bb35f46d0c5e2fc7a5364

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://t.me/ddcpartisansnews/20?embed=1
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Date: Thu, 11 Feb 2021 14:23:40 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Nov 2020 09:18:36 GMT
Server: nginx/1.16.1
ETag: W/"5fa514ec-4352"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 15 Feb 2021 14:23:40 GMT

GET
H/1.1 200
OK widget-frame.js Show response
telegram.org/js/ Frame 8F60 81 KB
23 KB 14ms
14ms Script
application/javascript 2001:67c:4e8:1033:4:100:0:a
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/js/widget-frame.js?45

Requested by

Host: t.me
URL: https://t.me/ddcpartisansnews/20?embed=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:1033:4:100:0:a , Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

c2bb8a83cb680e3d24161085b6e6013b2258ea7c42e5f984a619bb9296f82995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://t.me/ddcpartisansnews/20?embed=1
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Date: Thu, 11 Feb 2021 14:23:40 GMT
Content-Encoding: gzip
Last-Modified: Fri, 15 Jan 2021 15:20:58 GMT
Server: nginx/1.16.1
ETag: W/"6001b2da-143ad"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 15 Feb 2021 14:23:40 GMT

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame 76B5 0
15 B 6ms
5ms Image
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?xNqRGg
Requested by: Host: luka-ch0rt-cp-win-luka-avtozak.duckdns.org
URL: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Thu, 11 Feb 2021 14:23:40 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3-Q050 204 qoe
www.youtube.com/api/stats/ Frame 76B5 0
156 B 17ms
17ms Other
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=134&afmt=140&cpn=ASSb5EBgG1sGGg7j&ei=7D0lYPKjF4P51wK-_q5Q&el=embedded&docid=X9Yc6HY2Gec&ns=yt&fexp=23748146%2C23857950%2C23858057%2C23941303%2C23966109%2C23969934%2C23976578%2C23987575%2C23988825%2C23992809&cl=356805766&seq=1&cbrand=apple&cbr=Safari&cbrver=14.0&c=WEB_EMBEDDED_PLAYER&cver=1.20210208.1.1&cplayer=UNIPLAYER&cos=Macintosh&cosver=10_14_5&cplatform=DESKTOP&vps=0.000:N,0.133:N&afs=0.133:140::i&vfs=0.133:134:134::r&view=0.133:350:315&bwe=0.133:130000&bat=0.133:1:1&vis=0.133:0&cmt=0.133:0.000&bh=0.133:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 14:23:40 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r2---sn-4g5ednll.googlevideo.com/ Frame 76B5 1 KB
2 KB 43ms
27ms XHR
video/mp4 2a00:1450:4001:5a::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5ednll.googlevideo.com/videoplayback?expire=1613075020&ei=7D0lYPKjF4P51wK-_q5Q&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-AOM0wauY31N_TYik5oSqHUFOHkkzQ7NmAGUlGy60AJ4O&itag=134&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=RR&mm=31%2C26&mn=sn-4g5ednll%2Csn-5hne6n7s&ms=au%2Conr&mv=m&mvi=2&pl=42&initcwndbps=551250&vprv=1&mime=video%2Fmp4&ns=8OLyDj9FmhG4g54g5BD5TZgF&gir=yes&clen=385072&otfp=1&dur=121.655&lmt=1610664720990669&mt=1613053253&fvip=2&keepalive=yes&beids=23886204&c=WEB_EMBEDDED_PLAYER&txp=6216222&n=ekZFsG9EAL4cSQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgR3buo1VCHh_D-WP_mD6Tf4b4a0n_8Xw7mpFCQxgrgOACIQCExXuqF88YNUcsiUYE6BHb0r6XUwUDV6vh5UlFPuAQKw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAMBNRdQMxmZhlugSoLXCR6vNekdXMNKyvl89RBZlArlOAiEA_QIGBmRTPHJyPGfN45hgtudy_7YP9kx1uZ4luGbJWTU%3D&alr=yes&cpn=ASSb5EBgG1sGGg7j&cver=1.20210208.1.1&range=0-1036&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:5a::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

05b0946cca0904337284916d3c6d206b6d8fd8516dd2367f33619de29baf1c83

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Date: Thu, 11 Feb 2021 14:23:40 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1037
Last-Modified: Thu, 14 Jan 2021 22:52:00 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Thu, 11 Feb 2021 14:23:40 GMT

GET
H/1.1 200
OK videoplayback Show response
r2---sn-4g5ednll.googlevideo.com/ Frame 76B5 820 B
2 KB 81ms
66ms XHR
audio/mp4 2a00:1450:4001:5a::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5ednll.googlevideo.com/videoplayback?expire=1613075020&ei=7D0lYPKjF4P51wK-_q5Q&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-AOM0wauY31N_TYik5oSqHUFOHkkzQ7NmAGUlGy60AJ4O&itag=140&source=youtube&requiressl=yes&mh=RR&mm=31%2C26&mn=sn-4g5ednll%2Csn-5hne6n7s&ms=au%2Conr&mv=m&mvi=2&pl=42&initcwndbps=551250&vprv=1&mime=audio%2Fmp4&ns=8OLyDj9FmhG4g54g5BD5TZgF&gir=yes&clen=1970644&otfp=1&dur=121.718&lmt=1610664717896601&mt=1613053253&fvip=2&keepalive=yes&beids=23886204&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=ekZFsG9EAL4cSQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgTB6m54mn7mF_na1jCPDgURgMZL8IWb2nUZnyGFcnussCID_JrZlF7gg-ipRZlIN6z5zNVeQSDIRyMpYX3Ga5f5eT&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAMBNRdQMxmZhlugSoLXCR6vNekdXMNKyvl89RBZlArlOAiEA_QIGBmRTPHJyPGfN45hgtudy_7YP9kx1uZ4luGbJWTU%3D&alr=yes&cpn=ASSb5EBgG1sGGg7j&cver=1.20210208.1.1&range=0-819&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:5a::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

33ea49fe07fd9d3a21b6b354b1149dc5e9c9fe660aaa018b1c7e07a329440e9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Date: Thu, 11 Feb 2021 14:23:40 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 820
Last-Modified: Thu, 14 Jan 2021 22:51:57 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/mp4
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Thu, 11 Feb 2021 14:23:40 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/ Frame 76B5 95 KB
31 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

309e388583b22cf2d6f6390e4eb97b68feeef65c820b5c57c543a5a71154286b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Wed, 10 Feb 2021 23:00:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Feb 2021 21:29:21 GMT
server: sffe
age: 55399
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32126
x-xss-protection: 0
expires: Thu, 10 Feb 2022 23:00:21 GMT

GET
H3-Q050 200 captions.js Show response
www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/ Frame 76B5 53 KB
20 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7453349d7f3d8a7bc3f66ffd484b3e71a18d698f9cc88376d9c5110fb2aca366

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Wed, 10 Feb 2021 23:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Feb 2021 21:29:21 GMT
server: sffe
age: 55278
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19908
x-xss-protection: 0
expires: Thu, 10 Feb 2022 23:02:22 GMT

GET
H3-Q050 200 endscreen.js Show response
www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/ Frame 76B5 26 KB
7 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25b6fbfc105d3275121f518c83816f6597ed2a4bb372e19580d8837eae53ece4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Wed, 10 Feb 2021 23:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Feb 2021 21:29:21 GMT
server: sffe
age: 55278
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7435
x-xss-protection: 0
expires: Thu, 10 Feb 2022 23:02:22 GMT

POST
H3-Q050 200 next Show response
www.youtube.com/youtubei/v1/ Frame 76B5 67 KB
6 KB 336ms
335ms XHR
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c18f327f1182ce3f02f3fdacc23446aa5a37c8f439bd0f82b653f04df2822831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36
X-Goog-Visitor-Id: Cgt1Y0FnR2dlcUNkMCjs-5SBBg%3D%3D
Content-Type: application/json

Response headers

date: Thu, 11 Feb 2021 14:23:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6142
x-xss-protection: 0
expires: Thu, 11 Feb 2021 14:23:40 GMT

GET
DATA 200
OK truncated
/ Frame 8F60 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1ef3d3ae5f563bd9b05d778c8cb5261ff05eb0dc32de1d27f78fdc111ed2107

Request headers

Referer
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8F60 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70e10811b989efbd48d9332087ea5f99a9b9ba63513aed3652a5b2293a552819

Request headers

Referer
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8F60 683 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5c639313a20041c6986df07dae08542d6e26be05464cadce13a51141b8a8886

Request headers

Referer
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc-AMP6lQ.woff
fonts.gstatic.com/s/roboto/v20/ Frame 8F60 14 KB
14 KB 7ms
6ms Font
font/woff 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc-AMP6lQ.woff

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b731864456e11cb0dbb57959da8e514d6964e4e7e95b1dd69ee1660eaa87c57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://t.me
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Fri, 05 Feb 2021 04:25:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 554270
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14376
x-xss-protection: 0
expires: Sat, 05 Feb 2022 04:25:50 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxMKTU1Kg.woff
fonts.gstatic.com/s/roboto/v20/ Frame 8F60 14 KB
14 KB 8ms
8ms Font
font/woff 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxMKTU1Kg.woff

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ee971ab559e3a2c9b2392868f33fb90d3d17c8564846fd307781ed8acda16d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://t.me
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Wed, 10 Feb 2021 08:43:21 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 106819
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14320
x-xss-protection: 0
expires: Thu, 10 Feb 2022 08:43:21 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/X9Yc6HY2Gec/ Frame 76B5 8 KB
8 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/X9Yc6HY2Gec/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a51c8b9efddfd43f30e6838d1f3910d7e4ee406fdb4936d3bd24d18831ea4f59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Thu, 11 Feb 2021 13:29:40 GMT
x-content-type-options: nosniff
server: sffe
age: 3240
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8244
x-xss-protection: 0
expires: Thu, 11 Feb 2021 15:29:40 GMT

POST
H/1.1 200
OK 20 Show response
t.me/ddcpartisansnews/ Frame 8F60 4 B
305 B 27ms
27ms XHR
application/json 2001:67c:4e8:1033:6:100:0:a
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://t.me/ddcpartisansnews/20?embed=1

Requested by

Host: t.me
URL: https://t.me/ddcpartisansnews/20?embed=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:1033:6:100:0:a , Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=35768000

Request headers

Referer: https://t.me/ddcpartisansnews/20?embed=1
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 11 Feb 2021 14:23:40 GMT
Content-Encoding: gzip
Server: nginx/1.16.1
Strict-Transport-Security: max-age=35768000
Content-Type: application/json; charset=utf-8
Cache-control: no-store
Connection: keep-alive
Content-Length: 24

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 76B5 4 KB
2 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c043e209b26776422fdd7a08a36a8d3a3298577f92401a463145d88ebfa93a01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Thu, 11 Feb 2021 14:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Feb 2021 06:49:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1801
x-xss-protection: 0
expires: Thu, 11 Feb 2021 14:23:40 GMT

GET
H3-Q050 200 videoplayback Show response
r2---sn-4g5ednll.googlevideo.com/ Frame 76B5 14 KB
15 KB 16ms
7ms XHR
video/mp4 2a00:1450:4001:5a::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:5a::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0bd6ee5a221bc42baa6de2fc9743d46b13ce966033c6a0cd49ee26063aeaf426

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Thu, 11 Feb 2021 14:23:40 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14289
client-protocol: quic
last-modified: Thu, 14 Jan 2021 22:52:00 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Thu, 11 Feb 2021 14:23:40 GMT

GET
H3-Q050 200 videoplayback Show response
r2---sn-4g5ednll.googlevideo.com/ Frame 76B5 20 KB
20 KB 6ms
6ms XHR
video/mp4 2a00:1450:4001:5a::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:5a::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

f7c05dbb1718c69f4b9d27b72267521afc247195a18411e28e9c1452e3b4b260

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Thu, 11 Feb 2021 14:23:40 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20178
client-protocol: quic
last-modified: Thu, 14 Jan 2021 22:52:00 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Thu, 11 Feb 2021 14:23:40 GMT

GET
H3-Q050 200 videoplayback Show response
r2---sn-4g5ednll.googlevideo.com/ Frame 76B5 158 KB
158 KB 6ms
6ms XHR
audio/mp4 2a00:1450:4001:5a::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5ednll.googlevideo.com/videoplayback?expire=1613075020&ei=7D0lYPKjF4P51wK-_q5Q&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-AOM0wauY31N_TYik5oSqHUFOHkkzQ7NmAGUlGy60AJ4O&itag=140&source=youtube&requiressl=yes&mh=RR&mm=31%2C26&mn=sn-4g5ednll%2Csn-5hne6n7s&ms=au%2Conr&mv=m&mvi=2&pl=42&initcwndbps=551250&vprv=1&mime=audio%2Fmp4&ns=8OLyDj9FmhG4g54g5BD5TZgF&gir=yes&clen=1970644&otfp=1&dur=121.718&lmt=1610664717896601&mt=1613053253&fvip=2&keepalive=yes&beids=23886204&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=ekZFsG9EAL4cSQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgTB6m54mn7mF_na1jCPDgURgMZL8IWb2nUZnyGFcnussCID_JrZlF7gg-ipRZlIN6z5zNVeQSDIRyMpYX3Ga5f5eT&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAMBNRdQMxmZhlugSoLXCR6vNekdXMNKyvl89RBZlArlOAiEA_QIGBmRTPHJyPGfN45hgtudy_7YP9kx1uZ4luGbJWTU%3D&alr=yes&cpn=ASSb5EBgG1sGGg7j&cver=1.20210208.1.1&range=820-162648&rn=5&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:5a::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

250a99bda10d56ec0e0ea8c89e23821a27fd274a2c448d1d5aef56acd994b795

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Thu, 11 Feb 2021 14:23:40 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 161829
client-protocol: quic
last-modified: Thu, 14 Jan 2021 22:51:57 GMT
server: gvs 1.0
vary: Origin
content-type: audio/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 11 Feb 2021 14:23:40 GMT

GET
H3-Q050 200 videoplayback Show response
r2---sn-4g5ednll.googlevideo.com/ Frame 76B5 158 KB
158 KB 6ms
6ms XHR
audio/mp4 2a00:1450:4001:5a::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5ednll.googlevideo.com/videoplayback?expire=1613075020&ei=7D0lYPKjF4P51wK-_q5Q&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-AOM0wauY31N_TYik5oSqHUFOHkkzQ7NmAGUlGy60AJ4O&itag=140&source=youtube&requiressl=yes&mh=RR&mm=31%2C26&mn=sn-4g5ednll%2Csn-5hne6n7s&ms=au%2Conr&mv=m&mvi=2&pl=42&initcwndbps=551250&vprv=1&mime=audio%2Fmp4&ns=8OLyDj9FmhG4g54g5BD5TZgF&gir=yes&clen=1970644&otfp=1&dur=121.718&lmt=1610664717896601&mt=1613053253&fvip=2&keepalive=yes&beids=23886204&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=ekZFsG9EAL4cSQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgTB6m54mn7mF_na1jCPDgURgMZL8IWb2nUZnyGFcnussCID_JrZlF7gg-ipRZlIN6z5zNVeQSDIRyMpYX3Ga5f5eT&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAMBNRdQMxmZhlugSoLXCR6vNekdXMNKyvl89RBZlArlOAiEA_QIGBmRTPHJyPGfN45hgtudy_7YP9kx1uZ4luGbJWTU%3D&alr=yes&cpn=ASSb5EBgG1sGGg7j&cver=1.20210208.1.1&range=162649-324220&rn=6&rbuf=9985

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:5a::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

2ea2af7650a1ecd8b2a7aee098575e137196aaf06df7843d90cb53f9ad0531af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Thu, 11 Feb 2021 14:23:40 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 161572
client-protocol: quic
last-modified: Thu, 14 Jan 2021 22:51:57 GMT
server: gvs 1.0
vary: Origin
content-type: audio/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 11 Feb 2021 14:23:40 GMT

GET /
vsebel.by/ Frame 79C3 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 0C52 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 927B 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 104C 0
0

GET /
vsebel.by/ 0
0

GET
H3-Q050 200 videoplayback Show response
r2---sn-4g5ednll.googlevideo.com/ Frame 76B5 18 KB
18 KB 6ms
6ms XHR
video/mp4 2a00:1450:4001:5a::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:5a::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

2f3f0c298867921be476f41414068d58309a77609ca606a8dcead1340a9b9adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Thu, 11 Feb 2021 14:23:41 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18496
client-protocol: quic
last-modified: Thu, 14 Jan 2021 22:52:00 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Thu, 11 Feb 2021 14:23:41 GMT

GET /
vsebel.by/ Frame DD7B 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 54A1 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 6ED4 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 609E 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 3A21 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 04C4 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 5402 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 84CE 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 05F1 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 9299 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 3A5A 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 68A0 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame F136 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame B8A1 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 1EB3 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 58FD 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 79C3 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 0C52 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 927B 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 104C 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame DD7B 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 54A1 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 6ED4 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 609E 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 3A21 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 04C4 0
0

GET /
vsebel.by/ 0
0

POST
H3-Q050 204 qoe
www.youtube.com/api/stats/ Frame 76B5 0
23 B 14ms
14ms Other
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=134&afmt=140&cpn=ASSb5EBgG1sGGg7j&ei=7D0lYPKjF4P51wK-_q5Q&el=embedded&docid=X9Yc6HY2Gec&ns=yt&fexp=23748146%2C23857950%2C23858057%2C23941303%2C23966109%2C23969934%2C23976578%2C23987575%2C23988825%2C23992809&cl=356805766&seq=2&cbrand=apple&cbr=Safari&cbrver=14.0&c=WEB_EMBEDDED_PLAYER&cver=1.20210208.1.1&cplayer=UNIPLAYER&cos=Macintosh&cosver=10_14_5&cplatform=DESKTOP&cat=otfp&ctmp=loudness:-2.240,dompaused:t.147;promise;m.NotAllowedError&bwm=10.007:378221:0.200&bwe=10.007:2055111&bat=10.007:1:1&cmt=10.007:0.000&bh=10.007:16.552&df=10.007:0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 14:23:50 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 76B5 28 B
151 B 23ms
23ms XHR
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0ce056a2/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
X-YouTube-Client-Version: 1.20210208.1.1
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgt1Y0FnR2dlcUNkMCjs-5SBBg%3D%3D
X-YouTube-Ad-Signals: dt=1613053420203&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C350%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 11 Feb 2021 14:23:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 11 Feb 2021 14:23:50 GMT

GET
H/1.1 200
OK videoplayback Show response
r2---sn-4g5ednll.googlevideo.com/ Frame 76B5 71 KB
72 KB 7ms
6ms XHR
video/mp4 2a00:1450:4001:5a::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:5a::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

4cc33ae647770950a1ef7515cb1732d0e90a8ae93498578a67d5cb16054e0ce8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Date: Thu, 11 Feb 2021 14:23:50 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 72638
Last-Modified: Thu, 14 Jan 2021 22:52:00 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21290
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Thu, 11 Feb 2021 14:23:50 GMT

GET
H3-Q050 200 videoplayback Show response
r2---sn-4g5ednll.googlevideo.com/ Frame 76B5 158 KB
158 KB 6ms
6ms XHR
audio/mp4 2a00:1450:4001:5a::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5ednll.googlevideo.com/videoplayback?expire=1613075020&ei=7D0lYPKjF4P51wK-_q5Q&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-AOM0wauY31N_TYik5oSqHUFOHkkzQ7NmAGUlGy60AJ4O&itag=140&source=youtube&requiressl=yes&mh=RR&mm=31%2C26&mn=sn-4g5ednll%2Csn-5hne6n7s&ms=au%2Conr&mv=m&mvi=2&pl=42&initcwndbps=551250&vprv=1&mime=audio%2Fmp4&ns=8OLyDj9FmhG4g54g5BD5TZgF&gir=yes&clen=1970644&otfp=1&dur=121.718&lmt=1610664717896601&mt=1613053253&fvip=2&keepalive=yes&beids=23886204&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=ekZFsG9EAL4cSQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgTB6m54mn7mF_na1jCPDgURgMZL8IWb2nUZnyGFcnussCID_JrZlF7gg-ipRZlIN6z5zNVeQSDIRyMpYX3Ga5f5eT&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAMBNRdQMxmZhlugSoLXCR6vNekdXMNKyvl89RBZlArlOAiEA_QIGBmRTPHJyPGfN45hgtudy_7YP9kx1uZ4luGbJWTU%3D&alr=yes&cpn=ASSb5EBgG1sGGg7j&cver=1.20210208.1.1&range=324221-485954&rn=9&rbuf=19969

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:5a::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

1cc163bb620f9e172d6fc618ac3b69ad959fa6310eaa4abdea739ac1d6efea8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Thu, 11 Feb 2021 14:23:50 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 161734
client-protocol: quic
last-modified: Thu, 14 Jan 2021 22:51:57 GMT
server: gvs 1.0
vary: Origin
content-type: audio/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21290
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 11 Feb 2021 14:23:50 GMT

GET /
vsebel.by/ Frame 5402 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 84CE 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 05F1 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 9299 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 3A5A 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 68A0 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame F136 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame B8A1 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 1EB3 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 58FD 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 79C3 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 0C52 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 927B 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 104C 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame DD7B 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 54A1 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 6ED4 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 609E 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 3A21 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 04C4 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 5402 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 84CE 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 05F1 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 9299 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 3A5A 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 68A0 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame F136 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame B8A1 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 1EB3 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 58FD 0
0

GET /
vsebel.by/ 0
0

GET
H/1.1 200
OK videoplayback Show response
r2---sn-4g5ednll.googlevideo.com/ Frame 76B5 64 KB
65 KB 7ms
7ms XHR
video/mp4 2a00:1450:4001:5a::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:5a::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

3bec626d823f38c91c477b1673181200be5c74568a998ae13eca7470ab196e89

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Date: Thu, 11 Feb 2021 14:24:00 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 65508
Last-Modified: Thu, 14 Jan 2021 22:52:00 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21280
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Thu, 11 Feb 2021 14:24:00 GMT

GET /
vsebel.by/ Frame 79C3 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 0C52 0
0

GET /
vsebel.by/ 0
0

GET
H3-Q050 200 videoplayback Show response
r2---sn-4g5ednll.googlevideo.com/ Frame 76B5 9 KB
9 KB 7ms
6ms XHR
video/mp4 2a00:1450:4001:5a::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:5a::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

1c9d1a212f6c3359c7cffcfa127925e837d85df1d14b6ef2dd9a145542054cc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Thu, 11 Feb 2021 14:24:00 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9397
client-protocol: quic
last-modified: Thu, 14 Jan 2021 22:52:00 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21280
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Thu, 11 Feb 2021 14:24:00 GMT

GET
H3-Q050 200 videoplayback Show response
r2---sn-4g5ednll.googlevideo.com/ Frame 76B5 158 KB
158 KB 7ms
7ms XHR
audio/mp4 2a00:1450:4001:5a::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5ednll.googlevideo.com/videoplayback?expire=1613075020&ei=7D0lYPKjF4P51wK-_q5Q&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-AOM0wauY31N_TYik5oSqHUFOHkkzQ7NmAGUlGy60AJ4O&itag=140&source=youtube&requiressl=yes&mh=RR&mm=31%2C26&mn=sn-4g5ednll%2Csn-5hne6n7s&ms=au%2Conr&mv=m&mvi=2&pl=42&initcwndbps=551250&vprv=1&mime=audio%2Fmp4&ns=8OLyDj9FmhG4g54g5BD5TZgF&gir=yes&clen=1970644&otfp=1&dur=121.718&lmt=1610664717896601&mt=1613053253&fvip=2&keepalive=yes&beids=23886204&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=ekZFsG9EAL4cSQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgTB6m54mn7mF_na1jCPDgURgMZL8IWb2nUZnyGFcnussCID_JrZlF7gg-ipRZlIN6z5zNVeQSDIRyMpYX3Ga5f5eT&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAMBNRdQMxmZhlugSoLXCR6vNekdXMNKyvl89RBZlArlOAiEA_QIGBmRTPHJyPGfN45hgtudy_7YP9kx1uZ4luGbJWTU%3D&alr=yes&cpn=ASSb5EBgG1sGGg7j&cver=1.20210208.1.1&range=485955-647698&rn=12&rbuf=29954

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:5a::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

57e45ed2bc07a7f66036740019679142ecaf76f380d8b6b97d9a231a2993093e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Thu, 11 Feb 2021 14:24:01 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 161744
client-protocol: quic
last-modified: Thu, 14 Jan 2021 22:51:57 GMT
server: gvs 1.0
vary: Origin
content-type: audio/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21279
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 11 Feb 2021 14:24:01 GMT

GET /
vsebel.by/ Frame 927B 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 104C 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame DD7B 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 54A1 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 6ED4 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 609E 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 3A21 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 04C4 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 5402 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 84CE 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 05F1 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 9299 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 3A5A 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 68A0 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame F136 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame B8A1 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 1EB3 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 58FD 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 79C3 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 0C52 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 927B 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 104C 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame DD7B 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 54A1 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 6ED4 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 609E 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 3A21 0
0

GET /
vsebel.by/ 0
0

GET
H/1.1 200
OK atconfig Show response
luku-v-gaagu.duckdns.org/ 1 KB
2 KB 72ms
25ms XHR
application/json 139.162.171.151
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://luku-v-gaagu.duckdns.org:666/atconfig
Requested by: Host: luka-ch0rt-cp-win-luka-avtozak.duckdns.org
URL: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/static/js/2.5500f2d4.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.171.151 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1488-151.members.linode.com
Software: / Express
Resource Hash: 2386559ff212d7ce48537854ac2c8cf0a27b720f0f4c0cbe97a92bf74d8774b1

Request headers

Accept: application/json, text/plain, */*
Referer: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Date: Thu, 11 Feb 2021 14:24:10 GMT
Last-Modified: Thu, 11 Feb 2021 13:26:26 GMT
X-Powered-By: Express
ETag: W/"5cd-17791457f42"
Access-Control-Allow-Methods: GET, POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1485

GET
H/1.1 200
OK Cookie set 20 Show response
t.me/ddcpartisansnews/ Frame 8F60 6 KB
3 KB 50ms
49ms Document
text/html 2001:67c:4e8:1033:6:100:0:a
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://t.me/ddcpartisansnews/20?embed=1

Requested by

Host: luka-ch0rt-cp-win-luka-avtozak.duckdns.org
URL: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/static/js/main.de5a73d0.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:1033:6:100:0:a , Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

57fc04dccbdcfaa8a8b1e781ca6bb6fb29d15657cb698fb5203afcd9915b312d

Security Headers

Name	Value
Strict-Transport-Security	max-age=35768000

Request headers

Host: t.me
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, ÐºÐ°Ðº Gecko) Chrome / 83.0.4103.61 Safari / 537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36
Referer: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/

Response headers

Server: nginx/1.16.1
Date: Thu, 11 Feb 2021 14:24:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 2911
Connection: keep-alive
Set-Cookie: stel_ssid=4da95706a687b62d2b_17683408170422129806; expires=Fri, 12 Feb 2021 14:24:10 GMT; path=/; samesite=None; secure; HttpOnly stel_on=1; expires=Thu, 10 Feb 2022 04:50:04 GMT; path=/; samesite=None; secure; HttpOnly
Pragma: no-cache
Cache-control: no-store
Content-Encoding: gzip
Strict-Transport-Security: max-age=35768000

GET
H/1.1 200
OK ldrs Show response
luku-v-gaagu.duckdns.org/ 422 B
782 B 24ms
24ms XHR
application/json 139.162.171.151
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://luku-v-gaagu.duckdns.org:666/ldrs
Requested by: Host: luka-ch0rt-cp-win-luka-avtozak.duckdns.org
URL: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/static/js/2.5500f2d4.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.171.151 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1488-151.members.linode.com
Software: / Express
Resource Hash: 698f80ccf1a28aad0fa2c7a790348ebdc6081529f354f90a07575162fd016792

Request headers

Accept: application/json, text/plain, */*
Referer: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Date: Thu, 11 Feb 2021 14:24:10 GMT
X-Powered-By: Express
ETag: W/"1a6-oHivuHfCseDzp5Ykpo1JFRAz3YE"
Access-Control-Allow-Methods: GET, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 422

GET
H2 200 css
fonts.googleapis.com/ Frame 8F60 366 B
310 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500

Requested by

Host: t.me
URL: https://t.me/ddcpartisansnews/20?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0575040bff55a78de037bcdddf049c3f584fe15f23c7cff2bdcab852c847e1fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t.me/ddcpartisansnews/20?embed=1
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Thu, 11 Feb 2021 14:24:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 11 Feb 2021 14:24:10 GMT

GET
H/1.1 200
OK widget-frame.css
telegram.org/css/ Frame 8F60 67 KB
17 KB 25ms
24ms Stylesheet
text/css 2001:67c:4e8:1033:4:100:0:a
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/css/widget-frame.css?45

Requested by

Host: t.me
URL: https://t.me/ddcpartisansnews/20?embed=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:1033:4:100:0:a , Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

d73efe70be2927ba40fb4617468ffa04712439f55dd935568313ce4a09320418

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://t.me/ddcpartisansnews/20?embed=1
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Date: Thu, 11 Feb 2021 14:24:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 15 Jan 2021 15:20:58 GMT
Server: nginx/1.16.1
ETag: W/"6001b2da-10b33"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 15 Feb 2021 14:24:10 GMT

GET
H/1.1 200
OK W0KeFi-7m5KnMp6dqGC6wwMTK9bsAuHb8TRjPvFjxaIzJ9f9b3QRx1arDyUh-40fe_LYAk6bd8YZr1CxL3UFhmlwHHQYXeBh75i_9mRMnylUd97S6RxWyTngSo30MsQXMYPDvm61ANejP7hPKg7Egpl7Eq6r5Gg-CvLP7XN0xDGB9HEksvH-s1T_rxeQoEJz6wSrV...
cdn1.telesco.pe/file/ Frame 8F60 9 KB
9 KB 149ms
148ms Image
image/jpeg 149.154.175.205
TELEGRAM_MESSENGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn1.telesco.pe/file/W0KeFi-7m5KnMp6dqGC6wwMTK9bsAuHb8TRjPvFjxaIzJ9f9b3QRx1arDyUh-40fe_LYAk6bd8YZr1CxL3UFhmlwHHQYXeBh75i_9mRMnylUd97S6RxWyTngSo30MsQXMYPDvm61ANejP7hPKg7Egpl7Eq6r5Gg-CvLP7XN0xDGB9HEksvH-s1T_rxeQoEJz6wSrV65yc2_dKBE7awFlPARkhUWDZHztN-BNQSluS3DHjEFqYop1sM37ZpTUm9Tn3PnFBqbBJDW5dDnLdIc6I9chLF9nwgKkGSh8cnVS838WKArMUH9YZGJbayPDxbaH9FZhUIOAgQbnYq_Hs5Uxsw.jpg

Requested by

Host: t.me
URL: https://t.me/ddcpartisansnews/20?embed=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.175.205 , United Kingdom, ASN59930 (TELEGRAM_MESSENGER, VG),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

07c9018450b62108c51e42e4e230f7f68db4429a5e08c6330eb449870561728f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://t.me/ddcpartisansnews/20?embed=1
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Date: Thu, 11 Feb 2021 14:24:10 GMT
Last-Modified: Wed, 16 Dec 2020 09:05:02 GMT
Server: nginx/1.16.1
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: 0-9001, bytes
Content-Length: 9001
Expires: Sat, 13 Mar 2021 14:24:10 GMT

GET
H/1.1 200
OK telegram-widget.js Show response
oauth.tg.dev/js/ Frame 8F60 17 KB
5 KB 18ms
18ms Script
application/javascript 104.222.176.10
SEABONE-NET TELEC...

General

Check archive.org

Show headers Download Go to

Full URL

https://oauth.tg.dev/js/telegram-widget.js?14

Requested by

Host: t.me
URL: https://t.me/ddcpartisansnews/20?embed=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.222.176.10 Wilmington, United States, ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

d3a9b87553085e20942af12881900b07887fe3cdcb3bb35f46d0c5e2fc7a5364

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://t.me/ddcpartisansnews/20?embed=1
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Date: Thu, 11 Feb 2021 14:24:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Nov 2020 09:18:36 GMT
Server: nginx/1.16.1
ETag: W/"5fa514ec-4352"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 15 Feb 2021 14:24:10 GMT

GET
H/1.1 200
OK widget-frame.js Show response
telegram.org/js/ Frame 8F60 81 KB
23 KB 14ms
13ms Script
application/javascript 2001:67c:4e8:1033:4:100:0:a
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/js/widget-frame.js?45

Requested by

Host: t.me
URL: https://t.me/ddcpartisansnews/20?embed=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:1033:4:100:0:a , Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

c2bb8a83cb680e3d24161085b6e6013b2258ea7c42e5f984a619bb9296f82995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://t.me/ddcpartisansnews/20?embed=1
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Date: Thu, 11 Feb 2021 14:24:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 15 Jan 2021 15:20:58 GMT
Server: nginx/1.16.1
ETag: W/"6001b2da-143ad"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 15 Feb 2021 14:24:10 GMT

GET
DATA 200
OK truncated
/ Frame 8F60 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1ef3d3ae5f563bd9b05d778c8cb5261ff05eb0dc32de1d27f78fdc111ed2107

Request headers

Referer
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8F60 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70e10811b989efbd48d9332087ea5f99a9b9ba63513aed3652a5b2293a552819

Request headers

Referer
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8F60 683 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5c639313a20041c6986df07dae08542d6e26be05464cadce13a51141b8a8886

Request headers

Referer
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc-AMP6lQ.woff
fonts.gstatic.com/s/roboto/v20/ Frame 8F60 14 KB
14 KB 8ms
6ms Font
font/woff 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc-AMP6lQ.woff

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b731864456e11cb0dbb57959da8e514d6964e4e7e95b1dd69ee1660eaa87c57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://t.me
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Fri, 05 Feb 2021 04:25:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 554300
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14376
x-xss-protection: 0
expires: Sat, 05 Feb 2022 04:25:50 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxMKTU1Kg.woff
fonts.gstatic.com/s/roboto/v20/ Frame 8F60 14 KB
14 KB 7ms
6ms Font
font/woff 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxMKTU1Kg.woff

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ee971ab559e3a2c9b2392868f33fb90d3d17c8564846fd307781ed8acda16d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://t.me
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Wed, 10 Feb 2021 08:43:21 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 106849
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14320
x-xss-protection: 0
expires: Thu, 10 Feb 2022 08:43:21 GMT

POST
H/1.1 200
OK 20 Show response
t.me/ddcpartisansnews/ Frame 8F60 4 B
305 B 80ms
79ms XHR
application/json 2001:67c:4e8:1033:6:100:0:a
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://t.me/ddcpartisansnews/20?embed=1

Requested by

Host: t.me
URL: https://t.me/ddcpartisansnews/20?embed=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:1033:6:100:0:a , Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=35768000

Request headers

Referer: https://t.me/ddcpartisansnews/20?embed=1
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 11 Feb 2021 14:24:10 GMT
Content-Encoding: gzip
Server: nginx/1.16.1
Strict-Transport-Security: max-age=35768000
Content-Type: application/json; charset=utf-8
Cache-control: no-store
Connection: keep-alive
Content-Length: 24

GET /
vsebel.by/ Frame 04C4 0
0

GET /
vsebel.by/ 0
0

GET
H/1.1 200
OK videoplayback Show response
r2---sn-4g5ednll.googlevideo.com/ Frame 76B5 11 KB
12 KB 7ms
6ms XHR
video/mp4 2a00:1450:4001:5a::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:5a::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

e4db8b42f37532f0da2ae1359f56d9ab37493f8cc12f232d2ede74803ac278f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

Date: Thu, 11 Feb 2021 14:24:10 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 11238
Last-Modified: Thu, 14 Jan 2021 22:52:00 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21270
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Thu, 11 Feb 2021 14:24:10 GMT

GET
H3-Q050 200 videoplayback Show response
r2---sn-4g5ednll.googlevideo.com/ Frame 76B5 8 KB
8 KB 7ms
6ms XHR
video/mp4 2a00:1450:4001:5a::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:5a::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

80eb533741a9468beeb931f3fcc739993d1a05136ef83d53470215901c73c558

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Thu, 11 Feb 2021 14:24:10 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8528
client-protocol: quic
last-modified: Thu, 14 Jan 2021 22:52:00 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21270
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Thu, 11 Feb 2021 14:24:10 GMT

GET
H3-Q050 200 videoplayback Show response
r2---sn-4g5ednll.googlevideo.com/ Frame 76B5 158 KB
158 KB 7ms
7ms XHR
audio/mp4 2a00:1450:4001:5a::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5ednll.googlevideo.com/videoplayback?expire=1613075020&ei=7D0lYPKjF4P51wK-_q5Q&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-AOM0wauY31N_TYik5oSqHUFOHkkzQ7NmAGUlGy60AJ4O&itag=140&source=youtube&requiressl=yes&mh=RR&mm=31%2C26&mn=sn-4g5ednll%2Csn-5hne6n7s&ms=au%2Conr&mv=m&mvi=2&pl=42&initcwndbps=551250&vprv=1&mime=audio%2Fmp4&ns=8OLyDj9FmhG4g54g5BD5TZgF&gir=yes&clen=1970644&otfp=1&dur=121.718&lmt=1610664717896601&mt=1613053253&fvip=2&keepalive=yes&beids=23886204&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=ekZFsG9EAL4cSQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgTB6m54mn7mF_na1jCPDgURgMZL8IWb2nUZnyGFcnussCID_JrZlF7gg-ipRZlIN6z5zNVeQSDIRyMpYX3Ga5f5eT&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAMBNRdQMxmZhlugSoLXCR6vNekdXMNKyvl89RBZlArlOAiEA_QIGBmRTPHJyPGfN45hgtudy_7YP9kx1uZ4luGbJWTU%3D&alr=yes&cpn=ASSb5EBgG1sGGg7j&cver=1.20210208.1.1&range=647699-809026&rn=15&rbuf=39938

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0ce056a2/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:5a::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

82b705815b531908627cdbd6d677a36db2790d59f6597e8d7ed9fab5a3f3ef62

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/embed/X9Yc6HY2Gec?autoplay=1&mute=
User-Agent: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit / 537.36 (KHTML, как Gecko) Chrome / 83.0.4103.61 Safari / 537.36

Response headers

date: Thu, 11 Feb 2021 14:24:10 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 161328
client-protocol: quic
last-modified: Thu, 14 Jan 2021 22:51:57 GMT
server: gvs 1.0
vary: Origin
content-type: audio/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21270
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 11 Feb 2021 14:24:10 GMT

GET /
vsebel.by/ Frame 5402 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 84CE 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 05F1 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 9299 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 3A5A 0
0

GET /
vsebel.by/ 0
0

GET /
vsebel.by/ Frame 68A0 0
0

GET /
vsebel.by/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: vsebel.by
URL: https://vsebel.by/?q=313722813049554400000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=680830391171874000000&m=q

Domain: cdn1.telesco.pe
URL: https://cdn1.telesco.pe/file/rIjjlrmPu9T_RVbAiygRh3E6j4gWBEBvVgtJgdvtG9s_BddmuqrTPqDKUqyd1U9W6VYCAYanTwYUpSSma_ilUUg1UE-modIePtFEhtyLX2cAjvuU7Zkq5Rz2gJRr00bXHR8ZsPYV0y-mZzSzAxO-1fcvZcw3dYqo7eJiJL7iI-3avI69wRmiWqRogLE_3FUWogfpYy8bzqIrlqGWXq1Y6rprM1_p_vdhIAM1ieWWlK6-xoGaVE7_c5bkLg0FbQPCaPqMg4rG5b46OC_-QOBjwCUMujJmgDCOTIWXbPADDSOIfKog62xp2r95kik-zJ7aKI2lCclorjiRfUefOO823g.jpg

Domain: vsebel.by
URL: https://vsebel.by/?q=374099687611799900000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=626497068406917800000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=280046548737554740000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=981721891325705600000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=290470715028440250000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=802784977737941000000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=315692286499024800000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=99528851061356790000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=598653771410623400000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=909874726476418900000&m=q

Domain: t.me
URL: https://t.me/ddcpartisansnews/20?embed=1

Domain: vsebel.by
URL: https://vsebel.by/?q=154215209194504800000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=412028603990605370000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=868888445401006600000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=635552654810470000000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=515884396060163800000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=709459492580858800000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=162358772067108450000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=145839658264850460000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=471321756219223800000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=763240172816368900000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=228810370594509030000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=12658951245649197000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=970495075854256700000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=403553320096711000000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=439998976709055100000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=486531903679533000000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=560912193602064200000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=835903781886544400000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=596867413562647100000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=112487235096237820000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=237392630781374070000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=450756469470231500000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=862474748591972800000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=938322827035057500000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=667992297558760200000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=919494114975786500000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=289654855741094070000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=410010193334701300000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=133591175493442450000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=963857738523312700000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=671793520200793500000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=660690063798234000000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=68358311269068660000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=309424277124236600000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=70064939395552805000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=167510325191762900000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=574107487668887400000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=489284845696318600000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=201350910681388650000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=400075692976351350000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=873605673325656500000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=691360358707935800000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=984511616464627700000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=232532470013982570000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=554023658092476700000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=531464963389315350000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=799995158373474800000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=144351169566089280000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=934036615838034000000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=95267751971097600000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=480125254761269300000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=397701028395260250000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=89896086671846340000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=189968020854095480000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=918664193041542000000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=140095707176549400000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=973274731004838700000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=450129588043832750000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=848795452784234100000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=646025187831845100000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=8820711826817762000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=36842308148764545000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=296586066836373770000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=532564257659821950000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=41820142912751160000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=118539167906961620000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=927874085211450600000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=708376202051905800000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=564488146605787200000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=484898251467195800000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=609118874794614200000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=590339236393386600000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=493498021086755400000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=297739463533232460000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=889454462503786400000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=360188120857749100000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=95801788848183690000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=530105085592221600000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=596428755491171100000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=741209344306436200000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=187140231472014100000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=189980940408241750000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=345571193490616500000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=330696491752858800000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=476428563315283600000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=27005812019428090000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=217189464964403270000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=242058163756144100000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=359008588613086940000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=353647498692096750000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=475150760634523800000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=761160836527102100000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=876865906178864200000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=435525453590674540000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=118481107667893760000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=913571071326573000000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=391712734381590500000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=464188573557828400000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=384223632889567840000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=320874962340239400000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=38057473383760420000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=151182471383832130000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=806881413566023000000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=10414828820762167000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=951357871135957600000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=589214492560144140000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=989937229812372500000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=538829576102791500000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=553481218021154800000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=769009083795995400000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=476931476713137400000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=9191600896598651000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=531072378024253650000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=506245615061121600000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=89513428755386930000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=48871351379749405000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=349336059310336300000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=686607358121524900000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=540027438001167600000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=440463701831358400000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=206336355853740770000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=44090903993319280000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=786736245726239700000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=833717833856841200000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=622842969132186000000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=37008078487492215000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=824646147476798600000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=396657317844801900000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=423784238712095400000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=72114122799320720000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=880399659004849300000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=777871156208027600000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=433953676992664000000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=789156959485596700000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=235414576407193320000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=393897005626101100000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=406485460984272060000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=798701256831298300000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=27946071408071705000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=169895514931274200000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=213963878631123550000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=417405422491425640000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=147491988666645710000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=898268779240956200000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=895771520866800500000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=172704121367013060000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=890119810926300500000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=602112333197264700000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=539209121815103400000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=252134360675852400000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=212644098759098960000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=875923942237030200000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=170644401566109270000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=920405760429327600000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=957964921860820600000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=160278703861984850000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=410620535336800200000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=734298346529064900000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=261044807832440100000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=964536912627780600000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=878357688380501800000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=354523933008686000000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=49199904559090520000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=91929466381446500000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=293737687233294400000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=904842106205713700000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=811143086856840300000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=766275754282278500000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=511281911951172440000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=482244758746204700000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=450164839497375150000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=981625317428321300000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=679307597490300600000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=480848333660294400000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=551244659294409800000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=760283017835132700000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=366596349702057400000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=777043026676774100000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=68614905070675690000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=121854517749437240000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=850835066028938500000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=652676270321775000000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=882118656807741400000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=964974843809569600000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=153481625749076080000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=237877240709913020000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=889188047525362700000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=986851589707782300000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=916700835193224400000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=23496158445558190000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=646794949300009300000&m=q

Domain: vsebel.by
URL: https://vsebel.by/?q=382803292204178600000&m=q

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/static/js/main.de5a73d0.chunk.js(Line 1) Message: %cЭй эй, вы куда лезете? background: white; color: red; font-size:25px
console-api	log	URL: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/static/js/main.de5a73d0.chunk.js(Line 1) Message: %cВам здесь не место. background: white; color: red; font-size:25px
console-api	log	URL: https://luka-ch0rt-cp-win-luka-avtozak.duckdns.org/static/js/main.de5a73d0.chunk.js(Line 1) Message: %cВсе интересное хранится на сервере 👽 https://t.me/cpartisans background: white; color: red; font-size:25px

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn1.telesco.pe
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.imgur.com
i.ytimg.com
luka-ch0rt-cp-win-luka-avtozak.duckdns.org
luku-v-gaagu.duckdns.org
oauth.tg.dev
r2---sn-4g5ednll.googlevideo.com
static.doubleclick.net
t.me
telegram.org
vsebel.by
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
cdn1.telesco.pe
t.me
vsebel.by
104.222.176.10
139.162.171.151
149.154.175.205
151.101.12.193
2001:67c:4e8:1033:4:100:0:a
2001:67c:4e8:1033:6:100:0:a
2a00:1450:4001:5a::8
2a00:1450:4001:800::2001
2a00:1450:4001:800::2002
2a00:1450:4001:802::2006
2a00:1450:4001:80f::200a
2a00:1450:4001:80f::2016
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2004
0575040bff55a78de037bcdddf049c3f584fe15f23c7cff2bdcab852c847e1fb
05b0946cca0904337284916d3c6d206b6d8fd8516dd2367f33619de29baf1c83
07c9018450b62108c51e42e4e230f7f68db4429a5e08c6330eb449870561728f
0804d99ddfc24255a34d501b269fb3cc3fa6ce12947283471d420f383c947ca5
0a9708250ca622b724b7734165d7ef3ab1a5e0b046a6548e98c0bc75a56908bd
0bd6ee5a221bc42baa6de2fc9743d46b13ce966033c6a0cd49ee26063aeaf426
0d8f9d85ec3d305f6c8cf84937877ae4a596e5026dc03dbe06134d8f6550b495
10bbbb5c5ae22683c47f305bb0f2987078bf85ee76cb85e6d9bb36947e4fb3a9
10fd04f37329ab2879e90dcda365fe5f67420e34c05095736c7d7b708f10bfb1
1c9d1a212f6c3359c7cffcfa127925e837d85df1d14b6ef2dd9a145542054cc8
1cc163bb620f9e172d6fc618ac3b69ad959fa6310eaa4abdea739ac1d6efea8f
2386559ff212d7ce48537854ac2c8cf0a27b720f0f4c0cbe97a92bf74d8774b1
250a99bda10d56ec0e0ea8c89e23821a27fd274a2c448d1d5aef56acd994b795
25b6fbfc105d3275121f518c83816f6597ed2a4bb372e19580d8837eae53ece4
2b7844dda9103964ad34d76bc3d62e662c55bc54f08715667d78a896fd8b742c
2ea2af7650a1ecd8b2a7aee098575e137196aaf06df7843d90cb53f9ad0531af
2f3f0c298867921be476f41414068d58309a77609ca606a8dcead1340a9b9adb
309e388583b22cf2d6f6390e4eb97b68feeef65c820b5c57c543a5a71154286b
32d0b7128a191b125454cb0ee57d09c0a5cc48c8dc08462f8acb7fb293a361cd
33ea49fe07fd9d3a21b6b354b1149dc5e9c9fe660aaa018b1c7e07a329440e9b
3bec626d823f38c91c477b1673181200be5c74568a998ae13eca7470ab196e89
4cc33ae647770950a1ef7515cb1732d0e90a8ae93498578a67d5cb16054e0ce8
4d696c32e909953f9e477ac0b319245184bb15199ea2a32e92f21ebd951f77b1
57e45ed2bc07a7f66036740019679142ecaf76f380d8b6b97d9a231a2993093e
57fc04dccbdcfaa8a8b1e781ca6bb6fb29d15657cb698fb5203afcd9915b312d
638337862381aaa6ab4b05218f78152e155cc1de5573ac7dbe333437dfc61beb
65fd7969ab83831226781f793299f5aee0d91c0cb1edef9707435edec3997e6d
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
698f80ccf1a28aad0fa2c7a790348ebdc6081529f354f90a07575162fd016792
69c0da778bbe78e991498731111a24b84b2991c63884be6b7d9425c3d31bf3f0
70d41d3f7a17f61c5f8b768e87b35a442656f0f035206bc85e12ccb11b798eef
70e10811b989efbd48d9332087ea5f99a9b9ba63513aed3652a5b2293a552819
717f85eaa33feae7bbe405d0ff58edba585b4c4476732438022db52718331df1
7453349d7f3d8a7bc3f66ffd484b3e71a18d698f9cc88376d9c5110fb2aca366
80eb533741a9468beeb931f3fcc739993d1a05136ef83d53470215901c73c558
82b705815b531908627cdbd6d677a36db2790d59f6597e8d7ed9fab5a3f3ef62
8b731864456e11cb0dbb57959da8e514d6964e4e7e95b1dd69ee1660eaa87c57
8bafa629dc8a69bacc9bd48d8bc63052189a6734ad56d73c23b96f6ed6884601
9ee971ab559e3a2c9b2392868f33fb90d3d17c8564846fd307781ed8acda16d7
a1ef3d3ae5f563bd9b05d778c8cb5261ff05eb0dc32de1d27f78fdc111ed2107
a51c8b9efddfd43f30e6838d1f3910d7e4ee406fdb4936d3bd24d18831ea4f59
a612cd7e341bf6f6432e31b66e80821b939598a708501982bc65355b92634ec7
a868a55afde6b6f4056bdcf2fab16bb1ea9871cf1cdc2e6c789f1edeb637d2e8
a9a149074422323b872412c4ee6790a0ffc3ca2de0f51147c39d2d83e469a943
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b5c639313a20041c6986df07dae08542d6e26be05464cadce13a51141b8a8886
c043e209b26776422fdd7a08a36a8d3a3298577f92401a463145d88ebfa93a01
c18f327f1182ce3f02f3fdacc23446aa5a37c8f439bd0f82b653f04df2822831
c2bb8a83cb680e3d24161085b6e6013b2258ea7c42e5f984a619bb9296f82995
d3a9b87553085e20942af12881900b07887fe3cdcb3bb35f46d0c5e2fc7a5364
d73efe70be2927ba40fb4617468ffa04712439f55dd935568313ce4a09320418
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dc4d37779a8cefd1f2d83c5becf8ad92d594f012ae84ab9b16cc80d0000aa687
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4db8b42f37532f0da2ae1359f56d9ab37493f8cc12f232d2ede74803ac278f7
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f7c05dbb1718c69f4b9d27b72267521afc247195a18411e28e9c1452e3b4b260
f7dbaecd25adb7ee6171deb8befc8f7c4d99bbfa79c51a563180f62a8f7de283
f94ab99094d1e8749be517acbfb29fda11b83f0a7c561771c040483d2a94d6b6

luka-ch0rt-cp-win-luka-avtozak.duckdns.org Open in urlscan Pro 139.162.171.151 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

280 Requests

24 %HTTPS

78 %IPv6

15 Domains

18 Subdomains

18 IPs

4 Countries

3427 kBTransfer

5503 kBSize

0 Cookies

2 Outgoing links

Redirected requests

280 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

luka-ch0rt-cp-win-luka-avtozak.duckdns.org Open in urlscan Pro
139.162.171.151 Public Scan

Screenshot
Live screenshot

Full Image

280
Requests

24 %
HTTPS

78 %
IPv6

15
Domains

18
Subdomains

18
IPs

4
Countries

3427 kB
Transfer

5503 kB
Size

0
Cookies

280 HTTP transactions
10 data transactions