contact.nltofficial.site Open in urlscan Pro
107.178.254.45 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://contact.nltofficial.site/
Submission: On August 20 via automatic, source certstream-suspicious (August 20th 2021, 7:18:24 pm UTC)

Summary HTTP 61 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 13 domains to perform 61 HTTP transactions. The main IP is 107.178.254.45, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is contact.nltofficial.site.
TLS certificate: Issued by R3 on August 20th 2021. Valid for: 3 months.

This is the only time contact.nltofficial.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	107.178.254.45 107.178.254.45	15169 (GOOGLE) (GOOGLE)
4	35.244.137.202 35.244.137.202	15169 (GOOGLE) (GOOGLE)
6	192.229.133.208 192.229.133.208	15133 (EDGECAST) (EDGECAST)
6	2606:4700:20:... 2606:4700:20::ac43:4890	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.27.38 34.120.27.38	15169 (GOOGLE) (GOOGLE)
3	151.101.12.176 151.101.12.176	54113 (FASTLY) (FASTLY)
3	35.222.120.150 35.222.120.150	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:60::7	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:219... 2600:9000:2190:d000:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	44.229.66.179 44.229.66.179	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:401... 2a00:1450:4012::1c	15169 (GOOGLE) (GOOGLE)
61	19

1 107.178.254.45 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 45.254.178.107.bc.googleusercontent.com

contact.nltofficial.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.137.202 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 202.137.244.35.bc.googleusercontent.com

g.fastcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.229.133.208 (United States)

ASN15133 (EDGECAST, US)

v.fastcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::ac43:4890 (United States)

ASN13335 (CLOUDFLARENET, US)

commencepayments.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.27.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.27.120.34.bc.googleusercontent.com

cdn.instapagemetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.12.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.222.120.150 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 150.120.222.35.bc.googleusercontent.com

anthill.instapage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ec.instapagemetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:60::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r2---sn-4g5e6ns6.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2190:d000:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.229.66.179 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-229-66-179.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4012::1c (Ireland)

ASN15169 (GOOGLE, US)

r10---sn-axq7sn7e.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	youtube.com www.youtube.com	695 KB
10	fastcdn.co g.fastcdn.co v.fastcdn.co	2 MB
9	googlevideo.com r2---sn-4g5e6ns6.googlevideo.com r10---sn-axq7sn7e.googlevideo.com	938 KB
6	commencepayments.com commencepayments.com	11 KB
4	stripe.com js.stripe.com m.stripe.com	60 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net static.doubleclick.net	873 B
3	instapagemetrics.com cdn.instapagemetrics.com ec.instapagemetrics.com	23 KB
2	stripe.network m.stripe.network	20 KB
2	gstatic.com fonts.gstatic.com www.gstatic.com	17 KB
1	ggpht.com yt3.ggpht.com	1 KB
1	google.com www.google.com	13 KB
1	instapage.com anthill.instapage.com	293 B
1	nltofficial.site contact.nltofficial.site	8 KB
61	13

	Domain	Requested by
19	www.youtube.com	g.fastcdn.co www.youtube.com
8	r2---sn-4g5e6ns6.googlevideo.com	www.youtube.com
6	commencepayments.com	contact.nltofficial.site commencepayments.com
6	v.fastcdn.co	contact.nltofficial.site
4	g.fastcdn.co	contact.nltofficial.site
3	js.stripe.com	commencepayments.com js.stripe.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	ec.instapagemetrics.com	cdn.instapagemetrics.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
1	r10---sn-axq7sn7e.googlevideo.com	www.youtube.com
1	m.stripe.com	m.stripe.network
1	www.gstatic.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	fonts.gstatic.com	www.youtube.com
1	anthill.instapage.com	contact.nltofficial.site
1	cdn.instapagemetrics.com	contact.nltofficial.site
1	contact.nltofficial.site
61	19

This site contains no links.

Subject Issuer	Validity	Valid
contact.nltofficial.site R3	`2021-08-20` - `2021-11-18`	3 months	crt.sh
g.fastcdn.co GTS CA 1D4	`2021-06-29` - `2021-09-27`	3 months	crt.sh
v.fastcdn.co DigiCert TLS RSA SHA256 2020 CA1	`2021-05-11` - `2022-05-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-15` - `2022-06-14`	a year	crt.sh
cdn.instapagemetrics.com GTS CA 1D4	`2021-06-29` - `2021-09-27`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-07-09` - `2021-11-03`	4 months	crt.sh
anthill.instapage.com R3	`2021-07-12` - `2021-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-08-10` - `2021-10-19`	2 months	crt.sh
ec.instapagemetrics.com R3	`2021-08-17` - `2021-11-15`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2021-11-03`	4 months	crt.sh
*.googlevideo.com GTS CA 1C3	`2021-08-10` - `2021-10-19`	2 months	crt.sh

This page contains 4 frames:

Primary Page: https://contact.nltofficial.site/
Frame ID: E0EDF9251AC9DE27D02257BB94084620
Requests: 20 HTTP requests in this frame

Frame: https://www.youtube.com/embed/VTIXC1-h-xM?showinfo=0&wmode=transparent&rel=0&autoplay=1&mute=1&controls=1
Frame ID: E7568A751E4F769DD9891D3A75114D87
Requests: 36 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html
Frame ID: ED2E51F3846859CF69C7FDB94AF1AE1A
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: E22D8167FB69EAED691B51C1518FE155
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NLT.

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Google Cloud (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /^1\.1 google$/i

Page Statistics

61
Requests

100 %
HTTPS

61 %
IPv6

13
Domains

19
Subdomains

19
IPs

3
Countries

3365 kB
Transfer

5607 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

61 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
contact.nltofficial.site/ 35 KB
8 KB 374ms
266ms Document
text/html 107.178.254.45
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://contact.nltofficial.site/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

107.178.254.45 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

45.254.178.107.bc.googleusercontent.com

Software

openresty /

Resource Hash

b668862022f1910be19b036df1cca69fd70ce85734aff94b1fe2c46fd33a3433

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: contact.nltofficial.site
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: openresty
date: Fri, 20 Aug 2021 19:18:06 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
etag: W/"8bf5-C3jkOlxp7m8XXXfL05c5iLiPLsY"
vary: Accept-Encoding
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 utils.4307b753f6f392018c32.js Show response
g.fastcdn.co/js/ 47 KB
16 KB 70ms
23ms Script
application/javascript 35.244.137.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/utils.4307b753f6f392018c32.js
Requested by: Host: contact.nltofficial.site
URL: https://contact.nltofficial.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 202.137.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b96b4f9b3146047939f342700eb43b54b7ab687d070048efa199320fc250844e

Request headers

Referer: https://contact.nltofficial.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:53:14 GMT
content-encoding: gzip
age: 707092
x-guploader-uploadid: ADPycdst0w66MIo0YtmNj1tyU-NPs3L7C8XpLM7RWWws04AVopLZGb_Xd3x07cm0OPd13uYZ1nlWz3SaYuUROR1Stp_SIKSWzA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 16045
last-modified: Wed, 11 Aug 2021 22:41:27 GMT
server: UploadServer
etag: "3041b91068c7b521817389d49ee88aa6"
vary: Accept-Encoding
x-goog-hash: crc32c=DMZQJg==, md5=MEG5EGjHtSGBc4nUnuiKpg==
x-goog-generation: 1628721687684722
cache-control: public, max-age=31536000
x-goog-stored-content-length: 16045
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 12 Aug 2022 14:53:14 GMT

GET
H2 200 Cradle.4dac59f2328b0387640d.js Show response
g.fastcdn.co/js/ 20 KB
6 KB 68ms
21ms Script
application/javascript 35.244.137.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/Cradle.4dac59f2328b0387640d.js
Requested by: Host: contact.nltofficial.site
URL: https://contact.nltofficial.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 202.137.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 871a395274807a496ca51c603b7320eca9fc11a7949c0df992be96f29dcb7211

Request headers

Referer: https://contact.nltofficial.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 20:30:08 GMT
content-encoding: gzip
age: 427678
x-guploader-uploadid: ADPycdtOYIPCXqVe5cno0XL-ycQ1apRUIzFVTH67-pMZ7ra5OpPwcTdsrUCDNDnLTtZOKMD-BrcNj_1j2KQh0-GVLXmQhO2UOg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 5581
last-modified: Sun, 15 Aug 2021 09:35:26 GMT
server: UploadServer
etag: "e65424f8c2aaa7264ae3eaf852934882"
vary: Accept-Encoding
x-goog-hash: crc32c=MHgq+w==, md5=5lQk+MKqpyZK4+r4UpNIgg==
x-goog-generation: 1629020126781791
cache-control: public, max-age=31536000
x-goog-stored-content-length: 5581
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 15 Aug 2022 20:30:08 GMT

GET
H2 200 LazyImage.b311ea858a228d7bc9b2.js Show response
g.fastcdn.co/js/ 3 KB
2 KB 69ms
22ms Script
application/javascript 35.244.137.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/LazyImage.b311ea858a228d7bc9b2.js
Requested by: Host: contact.nltofficial.site
URL: https://contact.nltofficial.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 202.137.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7e7c84efcf8e336f390d7a51a24cba3873782769b33470b31d2cef95b2f01cee

Request headers

Referer: https://contact.nltofficial.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 13:19:18 GMT
content-encoding: gzip
age: 1490328
x-guploader-uploadid: ADPycdt10aDJ89G8DzHpACOtP5EitKGqzIb7MjUC-pO6RE1T9Tyn3G3uiqpcuHIwNnNDMGG2FO0q-RIFMabpaWjQHhhPVaPFAA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 1563
last-modified: Tue, 03 Aug 2021 10:57:50 GMT
server: UploadServer
etag: "4fada7192ed3976ed69f137f5aaeab12"
vary: Accept-Encoding
x-goog-hash: crc32c=FGzgaA==, md5=T62nGS7Tl27WnxN/Wq6rEg==
x-goog-generation: 1627988269950468
cache-control: public, max-age=31536000
x-goog-stored-content-length: 1563
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 03 Aug 2022 13:19:18 GMT

GET
H2 200 54992326-0-LOGO-NLT-FINAL.png
v.fastcdn.co/u/444efcb2/ 12 KB
12 KB 528ms
444ms Image
image/png 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/444efcb2/54992326-0-LOGO-NLT-FINAL.png
Requested by: Host: contact.nltofficial.site
URL: https://contact.nltofficial.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ef545b1178b496181d973fc0579cdee04a529c806fa4b525d4d7f9b5f564d917

Request headers

Referer: https://contact.nltofficial.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:18:06 GMT
x-guploader-uploadid: ADPycdvJwU9akdotiY-JNQ3pyYbWhwPDpgsgjuiEMXTT1IbP1gdv8NwCkhkyYb_b3rTSQDE5QkTB-WoQUGiZOeXfulJ3NhGb4A
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Fri, 25 Feb 2022 07:59:37 GMT
x-goog-meta-content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11987
last-modified: Mon, 04 Jan 2021 15:59:37 GMT
server: UploadServer
etag: "cdb25d6e37153c7361589e2cab4699bf"
x-goog-hash: crc32c=BK9OBQ==, md5=zbJdbjcVPHNhWJ4sq0aZvw==
x-goog-generation: 1609775977730691
cache-control: max-age=315360000, public
x-goog-stored-content-length: 11987
accept-ranges: bytes
content-type: image/png
expires: Sat, 20 Aug 2022 19:18:06 GMT

GET
H2 200 55294666-0-2021-01-20-NLT-MB1-1.jpg
v.fastcdn.co/u/444efcb2/ 294 KB
295 KB 602ms
519ms Image
image/jpeg 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/444efcb2/55294666-0-2021-01-20-NLT-MB1-1.jpg
Requested by: Host: contact.nltofficial.site
URL: https://contact.nltofficial.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 273351aab878880f869c20a8c5e7cbcce7fcd5878787e1fe30a222f3e5792404

Request headers

Referer: https://contact.nltofficial.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:18:06 GMT
x-guploader-uploadid: ADPycdvuTpQY2cotkZDjeLqXDbzbWZB9C2F9o69Wb4UqK6YmYPgj_nz4631jxlBiDdRxixehSH_lTwiHOr54QNuGu4I4gyubKQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Wed, 16 Mar 2022 14:35:44 GMT
x-goog-meta-content-length: 301360
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301360
last-modified: Sat, 23 Jan 2021 22:35:44 GMT
server: UploadServer
etag: "b964c0f7c1eff9df2aa6f0f07b0c4250"
x-goog-hash: crc32c=PWmq+Q==, md5=uWTA98Hv+d8qpvDwewxCUA==
x-goog-generation: 1611441344268485
cache-control: max-age=315360000, public
x-goog-stored-content-length: 301360
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 20 Aug 2022 19:18:06 GMT

GET
H2 200 55294781-0-2021-01-20-NLT-MB1-1.jpg
v.fastcdn.co/u/444efcb2/ 569 KB
569 KB 552ms
469ms Image
image/jpeg 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/444efcb2/55294781-0-2021-01-20-NLT-MB1-1.jpg
Requested by: Host: contact.nltofficial.site
URL: https://contact.nltofficial.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: UploadServer /
Resource Hash: fba5096221f8fc2c6d5dd2bc7bc040dd6278e182ac5c8732bbde2b7848fd4f94

Request headers

Referer: https://contact.nltofficial.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:18:06 GMT
x-guploader-uploadid: ADPycdvvcUzJElbXoGtA-TU06VxgouWEC2a-OwemmMQX7K8ZPpIhlJYMqaX0UOa4xnCiEu7txT0PVC-ge2nMwOkYCsxU_G5NmA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Wed, 16 Mar 2022 15:10:35 GMT
x-goog-meta-content-length: 582294
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 582294
last-modified: Sat, 23 Jan 2021 23:10:35 GMT
server: UploadServer
etag: "6014b89993164f43fde37ed2fb3ec926"
x-goog-hash: crc32c=CnD5Hw==, md5=YBS4mZMWT0P9437S+z7JJg==
x-goog-generation: 1611443435450821
cache-control: max-age=315360000, public
x-goog-stored-content-length: 582294
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 20 Aug 2022 19:18:06 GMT

GET
H2 200 commence.js Show response
commencepayments.com/v2/ 24 KB
9 KB 213ms
158ms Script
application/javascript 2606:4700:20::ac43:4890
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://commencepayments.com/v2/commence.js

Requested by

Host: contact.nltofficial.site
URL: https://contact.nltofficial.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4890 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdeae16a5bd7e5928354bb23939300182f57c07ce34e2a07e9c671160c2fbd2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://contact.nltofficial.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 681df7326a354ec7-FRA
date: Fri, 20 Aug 2021 19:18:06 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"48AA4FA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7uXoyJpxS55wX6hj9aFmFdqdft0PKoES1G%2B3HFzrjVYfjh2CvIh3p3ZSgp%2FcHykF78%2F1T0ZpmBkQe8UZVFmKX%2B9ZnMNIQHa8Z24jN0eYIiGVJQf34wDxDtYZ16PqhPUFmJ%2Bx2PK1luD5U7ZQfsOGXZd7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br

GET
H2 200 it.js Show response
cdn.instapagemetrics.com/t/js/3/ 70 KB
23 KB 65ms
19ms Script
application/javascript 34.120.27.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.instapagemetrics.com/t/js/3/it.js
Requested by: Host: contact.nltofficial.site
URL: https://contact.nltofficial.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.27.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.27.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6038138cc175775b42f31d117e20be6d12d56bc495b4ccac86f2db8ca6b1240b

Request headers

Referer: https://contact.nltofficial.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 12:08:49 GMT
content-encoding: gzip
age: 889757
x-guploader-uploadid: ADPycduDRwEhon1M70fHQH0fV-fCN0K8ILY9fyY6pju0XS_oTLTna7AwtdXinwVz2oFjXnFjsXoaz-p-rzZmvt1mB2c
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-meta-tracker-version: 3
alt-svc: clear
content-length: 22752
last-modified: Tue, 10 Aug 2021 12:06:52 GMT
server: UploadServer
etag: "0a9dbbebc38c034f126f15aea8be1281"
x-goog-hash: crc32c=DGiIsw==, md5=Cp2768OMA08SbxWuqL4SgQ==
x-goog-generation: 1628597212109848
cache-control: no-transform
x-goog-stored-content-length: 22752
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 10 Aug 2022 12:08:49 GMT

GET
H2 200 sptw.3.js Show response
g.fastcdn.co/js/ 9 KB
3 KB 82ms
41ms Script
application/javascript 35.244.137.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/sptw.3.js
Requested by: Host: contact.nltofficial.site
URL: https://contact.nltofficial.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 202.137.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ee59049a77ecefd16b8b808229676b9f061ca97da27d3daf1271ef59dd5268e2

Request headers

Referer: https://contact.nltofficial.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 11:11:20 GMT
content-encoding: gzip
age: 893206
x-guploader-uploadid: ADPycds-sSDkVn9OU2mNjXceR-W--EDkO8QrePvSqQF0BK1Y_GnkY51bk62-BZMCaylkKEAbqVGFudzhu3D0kACotzU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 2984
last-modified: Tue, 10 Aug 2021 11:10:24 GMT
server: UploadServer
etag: "63285d34126a5466b0deebb6536b4545"
vary: Accept-Encoding
x-goog-hash: crc32c=++isQw==, md5=YyhdNBJqVGaw3uu2U2tFRQ==
x-goog-generation: 1628593824250788
cache-control: public, max-age=31536000
x-goog-stored-content-length: 2984
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 10 Aug 2022 11:11:20 GMT

GET
H2 200 55294726-0-unnamed-4.jpg
v.fastcdn.co/u/444efcb2/ 83 KB
83 KB 488ms
406ms Image
image/jpeg 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/444efcb2/55294726-0-unnamed-4.jpg
Requested by: Host: contact.nltofficial.site
URL: https://contact.nltofficial.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7104570ffc68c8f330570fdd5b421c82916511cd09b632cb70054d18ed03cee5

Request headers

Referer: https://contact.nltofficial.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:18:06 GMT
x-guploader-uploadid: ADPycdtlKLfuhvf4kovso1AoemiEOM3XSJPRMbMsTjVUhDGl5tfjHv76xemXtTXKf6wwKLGPXpPkawReP9F8n20C2kaTzyZ5lg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Wed, 16 Mar 2022 14:50:17 GMT
x-goog-meta-content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84599
last-modified: Sat, 23 Jan 2021 22:50:17 GMT
server: UploadServer
etag: "6674a732032d3a80006045fa924967f1"
x-goog-hash: crc32c=bIFDzg==, md5=ZnSnMgMtOoAAYEX6kkln8Q==
x-goog-generation: 1611442217787998
cache-control: max-age=315360000, public
x-goog-stored-content-length: 84599
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 20 Aug 2022 19:18:06 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bdeda331b720b33bf5b8bc88d52d16a1c40da840b41f4692e3ed70253fed9486

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 204 checkout_sessions
commencepayments.com/ Frame 0
0 155ms
136ms Preflight 2606:4700:20::ac43:4890
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://commencepayments.com/checkout_sessions

Protocol

Server

2606:4700:20::ac43:4890 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://contact.nltofficial.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 20 Aug 2021 19:18:06 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,X-CSRF-Token
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 1728000
cache-control: max-age=0, private, must-revalidate
x-request-id: 9cd91d15-e85a-4b91-9e03-a0bb8c9d9735
via: 1.1 vegur
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDix5Mi27%2FrvzH%2BWXaj0jLv24ZQZuErW%2FA1pMPdtNUHPsokpfD2cbjSB58iHe68Ibj6YAWQwcDaMn%2B0YaxTQ37snxyPWaX0E%2FGTW7UtLahi4h%2F9IPKvefVYR8zVDZIKfAL47jK36%2FKVGSqJInkWDGrfw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 681df7338d985364-FRA

OPTIONS
H2 204 checkout_sessions
commencepayments.com/ Frame 0
0 303ms
285ms Preflight 2606:4700:20::ac43:4890
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://commencepayments.com/checkout_sessions

Protocol

Server

2606:4700:20::ac43:4890 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://contact.nltofficial.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 20 Aug 2021 19:18:06 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,X-CSRF-Token
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 1728000
cache-control: max-age=0, private, must-revalidate
x-request-id: 868f023f-5793-489b-9781-5b4d9b69a247
via: 1.1 vegur
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q09vV1dhd4YX2%2FqMWQKQALdC6Dvh%2BS4I5yBVpob1Pb8iqJYRXZuDbf7WkOiTY4RgITQE%2Bq7l3FcAPP21JcMSjbYsjbPRef0LkXvhmKQd%2FS2F3R3KMZFbFN6Z2iiR0oB2PKRv30%2Bp6NKmFD%2FEN1A7nURQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 681df7338d9b5364-FRA

GET
H2 200 / Show response
js.stripe.com/v3/ 235 KB
59 KB 89ms
26ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/?commencev3

Requested by

Host: commencepayments.com
URL: https://commencepayments.com/v2/commence.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

57f49d1eeac481cbb212919de2c65b39fdd1f53334389e6151dc803dda687bd6

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://contact.nltofficial.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:18:06 GMT
content-encoding: br
vary: Accept-Encoding
age: 53
via: 1.1 varnish
x-cache: HIT
content-length: 59266
x-amz-id-2: TsLBpgeK06Y+Sh/4Hu3HawpZJosB5egjoe1dDtePcav//4SuNN5u0hNBAx+6ZCX4DKoNjJ8SSIg=
x-served-by: cache-fra19142-FRA
timing-allow-origin: *
last-modified: Fri, 20 Aug 2021 19:05:08 GMT
server: AmazonS3
etag: "eff97fb49f7397cd0524ee9be73dde49"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: XFRBF82GXMWG94HH
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 9

GET
H2 200 button.css
commencepayments.com/css/ 4 KB
1 KB 12ms
12ms Stylesheet
text/css 2606:4700:20::ac43:4890
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://commencepayments.com/css/button.css

Requested by

Host: commencepayments.com
URL: https://commencepayments.com/v2/commence.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4890 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20d9cc6155e23f036793d3946c75d992f76f2319c5f6c53741175ea2b8540526

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://contact.nltofficial.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:18:06 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6557
cf-polished: origSize=4633
content-encoding: br
vary: Accept-Encoding
cf-bgj: minify
server: cloudflare
etag: W/"563A339"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1kXLxHGJHVVCS1f9jPXd9cDzhkahpRD5jnkcWejdGpP%2FPLkE16yZti8bh%2B43MegMtN%2B%2BMs%2FuCMS7s7uxSOPMC4lxkLkh9BBvtdWkeXJ5IrVMxLTlxrfbZrb68hG%2F%2B%2BDOf3WgyVCLj1M3Om0PvokWvKkI"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 681df7336cb84ec7-FRA

POST
H2 201 checkout_sessions Show response
commencepayments.com/ 118 B
433 B 966ms
966ms XHR
application/json 2606:4700:20::ac43:4890
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://commencepayments.com/checkout_sessions

Requested by

Host: commencepayments.com
URL: https://commencepayments.com/v2/commence.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4890 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

522d235cf6480d1de5aa29064e5d5afa2bd6b6e8b21780b3544cb73018bd63d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://contact.nltofficial.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 20 Aug 2021 19:18:07 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 118
x-request-id: 8bb73c6a-9ffc-4266-9b80-5fec4d053508
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJSPAf6axGtHJL1hwXMKudafkEVSXcG8Fx62vaplUzhXzHQ6IN7UuscBveDAcrR4yerCPwPDrKfJpVkwGpPvE3fj19viEWUmbd%2FOEGf2ftUNEqDr%2BNB5gkW1s5bzRsP1DlHWOSdEG3YKopkh6dRYRTNd"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 681df7346fb45364-FRA

POST
H2 201 checkout_sessions Show response
commencepayments.com/ 118 B
485 B 772ms
772ms XHR
application/json 2606:4700:20::ac43:4890
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://commencepayments.com/checkout_sessions

Requested by

Host: commencepayments.com
URL: https://commencepayments.com/v2/commence.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4890 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cce1c6cae575d1dc646f1efdeb1a8175e1959323af3ff1105fec6e5b57e7876

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://contact.nltofficial.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 20 Aug 2021 19:18:07 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 118
x-request-id: e4198e31-932e-4608-8515-2be06a739eac
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STpk5lsj3XWgKODpdY9xeBYJ0y3NfNr9BqwsRZlr3f9TBkdGTO1S3rhb8ZdEU3YoaTo5I298vfEg5Usq%2BUNt2k%2F7Qh2rN6UvslpntLvxCdWdtw8z1EnYuDdvd5abW4%2FX9tmqwawvX6fM5ZqQR1SURaZM"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 681df7355a005364-FRA

GET
H2 200 visit
anthill.instapage.com/projects/56c2f3d796773d0a7e96a536/events/ 35 B
293 B 458ms
122ms Image
application/octet-stream 35.222.120.150
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://anthill.instapage.com/projects/56c2f3d796773d0a7e96a536/events/visit?api_key=46849a1cd9dd4b0120d06b9bc8a9ff3935db848597c47c27141eedd55a37770be453d0bba5a8fa36b55da05f1b66a34fdd33f8c8bd876ddb8a0042707c9e1261371212f59a7f00985818ac8a105d0459808890f9ea345d969b6fa89dd1742dfe437f4aae6b79147122216cac57b65234224cca1723455f350b3ff2acca700c10120b20917c6f418dd5389917efeb3304&data=eyJwYWdlX3VybCI6Imh0dHBzOi8vY29udGFjdC5ubHRvZmZpY2lhbC5zaXRlLyIsIm93bmVyX2lkIjozODA4Nzc2LCJjdXN0b21lcl9pZCI6NDIxOTY5NiwicGFnZV9pZCI6MjEzNjAwNzEsInB1Ymxpc2hlZF92ZXJzaW9uIjo0MiwidmFyaWF0aW9uX25hbWUiOiJBIiwidmFyaWF0aW9uX2lkIjoxLCJsaW5rZWRfdmFyaWF0aW9uX2lkIjoyLCJ2YXJpYXRpb24iOiJBIiwicXVhbnRpdHkiOjEsImluaXRpYWxfcmVzcG9uc2l2ZV9tb2RlIjpudWxsLCJzdGF0aWNfcGFnZSI6ZmFsc2UsImphdmFzY3JpcHQiOnRydWUsInZpZXdwb3J0X2hlaWdodCI6MTIwMCwidmlld3BvcnRfd2lkdGgiOjE2MDAsImNhbXBhaWduX2lkIjpmYWxzZSwiYWRfaWQiOmZhbHNlLCJjYW1wYWlnbl9zb3VyY2UiOmZhbHNlLCJ2aXNpdGVkIjowLCJyZXNwb25zaXZlX21vZGUiOm51bGwsInJlZiI6bnVsbH0=&t=1629487086646

Requested by

Host: contact.nltofficial.site
URL: https://contact.nltofficial.site/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.222.120.150 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

150.120.222.35.bc.googleusercontent.com

Software

/ Express

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://contact.nltofficial.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:18:07 GMT
referrer-policy: same-origin
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=315360000; includeSubDomains
vary: Accept-Encoding, Origin
content-length: 35
etag: W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"

GET
H2 200 VTIXC1-h-xM Show response
www.youtube.com/embed/ Frame E756 54 KB
24 KB 96ms
76ms Document
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/VTIXC1-h-xM?showinfo=0&wmode=transparent&rel=0&autoplay=1&mute=1&controls=1

Requested by

Host: g.fastcdn.co
URL: https://g.fastcdn.co/js/LazyImage.b311ea858a228d7bc9b2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5542bf6db55ecebb2d5435efa4fb2c9e1883128a9f1b0ee190722ce04558f817

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/VTIXC1-h-xM?showinfo=0&wmode=transparent&rel=0&autoplay=1&mute=1&controls=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://contact.nltofficial.site/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://contact.nltofficial.site/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 20 Aug 2021 19:18:06 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
accept-ch-lifetime: 2592000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=tXhEjXCN7Vw; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=uqN9K9bjn6k; Domain=.youtube.com; Expires=Wed, 16-Feb-2022 19:18:06 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+678; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 54992486-0-c6e99d7227ad017ea0a2.jpg
v.fastcdn.co/u/444efcb2/ 33 KB
34 KB 428ms
428ms Image
image/jpeg 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/444efcb2/54992486-0-c6e99d7227ad017ea0a2.jpg
Requested by: Host: contact.nltofficial.site
URL: https://contact.nltofficial.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e5d7aaad985d11444a3850a3e740794b3ac3687787e6fc3cca24d0d12bfc9c85

Request headers

Referer: https://contact.nltofficial.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:18:06 GMT
x-guploader-uploadid: ADPycdvR9wCyuNUXm0UU-PU4L2RyJ9d95Mz9qkfl2BD3nYSA-i_UP7cNYYOQOZfLJDJ4w68F6yiU86pA8op-ANt2SzRSN1sL0g
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Fri, 25 Feb 2022 08:09:33 GMT
x-goog-meta-content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34137
last-modified: Mon, 04 Jan 2021 16:09:34 GMT
server: UploadServer
etag: "da90bc316eee92cf6336e639a1911350"
x-goog-hash: crc32c=hZXKlg==, md5=2pC8MW7uks9jNuY5oZETUA==
x-goog-generation: 1609776574104153
cache-control: max-age=315360000, public
x-goog-stored-content-length: 34137
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 20 Aug 2022 19:18:06 GMT

GET
H2 200 54992496-0-couv3.jpg
v.fastcdn.co/u/444efcb2/ 558 KB
558 KB 408ms
408ms Image
image/jpeg 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/444efcb2/54992496-0-couv3.jpg
Requested by: Host: contact.nltofficial.site
URL: https://contact.nltofficial.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f52fcd372052e6672f1b578f6706cfd181672f38f8ffdad1b9de11d1f2355b95

Request headers

Referer: https://contact.nltofficial.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:18:06 GMT
x-guploader-uploadid: ADPycdtQ0tMJa5g9c2z5eUdQqXJVr_JnGdKjX5LnGE3Xdsdh4dUEVBXf4TTvW96IrQqYCRD8UkQbDlava-_pN9b9XM2Zj21Z-A
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Fri, 25 Feb 2022 08:09:34 GMT
x-goog-meta-content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 570886
last-modified: Mon, 04 Jan 2021 16:09:34 GMT
server: UploadServer
etag: "1bdecfa017a042c5537fbfe87ff2c8d7"
x-goog-hash: crc32c=tcjzog==, md5=G97PoBegQsVTf7/of/LI1w==
x-goog-generation: 1609776574925251
cache-control: max-age=315360000, public
x-goog-stored-content-length: 570886
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 20 Aug 2022 19:18:06 GMT

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/b555ee94/ Frame E756 329 KB
45 KB 18ms
15ms Stylesheet
text/css 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b555ee94/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/VTIXC1-h-xM?showinfo=0&wmode=transparent&rel=0&autoplay=1&mute=1&controls=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa52f6b5576b95a51157b7b318e6bf15c54cfe5013ed068c66fde0852971f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/VTIXC1-h-xM?showinfo=0&wmode=transparent&rel=0&autoplay=1&mute=1&controls=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 14:41:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 19 Aug 2021 00:25:39 GMT
server: sffe
age: 102984
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46249
x-xss-protection: 0
expires: Fri, 19 Aug 2022 14:41:42 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/b555ee94/www-embed-player.vflset/ Frame E756 193 KB
64 KB 16ms
12ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b555ee94/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/VTIXC1-h-xM?showinfo=0&wmode=transparent&rel=0&autoplay=1&mute=1&controls=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cc4e229cc22a45146d4f3c3358e36ad1cafe05c73d07fba488da967a85a58ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/VTIXC1-h-xM?showinfo=0&wmode=transparent&rel=0&autoplay=1&mute=1&controls=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 14:41:35 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 19 Aug 2021 00:25:39 GMT
server: sffe
age: 102991
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65245
x-xss-protection: 0
expires: Fri, 19 Aug 2022 14:41:35 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/ Frame E756 2 MB
497 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/VTIXC1-h-xM?showinfo=0&wmode=transparent&rel=0&autoplay=1&mute=1&controls=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0930cdf7a5ac7dd8c0eee66b6d5d1e215205f9f08228cb0b048acd4f08016920

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/VTIXC1-h-xM?showinfo=0&wmode=transparent&rel=0&autoplay=1&mute=1&controls=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 14:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 19 Aug 2021 00:25:39 GMT
server: sffe
age: 102983
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 508404
x-xss-protection: 0
expires: Fri, 19 Aug 2022 14:41:43 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/b555ee94/fetch-polyfill.vflset/ Frame E756 8 KB
3 KB 29ms
26ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b555ee94/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/VTIXC1-h-xM?showinfo=0&wmode=transparent&rel=0&autoplay=1&mute=1&controls=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/VTIXC1-h-xM?showinfo=0&wmode=transparent&rel=0&autoplay=1&mute=1&controls=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 14:41:35 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 19 Aug 2021 00:25:39 GMT
server: sffe
age: 102991
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Fri, 19 Aug 2022 14:41:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E756 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/VTIXC1-h-xM?showinfo=0&wmode=transparent&rel=0&autoplay=1&mute=1&controls=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 21:27:21 GMT
x-content-type-options: nosniff
age: 337845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 21:27:21 GMT

GET
H3-29

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame E756
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
161 B

36ms
36ms

XHR
application/json

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/VTIXC1-h-xM?showinfo=0&wmode=transparent&rel=0&autoplay=1&mute=1&controls=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

329ba2a5818be7cbb155b2a38fb75c99389b5590088356b2de41daa8f8c2905f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:18:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 20 Aug 2021 19:18:07 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame E756 29 B
523 B 25ms
5ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b555ee94/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:10:36 GMT
x-content-type-options: nosniff
age: 451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-media
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Aug 2021 19:25:36 GMT

GET
H2 200 IuCWDz73HYLPWI2A8JtEv2n5QG0id1gwe4-a4xeLFCk.js Show response
www.google.com/js/th/ Frame E756 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/IuCWDz73HYLPWI2A8JtEv2n5QG0id1gwe4-a4xeLFCk.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22e0960f3ef71d82cf588d80f09b44bf69f9406d227758307b8f9ae3178b1429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 10:28:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13207
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 15:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Aug 2022 10:28:17 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/ Frame E756 24 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92afa9485ca4ccf9d827259ae32c1868922e79a8c5677db8757acc8a0170e959

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/VTIXC1-h-xM?showinfo=0&wmode=transparent&rel=0&autoplay=1&mute=1&controls=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 14:49:45 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 19 Aug 2021 00:25:39 GMT
server: sffe
age: 102502
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7274
x-xss-protection: 0
expires: Fri, 19 Aug 2022 14:49:45 GMT

POST
H3-29 200 player Show response
www.youtube.com/youtubei/v1/ Frame E756 59 KB
18 KB 141ms
141ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f4e6d6be0235c8f669940a8d169dd7a397cb44fe76e60b5c7aff6ec02df1d2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/VTIXC1-h-xM?showinfo=0&wmode=transparent&rel=0&autoplay=1&mute=1&controls=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210818.1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Visitor-Id: Cgt1cU45Szliam42ayju__-IBg%3D%3D
Content-Type: application/json

Response headers

date: Fri, 20 Aug 2021 19:18:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18162
x-xss-protection: 0
expires: Fri, 20 Aug 2021 19:18:07 GMT

GET
DATA 200
OK truncated
/ Frame E756 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLTZJSgIBgYzv0G73ZSp0gKNdD_9oP_H4maTQw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame E756 643 B
1 KB 147ms
127ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLTZJSgIBgYzv0G73ZSp0gKNdD_9oP_H4maTQw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/VTIXC1-h-xM?showinfo=0&wmode=transparent&rel=0&autoplay=1&mute=1&controls=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

748dca2095c0cbe1e348a27d8f67c6eb07ed33e2bbe07f2f9745ca50ad7c360e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:18:07 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 643
x-xss-protection: 0
expires: Sat, 21 Aug 2021 19:18:07 GMT

GET
DATA 200
OK truncated
/ Frame E756 353 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8d5a498fcfb5a6bf8ddb41da09c7612ed7bdd4e5158bc6ed1da12813ecf5505

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 204 generate_204
www.youtube.com/ Frame E756 0
9 B 6ms
5ms Image
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?W_2x9g
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/VTIXC1-h-xM?showinfo=0&wmode=transparent&rel=0&autoplay=1&mute=1&controls=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/VTIXC1-h-xM?showinfo=0&wmode=transparent&rel=0&autoplay=1&mute=1&controls=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:18:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3-29 204 qoe
www.youtube.com/api/stats/ Frame E756 0
19 B 14ms
14ms Ping
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=244&afmt=251&cpn=IoZaxmpLs2Fdp6oh&ei=7_8fYaegEsXJ1wLE2YaQBA&el=embedded&docid=VTIXC1-h-xM&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004603%2C24004644%2C24007246%2C24046641%2C24053866%2C24060921%2C24079211%2C24080738%2C24082662%2C24084071%2C24091243&cl=391623642&seq=1&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210818.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.016:B,0.200:B,0.200:B&cmt=0.016:0.000,0.200:0.000&ctmp=cc:t.192;useVodTrack&afs=0.200:251::i&vfs=0.200:244:244::r&view=0.200:884:564&bwe=0.200:130000&bat=0.200:1:1&vis=0.200:0&bh=0.200:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/VTIXC1-h-xM?showinfo=0&wmode=transparent&rel=0&autoplay=1&mute=1&controls=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:18:07 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r2---sn-4g5e6ns6.googlevideo.com/ Frame E756 83 KB
84 KB 444ms
326ms XHR
video/webm 2a00:1450:4001:60::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5e6ns6.googlevideo.com/videoplayback?expire=1629508687&ei=7_8fYaegEsXJ1wLE2YaQBA&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-AP4YCLKCgtk7Jgfxizc5i-aa6GVuHhUxEK0LCzvracDs&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313&source=youtube&requiressl=yes&mh=eW&mm=31%2C29&mn=sn-4g5e6ns6%2Csn-4g5ednsy&ms=au%2Crdu&mv=m&mvi=2&pl=52&initcwndbps=401250&vprv=1&mime=video%2Fwebm&ns=wr9Ftb2z0yL-CeI3LXgnF5wG&gir=yes&clen=580385&dur=18.240&lmt=1617976569515895&mt=1629486767&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6316222&n=V8MmY382UxYCsw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAL0Newg9dUBhNb7XWm1dbLqyJ0I0H6qkzrNKTDvXBC-yAiA9AdzMhjr_0bLvIdnsB8nKz-fCznBlx8LXhl2BNXQTGw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgZ-LJRYMguBdirezows_JxQuA7lUdGdKGoeIIiihNAEMCIQCnQL9QhV2sv6JVLgZW34FECXHsFyIWq7nrNj0rai7Kaw%3D%3D&alr=yes&cpn=IoZaxmpLs2Fdp6oh&cver=1.20210818.1.0&range=0-84715&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:60::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

b4b89b3d3b70d238195620583a7b1bc7779ef5929f95082425ad76e15ec4ae82

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 19:18:07 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 84716
Last-Modified: Fri, 09 Apr 2021 13:56:09 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Fri, 20 Aug 2021 19:18:07 GMT

GET
H/1.1 200
OK videoplayback Show response
r2---sn-4g5e6ns6.googlevideo.com/ Frame E756 64 KB
65 KB 249ms
132ms XHR
audio/webm 2a00:1450:4001:60::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5e6ns6.googlevideo.com/videoplayback?expire=1629508687&ei=7_8fYaegEsXJ1wLE2YaQBA&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-AP4YCLKCgtk7Jgfxizc5i-aa6GVuHhUxEK0LCzvracDs&itag=251&source=youtube&requiressl=yes&mh=eW&mm=31%2C29&mn=sn-4g5e6ns6%2Csn-4g5ednsy&ms=au%2Crdu&mv=m&mvi=2&pl=52&initcwndbps=401250&vprv=1&mime=audio%2Fwebm&ns=wr9Ftb2z0yL-CeI3LXgnF5wG&gir=yes&clen=370441&dur=18.261&lmt=1617976555187755&mt=1629486767&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6311222&n=V8MmY382UxYCsw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgZU80sdIa7mvC7wegSQ7CSHrTRxSb3tIuRbv4XiWoCrUCIQCCg8v2S_bg8-PEt6zjGeaoohsBCi5HiKXm4GMRaUSDdg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgZ-LJRYMguBdirezows_JxQuA7lUdGdKGoeIIiihNAEMCIQCnQL9QhV2sv6JVLgZW34FECXHsFyIWq7nrNj0rai7Kaw%3D%3D&alr=yes&cpn=IoZaxmpLs2Fdp6oh&cver=1.20210818.1.0&range=0-65835&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:60::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

286411c4e9eeb42d5e310e471ca399b6774718226220bde3b1212de60a6a421e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 19:18:07 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 65836
Last-Modified: Fri, 09 Apr 2021 13:55:55 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Fri, 20 Aug 2021 19:18:07 GMT

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/ Frame E756 95 KB
29 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6221d51dec89592c9f60ea68c839f932b60d6f03cb966e0e9a4afbb1e3bb5e8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/VTIXC1-h-xM?showinfo=0&wmode=transparent&rel=0&autoplay=1&mute=1&controls=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 14:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29741
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 00:25:39 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 14:41:44 GMT

GET
H3-29 200 endscreen.js Show response
www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/ Frame E756 26 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f1ff9fac98ee28a5b8bd1ebed44a7f1be2336126da375ec5518f4a5d1c623bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/VTIXC1-h-xM?showinfo=0&wmode=transparent&rel=0&autoplay=1&mute=1&controls=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 14:41:45 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 19 Aug 2021 00:25:39 GMT
server: sffe
age: 102982
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7195
x-xss-protection: 0
expires: Fri, 19 Aug 2022 14:41:45 GMT

POST
H3-29 200 next Show response
www.youtube.com/youtubei/v1/ Frame E756 5 KB
1 KB 181ms
181ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

567a5bb20b3d3d352463ac5d4c1017142db2c42241f1f92132097f92ffb9be97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/VTIXC1-h-xM?showinfo=0&wmode=transparent&rel=0&autoplay=1&mute=1&controls=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210818.1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Visitor-Id: Cgt1cU45Szliam42ayju__-IBg%3D%3D
Content-Type: application/json

Response headers

date: Fri, 20 Aug 2021 19:18:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1126
x-xss-protection: 0
expires: Fri, 20 Aug 2021 19:18:07 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame E756 4 KB
2 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:18:07 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Fri, 20 Aug 2021 19:18:07 GMT

GET
H2 200 m-outer-5564a2ae650989ada0dc7f7250ae34e9.html Show response
js.stripe.com/v3/ Frame ED2E 215 B
532 B 26ms
26ms Document
text/html 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?commencev3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2f90c4b8fb3b8afbf228232c4afb00f5a1d0efab1c7f7ebf313d730d3cd050f3

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://contact.nltofficial.site/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://contact.nltofficial.site/

Response headers

x-amz-id-2: T2QP8rZ9mpqAUTC5X48MJKtIxuemFj3wVxS0/xRlrVUwx2b0c7tuavEN+CtyCov3uz+mko/5Tm4=
x-amz-request-id: AEZH935P9AXMM919
last-modified: Tue, 29 Jun 2021 17:25:38 GMT
etag: "5564a2ae650989ada0dc7f7250ae34e9"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Fri, 20 Aug 2021 19:18:07 GMT
via: 1.1 varnish
age: 16
x-served-by: cache-fra19142-FRA
x-cache: HIT
x-cache-hits: 16
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 130

OPTIONS
H2 200 two
ec.instapagemetrics.com/t/ Frame 0
0 404ms
119ms Preflight 35.222.120.150
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ec.instapagemetrics.com/t/two

Protocol

Server

35.222.120.150 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

150.120.222.35.bc.googleusercontent.com

Software

akka-http/10.1.12 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://contact.nltofficial.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://contact.nltofficial.site
access-control-max-age: 5
date: Fri, 20 Aug 2021 19:18:07 GMT
referrer-policy: same-origin
server: akka-http/10.1.12
strict-transport-security: max-age=315360000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 0

POST
H2 200 two Show response
ec.instapagemetrics.com/t/ 2 B
442 B 363ms
119ms XHR
text/plain 35.222.120.150
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ec.instapagemetrics.com/t/two

Requested by

Host: cdn.instapagemetrics.com
URL: https://cdn.instapagemetrics.com/t/js/3/it.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.222.120.150 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

150.120.222.35.bc.googleusercontent.com

Software

akka-http/10.1.12 /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://contact.nltofficial.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Fri, 20 Aug 2021 19:18:08 GMT
referrer-policy: same-origin
server: akka-http/10.1.12
x-frame-options: SAMEORIGIN
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://contact.nltofficial.site
access-control-allow-credentials: true
x-content-type-options: nosniff
strict-transport-security: max-age=315360000; includeSubDomains
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
content-length: 2
x-xss-protection: 1; mode=block

GET
H2 200 m-outer-60c368c1e1eddba7bd149e4b4f5408df.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame ED2E 1 KB
820 B 26ms
26ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-60c368c1e1eddba7bd149e4b4f5408df.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

691b9a514dcd9541c4d3fa26dc23c391eaf00535415d84f9cda5f910fe721840

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:18:07 GMT
content-encoding: br
vary: Accept-Encoding
age: 149
via: 1.1 varnish
x-cache: HIT
content-length: 637
x-amz-id-2: IFluHZRKEGzOoXDLqnDUwE9arH7C7k3XLxhOgxxGHvfA6W5BleDfebCwh+OHSiMCLlBmCWpn8C0=
x-served-by: cache-fra19142-FRA
timing-allow-origin: *
last-modified: Tue, 29 Jun 2021 17:25:39 GMT
server: AmazonS3
etag: "78581b5abad6c4e7b59c0f8ee45a8134"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: K69XVADA20VEB16K
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 96

GET
H2 200 inner.html Show response
m.stripe.network/ Frame E22D 932 B
1 KB 65ms
12ms Document
text/html 2600:9000:2190:d000:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-60c368c1e1eddba7bd149e4b4f5408df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:d000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: m.stripe.network
:scheme: https
:path: /inner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Thu, 12 Aug 2021 00:00:27 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding: gzip
date: Fri, 20 Aug 2021 19:16:11 GMT
cache-control: public, max-age=300
etag: W/"6114649b-3a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 cd66c5a89ae3376f15c155e3b52a758d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: KoF3dq9yDa0cFvLU1LUHVW8sO9azR4z4utLbOmTAW1xNzb9QxbMc4g==
age: 116

GET
H2 200 out-4.5.40.js Show response
m.stripe.network/ Frame E22D 85 KB
19 KB 13ms
13ms Script
application/x-javascript 2600:9000:2190:d000:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.40.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:d000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"6114649b-154bc"
age: 83
x-cache: Hit from cloudfront
last-modified: Thu, 12 Aug 2021 00:00:27 GMT
server: nginx
date: Fri, 20 Aug 2021 19:16:44 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 cd66c5a89ae3376f15c155e3b52a758d.cloudfront.net (CloudFront)
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: CxvLmRMeRjCiN945GVJWWjU8WNo5WYBajBO8I4lG5rHVT1vWPuWxhw==

POST
H2 200 6 Show response
m.stripe.com/ Frame E22D 156 B
517 B 563ms
189ms XHR
text/plain 44.229.66.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.40.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.229.66.179 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-229-66-179.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

aa4f4a94f07d60196158220f8bc161706449a181b12364a1b9271c800110cee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 20 Aug 2021 19:18:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

GET
H3-29 200 videoplayback Show response
r2---sn-4g5e6ns6.googlevideo.com/ Frame E756 83 KB
83 KB 15ms
6ms XHR
video/webm 2a00:1450:4001:60::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:60::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

f702c2a778df9b267a6a931cd091867718249ddd235dd9e3b3c663dcf4055ba3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:18:07 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85090
client-protocol: quic
last-modified: Fri, 09 Apr 2021 13:56:09 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Fri, 20 Aug 2021 19:18:07 GMT

GET
H3-29 200 videoplayback Show response
r2---sn-4g5e6ns6.googlevideo.com/ Frame E756 64 KB
64 KB 7ms
6ms XHR
audio/webm 2a00:1450:4001:60::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5e6ns6.googlevideo.com/videoplayback?expire=1629508687&ei=7_8fYaegEsXJ1wLE2YaQBA&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-AP4YCLKCgtk7Jgfxizc5i-aa6GVuHhUxEK0LCzvracDs&itag=251&source=youtube&requiressl=yes&mh=eW&mm=31%2C29&mn=sn-4g5e6ns6%2Csn-4g5ednsy&ms=au%2Crdu&mv=m&mvi=2&pl=52&initcwndbps=401250&vprv=1&mime=audio%2Fwebm&ns=wr9Ftb2z0yL-CeI3LXgnF5wG&gir=yes&clen=370441&dur=18.261&lmt=1617976555187755&mt=1629486767&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6311222&n=V8MmY382UxYCsw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgZU80sdIa7mvC7wegSQ7CSHrTRxSb3tIuRbv4XiWoCrUCIQCCg8v2S_bg8-PEt6zjGeaoohsBCi5HiKXm4GMRaUSDdg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgZ-LJRYMguBdirezows_JxQuA7lUdGdKGoeIIiihNAEMCIQCnQL9QhV2sv6JVLgZW34FECXHsFyIWq7nrNj0rai7Kaw%3D%3D&alr=yes&cpn=IoZaxmpLs2Fdp6oh&cver=1.20210818.1.0&range=65836-131371&rn=4&rbuf=3192

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:60::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c888d3154a9a3d1ca368141c313b0bd7d2d83b3df23e1d0de827e461439c2659

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:18:07 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65536
client-protocol: quic
last-modified: Fri, 09 Apr 2021 13:55:55 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Fri, 20 Aug 2021 19:18:07 GMT

GET
H3-29 200 videoplayback Show response
r2---sn-4g5e6ns6.googlevideo.com/ Frame E756 211 KB
211 KB 7ms
7ms XHR
video/webm 2a00:1450:4001:60::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:60::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0b8e9fa0c11c71d669d48e866f381d8a3c76cf17be1caba781a2b7bbd460b248

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:18:07 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 216143
client-protocol: quic
last-modified: Fri, 09 Apr 2021 13:56:09 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Fri, 20 Aug 2021 19:18:07 GMT

GET
H3-29 200 videoplayback Show response
r2---sn-4g5e6ns6.googlevideo.com/ Frame E756 128 KB
128 KB 7ms
6ms XHR
audio/webm 2a00:1450:4001:60::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5e6ns6.googlevideo.com/videoplayback?expire=1629508687&ei=7_8fYaegEsXJ1wLE2YaQBA&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-AP4YCLKCgtk7Jgfxizc5i-aa6GVuHhUxEK0LCzvracDs&itag=251&source=youtube&requiressl=yes&mh=eW&mm=31%2C29&mn=sn-4g5e6ns6%2Csn-4g5ednsy&ms=au%2Crdu&mv=m&mvi=2&pl=52&initcwndbps=401250&vprv=1&mime=audio%2Fwebm&ns=wr9Ftb2z0yL-CeI3LXgnF5wG&gir=yes&clen=370441&dur=18.261&lmt=1617976555187755&mt=1629486767&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6311222&n=V8MmY382UxYCsw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgZU80sdIa7mvC7wegSQ7CSHrTRxSb3tIuRbv4XiWoCrUCIQCCg8v2S_bg8-PEt6zjGeaoohsBCi5HiKXm4GMRaUSDdg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgZ-LJRYMguBdirezows_JxQuA7lUdGdKGoeIIiihNAEMCIQCnQL9QhV2sv6JVLgZW34FECXHsFyIWq7nrNj0rai7Kaw%3D%3D&alr=yes&cpn=IoZaxmpLs2Fdp6oh&cver=1.20210818.1.0&range=131372-262635&rn=6&rbuf=6384

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:60::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

1a6614a0a284a8311545a30a0a8d8bfb573b3a806e03b5d72176812b37a03812

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:18:07 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131264
client-protocol: quic
last-modified: Fri, 09 Apr 2021 13:55:55 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Fri, 20 Aug 2021 19:18:07 GMT

GET
H3-29 200 videoplayback Show response
r2---sn-4g5e6ns6.googlevideo.com/ Frame E756 190 KB
190 KB 6ms
6ms XHR
video/webm 2a00:1450:4001:60::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:60::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

08aa9c24a9656608ca8d58317ac88f9b3a9435451bb9070e6f960a23963a65bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:18:07 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194436
client-protocol: quic
last-modified: Fri, 09 Apr 2021 13:56:09 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Fri, 20 Aug 2021 19:18:07 GMT

GET
H3-29 204 playback
www.youtube.com/api/stats/ Frame E756 0
17 B 16ms
15ms Image
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=IoZaxmpLs2Fdp6oh&docid=VTIXC1-h-xM&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FVTIXC1-h-xM%3Fshowinfo%3D0%26wmode%3Dtransparent%26rel%3D0%26autoplay%3D1%26mute%3D1%26controls%3D1&cmt=0.053&ei=7_8fYaegEsXJ1wLE2YaQBA&fmt=244&fs=0&rt=0.771&of=-_xhI4eL4MjOL53E0nwGhA&euri=https%3A%2F%2Fcontact.nltofficial.site%2F&lact=796&cl=391623642&mos=1&vm=CAEQABgEOjJBS1JhaHdCc01OcmdWSWtpSFR3NG1qeWRCdW9qMVRXR1pGT3FfNjJocG1xSmxoNDRJd2JQQUh3MUlTLTNTZ3N0TG83aUNPNG1qT09wbE5jSF9vbG5LQ0F0aENzZlhseGljTmJDeXhvX1dPa1FXemxabk9HWWpYaEZ3VmJRaElFUWFLb3o&volume=100&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210818.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&hl=en_US&cr=DE&len=18.261&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004603%2C24004644%2C24007246%2C24046641%2C24053866%2C24060921%2C24079211%2C24080738%2C24082662%2C24084071%2C24091243&rtn=8&afmt=251&size=884%3A564&inview=0&muted=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/VTIXC1-h-xM?showinfo=0&wmode=transparent&rel=0&autoplay=1&mute=1&controls=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:18:08 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 ptracking
www.youtube.com/ Frame E756 0
19 B 15ms
14ms Image
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=VTIXC1-h-xM&cpn=IoZaxmpLs2Fdp6oh&ei=7_8fYaegEsXJ1wLE2YaQBA&ptk=youtube_none&pltype=contentugc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/VTIXC1-h-xM?showinfo=0&wmode=transparent&rel=0&autoplay=1&mute=1&controls=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:18:08 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame E756 28 B
321 B 29ms
29ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b555ee94/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/VTIXC1-h-xM?showinfo=0&wmode=transparent&rel=0&autoplay=1&mute=1&controls=1
X-YouTube-Client-Version: 1.20210818.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgt1cU45Szliam42ayju__-IBg%3D%3D
X-YouTube-Ad-Signals: dt=1629487087058&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C884%2C564&vis=1&wgl=true&ca_type=image&bid=ANyPxKoYmJY6fGehYYNPCQTTlSXKtdsWDZ92IwBBmp9HN4SymAYhx--_Mj-OBElnwf9lho-4FdFhoYz5YcR6TAYoAF_ZnR9EIg

Response headers

date: Fri, 20 Aug 2021 19:18:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Fri, 20 Aug 2021 19:18:09 GMT

GET
H/1.1 200
OK videoplayback Show response
r2---sn-4g5e6ns6.googlevideo.com/ Frame E756 105 KB
106 KB 7ms
7ms XHR
audio/webm 2a00:1450:4001:60::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5e6ns6.googlevideo.com/videoplayback?expire=1629508687&ei=7_8fYaegEsXJ1wLE2YaQBA&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-AP4YCLKCgtk7Jgfxizc5i-aa6GVuHhUxEK0LCzvracDs&itag=251&source=youtube&requiressl=yes&mh=eW&mm=31%2C29&mn=sn-4g5e6ns6%2Csn-4g5ednsy&ms=au%2Crdu&mv=m&mvi=2&pl=52&initcwndbps=401250&vprv=1&mime=audio%2Fwebm&ns=wr9Ftb2z0yL-CeI3LXgnF5wG&gir=yes&clen=370441&dur=18.261&lmt=1617976555187755&mt=1629486767&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6311222&n=V8MmY382UxYCsw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgZU80sdIa7mvC7wegSQ7CSHrTRxSb3tIuRbv4XiWoCrUCIQCCg8v2S_bg8-PEt6zjGeaoohsBCi5HiKXm4GMRaUSDdg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgZ-LJRYMguBdirezows_JxQuA7lUdGdKGoeIIiihNAEMCIQCnQL9QhV2sv6JVLgZW34FECXHsFyIWq7nrNj0rai7Kaw%3D%3D&alr=yes&cpn=IoZaxmpLs2Fdp6oh&cver=1.20210818.1.0&range=262636-370440&rn=8&rbuf=10655

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:60::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

b6b97b37aed50b9d29161347279a9f1837a5afd821eac14502e403c5419d4ad4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 19:18:10 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 107805
Last-Modified: Fri, 09 Apr 2021 13:55:55 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21297
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Fri, 20 Aug 2021 19:18:10 GMT

POST
H2 204 atr Show response
www.youtube.com/api/stats/ Frame E756 0
178 B 17ms
16ms XHR
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=IoZaxmpLs2Fdp6oh&docid=VTIXC1-h-xM&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FVTIXC1-h-xM%3Fshowinfo%3D0%26wmode%3Dtransparent%26rel%3D0%26autoplay%3D1%26mute%3D1%26controls%3D1&cmt=4.573&ei=7_8fYaegEsXJ1wLE2YaQBA&fmt=244&fs=0&rt=5.287&of=-_xhI4eL4MjOL53E0nwGhA&euri=https%3A%2F%2Fcontact.nltofficial.site%2F&lact=5311&cl=391623642&mos=1&vm=CAEQABgEOjJBS1JhaHdCc01OcmdWSWtpSFR3NG1qeWRCdW9qMVRXR1pGT3FfNjJocG1xSmxoNDRJd2JQQUh3MUlTLTNTZ3N0TG83aUNPNG1qT09wbE5jSF9vbG5LQ0F0aENzZlhseGljTmJDeXhvX1dPa1FXemxabk9HWWpYaEZ3VmJRaElFUWFLb3o&volume=100&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210818.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&hl=en_US&cr=DE&len=18.261&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004603%2C24004644%2C24007246%2C24046641%2C24053866%2C24060921%2C24079211%2C24080738%2C24082662%2C24084071%2C24091243&afmt=251&muted=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/VTIXC1-h-xM?showinfo=0&wmode=transparent&rel=0&autoplay=1&mute=1&controls=1
X-YouTube-Client-Version: 1.20210818.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-YouTube-Ad-Signals: dt=1629487087159&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C884%2C564&vis=1&wgl=true&ca_type=image&bid=ANyPxKoYmJY6fGehYYNPCQTTlSXKtdsWDZ92IwBBmp9HN4SymAYhx--_Mj-OBElnwf9lho-4FdFhoYz5YcR6TAYoAF_ZnR9EIg

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:18:12 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame E756 28 B
54 B 17ms
17ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/VTIXC1-h-xM?showinfo=0&wmode=transparent&rel=0&autoplay=1&mute=1&controls=1
X-YouTube-Client-Version: 1.20210818.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgt1cU45Szliam42ayju__-IBg%3D%3D
X-YouTube-Ad-Signals: dt=1629487087159&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C884%2C564&vis=1&wgl=true&ca_type=image&bid=ANyPxKoYmJY6fGehYYNPCQTTlSXKtdsWDZ92IwBBmp9HN4SymAYhx--_Mj-OBElnwf9lho-4FdFhoYz5YcR6TAYoAF_ZnR9EIg

Response headers

date: Fri, 20 Aug 2021 19:18:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Fri, 20 Aug 2021 19:18:14 GMT

GET
H/1.1 200
OK videogoodput Show response
r10---sn-axq7sn7e.googlevideo.com/ Frame E756 5 KB
6 KB 139ms
37ms XHR
application/octet-stream 2a00:1450:4012::1c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r10---sn-axq7sn7e.googlevideo.com/videogoodput?id=o-AAnibUc2m7nvwhNCWEsoxa7M09X5RLXLtEg3y9W629k0&source=goodput&range=0-4999&expire=1629490687&ip=2a01:4f8:121:131a::2&ms=pm&mm=35&pl=52&nh=IgpwcjAxLmxlZDAzKgkxMjcuMC4wLjE&sparams=id,source,range,expire,ip,ms,mm,pl,nh&signature=54669A8918DB4690C46D0A6C083F8A02C0429BF4.04C31DD9CFE46C2D1D665AE134F22EEEAAD3735D&key=cms1&cpn=IoZaxmpLs2Fdp6oh

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4012::1c , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

e00ea25d7b15b52e8bad739603de7d055ef3677771f43a8a5eb231de0bd5557f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 19:18:15 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 5000
Pragma: no-cache
Last-Modified: Fri, 20 Aug 2021 19:18:15 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 watchtime
www.youtube.com/api/stats/ Frame E756 0
17 B 14ms
14ms Image
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=IoZaxmpLs2Fdp6oh&docid=VTIXC1-h-xM&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FVTIXC1-h-xM%3Fshowinfo%3D0%26wmode%3Dtransparent%26rel%3D0%26autoplay%3D1%26mute%3D1%26controls%3D1&cmt=7.287&ei=7_8fYaegEsXJ1wLE2YaQBA&fmt=244&fs=0&rt=8.001&of=-_xhI4eL4MjOL53E0nwGhA&euri=https%3A%2F%2Fcontact.nltofficial.site%2F&lact=8026&cl=391623642&state=playing&vm=CAEQABgEOjJBS1JhaHdCc01OcmdWSWtpSFR3NG1qeWRCdW9qMVRXR1pGT3FfNjJocG1xSmxoNDRJd2JQQUh3MUlTLTNTZ3N0TG83aUNPNG1qT09wbE5jSF9vbG5LQ0F0aENzZlhseGljTmJDeXhvX1dPa1FXemxabk9HWWpYaEZ3VmJRaElFUWFLb3o&volume=100&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210818.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&hl=en_US&cr=DE&len=18.261&rtn=18&afmt=251&idpj=-3&ldpj=-21&rti=8&st=0&et=7.287&muted=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/VTIXC1-h-xM?showinfo=0&wmode=transparent&rel=0&autoplay=1&mute=1&controls=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:18:15 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 qoe
www.youtube.com/api/stats/ Frame E756 0
19 B 15ms
14ms Ping
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=244&afmt=251&cpn=IoZaxmpLs2Fdp6oh&ei=7_8fYaegEsXJ1wLE2YaQBA&el=embedded&docid=VTIXC1-h-xM&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004603%2C24004644%2C24007246%2C24046641%2C24053866%2C24060921%2C24079211%2C24080738%2C24082662%2C24084071%2C24091243&cl=391623642&seq=2&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210818.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&cat=itdrm&user_intent=0&cmt=0.769:0.053,1.519:0.805,10.000:9.287&vps=0.769:PL,10.000:PL&bwm=10.000:950826:0.839&bwe=10.000:8229328&bat=10.000:1:1&bh=10.000:18.240&df=10.000:0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/VTIXC1-h-xM?showinfo=0&wmode=transparent&rel=0&autoplay=1&mute=1&controls=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 19:18:17 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1970-01-20 00:57:19	Name: VISITOR_INFO1_LIVE Value: uqN9K9bjn6k
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: tXhEjXCN7Vw
contact.nltofficial.site/	1970-01-20 14:09:19	Name: instap-spid.bb57 Value: 8830215b-31be-4c3f-8ceb-ec9f3ba44c91.1629487088.1.1629487088.1629487088.5cd4c29d-bfca-479f-be3c-fdb03317739c
contact.nltofficial.site/	1970-01-19 20:38:08	Name: instap-spses.bb57 Value: *

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

anthill.instapage.com
cdn.instapagemetrics.com
commencepayments.com
contact.nltofficial.site
ec.instapagemetrics.com
fonts.gstatic.com
g.fastcdn.co
googleads.g.doubleclick.net
js.stripe.com
m.stripe.com
m.stripe.network
r10---sn-axq7sn7e.googlevideo.com
r2---sn-4g5e6ns6.googlevideo.com
static.doubleclick.net
v.fastcdn.co
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
107.178.254.45
151.101.12.176
192.229.133.208
2600:9000:2190:d000:19:7d10:bd80:93a1
2606:4700:20::ac43:4890
2a00:1450:4001:60::7
2a00:1450:4001:808::2001
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:812::2003
2a00:1450:4001:812::2006
2a00:1450:4001:813::2004
2a00:1450:4001:829::2002
2a00:1450:4012::1c
34.120.27.38
35.222.120.150
35.244.137.202
44.229.66.179
08aa9c24a9656608ca8d58317ac88f9b3a9435451bb9070e6f960a23963a65bb
0930cdf7a5ac7dd8c0eee66b6d5d1e215205f9f08228cb0b048acd4f08016920
0b8e9fa0c11c71d669d48e866f381d8a3c76cf17be1caba781a2b7bbd460b248
1a6614a0a284a8311545a30a0a8d8bfb573b3a806e03b5d72176812b37a03812
1f1ff9fac98ee28a5b8bd1ebed44a7f1be2336126da375ec5518f4a5d1c623bc
20d9cc6155e23f036793d3946c75d992f76f2319c5f6c53741175ea2b8540526
22e0960f3ef71d82cf588d80f09b44bf69f9406d227758307b8f9ae3178b1429
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
273351aab878880f869c20a8c5e7cbcce7fcd5878787e1fe30a222f3e5792404
286411c4e9eeb42d5e310e471ca399b6774718226220bde3b1212de60a6a421e
2f90c4b8fb3b8afbf228232c4afb00f5a1d0efab1c7f7ebf313d730d3cd050f3
329ba2a5818be7cbb155b2a38fb75c99389b5590088356b2de41daa8f8c2905f
3cc4e229cc22a45146d4f3c3358e36ad1cafe05c73d07fba488da967a85a58ca
3cce1c6cae575d1dc646f1efdeb1a8175e1959323af3ff1105fec6e5b57e7876
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4fa52f6b5576b95a51157b7b318e6bf15c54cfe5013ed068c66fde0852971f28
522d235cf6480d1de5aa29064e5d5afa2bd6b6e8b21780b3544cb73018bd63d6
5542bf6db55ecebb2d5435efa4fb2c9e1883128a9f1b0ee190722ce04558f817
567a5bb20b3d3d352463ac5d4c1017142db2c42241f1f92132097f92ffb9be97
57f49d1eeac481cbb212919de2c65b39fdd1f53334389e6151dc803dda687bd6
6038138cc175775b42f31d117e20be6d12d56bc495b4ccac86f2db8ca6b1240b
6221d51dec89592c9f60ea68c839f932b60d6f03cb966e0e9a4afbb1e3bb5e8f
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
691b9a514dcd9541c4d3fa26dc23c391eaf00535415d84f9cda5f910fe721840
6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7104570ffc68c8f330570fdd5b421c82916511cd09b632cb70054d18ed03cee5
748dca2095c0cbe1e348a27d8f67c6eb07ed33e2bbe07f2f9745ca50ad7c360e
7e7c84efcf8e336f390d7a51a24cba3873782769b33470b31d2cef95b2f01cee
7f4e6d6be0235c8f669940a8d169dd7a397cb44fe76e60b5c7aff6ec02df1d2b
871a395274807a496ca51c603b7320eca9fc11a7949c0df992be96f29dcb7211
92afa9485ca4ccf9d827259ae32c1868922e79a8c5677db8757acc8a0170e959
aa4f4a94f07d60196158220f8bc161706449a181b12364a1b9271c800110cee6
b4b89b3d3b70d238195620583a7b1bc7779ef5929f95082425ad76e15ec4ae82
b668862022f1910be19b036df1cca69fd70ce85734aff94b1fe2c46fd33a3433
b6b97b37aed50b9d29161347279a9f1837a5afd821eac14502e403c5419d4ad4
b96b4f9b3146047939f342700eb43b54b7ab687d070048efa199320fc250844e
bdeae16a5bd7e5928354bb23939300182f57c07ce34e2a07e9c671160c2fbd2c
bdeda331b720b33bf5b8bc88d52d16a1c40da840b41f4692e3ed70253fed9486
c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a
c888d3154a9a3d1ca368141c313b0bd7d2d83b3df23e1d0de827e461439c2659
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8d5a498fcfb5a6bf8ddb41da09c7612ed7bdd4e5158bc6ed1da12813ecf5505
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e00ea25d7b15b52e8bad739603de7d055ef3677771f43a8a5eb231de0bd5557f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d7aaad985d11444a3850a3e740794b3ac3687787e6fc3cca24d0d12bfc9c85
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee59049a77ecefd16b8b808229676b9f061ca97da27d3daf1271ef59dd5268e2
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef545b1178b496181d973fc0579cdee04a529c806fa4b525d4d7f9b5f564d917
f52fcd372052e6672f1b578f6706cfd181672f38f8ffdad1b9de11d1f2355b95
f702c2a778df9b267a6a931cd091867718249ddd235dd9e3b3c663dcf4055ba3
fba5096221f8fc2c6d5dd2bc7bc040dd6278e182ac5c8732bbde2b7848fd4f94

contact.nltofficial.site Open in urlscan Pro 107.178.254.45 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

61 Requests

100 %HTTPS

61 %IPv6

13 Domains

19 Subdomains

19 IPs

3 Countries

3365 kBTransfer

5607 kBSize

4 Cookies

0 Outgoing links

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

contact.nltofficial.site Open in urlscan Pro
107.178.254.45 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

100 %
HTTPS

61 %
IPv6

13
Domains

19
Subdomains

19
IPs

3
Countries

3365 kB
Transfer

5607 kB
Size

4
Cookies

61 HTTP transactions
3 data transactions