landingpages.popslotscasino.com Open in urlscan Pro
13.225.78.109 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://popslots.casino/3inOTmn
Effective URL:
https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/index.html?coupon=RPOP_1M_20221203_TW_gnweikv_CM
Submission: On December 03 via api (December 3rd 2022, 12:10:41 pm UTC) from PL — Scanned from NO

Summary HTTP 60 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 13 IPs in 1 countries across 10 domains to perform 60 HTTP transactions. The main IP is 13.225.78.109, located in United States and belongs to AMAZON-02, US. The main domain is landingpages.popslotscasino.com.
TLS certificate: Issued by Amazon on September 11th 2022. Valid for: a year.

This is the only time landingpages.popslotscasino.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.13 67.199.248.13	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	18.66.122.91 18.66.122.91	16509 (AMAZON-02) (AMAZON-02)
10	13.225.78.109 13.225.78.109	16509 (AMAZON-02) (AMAZON-02)
20	142.250.185.238 142.250.185.238	15169 (GOOGLE) (GOOGLE)
1	172.217.18.10 172.217.18.10	15169 (GOOGLE) (GOOGLE)
1	142.250.185.106 142.250.185.106	15169 (GOOGLE) (GOOGLE)
5	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
2 4	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
8	142.250.185.138 142.250.185.138	15169 (GOOGLE) (GOOGLE)
2	172.217.18.4 172.217.18.4	15169 (GOOGLE) (GOOGLE)
2	142.250.185.193 142.250.185.193	15169 (GOOGLE) (GOOGLE)
2	142.250.185.182 142.250.185.182	15169 (GOOGLE) (GOOGLE)
4	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
60	13

1 67.199.248.13 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: cname.bitly.com

popslots.casino	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.91 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-91.fra60.r.cloudfront.net

api.popslotscasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 13.225.78.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-109.fra2.r.cloudfront.net

landingpages.popslotscasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.185.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.4 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f1.1e100.net

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.182 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f22.1e100.net

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	youtube.com www.youtube.com — Cisco Umbrella Rank: 71	2 MB
11	popslotscasino.com 1 redirects api.popslotscasino.com landingpages.popslotscasino.com	806 KB
10	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 296 fonts.googleapis.com — Cisco Umbrella Rank: 37 jnn-pa.googleapis.com — Cisco Umbrella Rank: 179	67 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	108 KB
6	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 static.doubleclick.net — Cisco Umbrella Rank: 199	2 KB
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 83	96 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 240	9 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	28 KB
1	popslots.casino 1 redirects popslots.casino	287 B
0	Failed function sub() { [native code] }. Failed
60	10

	Domain	Requested by
20	www.youtube.com	landingpages.popslotscasino.com www.youtube.com
10	landingpages.popslotscasino.com	landingpages.popslotscasino.com
8	jnn-pa.googleapis.com	www.youtube.com
5	fonts.gstatic.com	www.youtube.com fonts.googleapis.com
4	www.gstatic.com	www.youtube.com www.gstatic.com
4	googleads.g.doubleclick.net	2 redirects www.youtube.com
2	i.ytimg.com	www.youtube.com
2	yt3.ggpht.com	www.youtube.com
2	www.google.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
1	fonts.googleapis.com	ajax.googleapis.com
1	ajax.googleapis.com	landingpages.popslotscasino.com
1	api.popslotscasino.com	1 redirects
1	popslots.casino	1 redirects
0	play Failed	landingpages.popslotscasino.com
60	15

This site contains links to these domains. Also see Links.

Domain
app.adjust.com

Subject Issuer	Validity	Valid
*.pscapi.com Amazon	`2022-09-11` - `2023-10-10`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh

This page contains 3 frames:

Frame: bigcasino://play?&coupon=RPOP_1M_20221203_TW_gnweikv_CM
Frame ID: C1AD0780741AFB0C5F5B01A145CC58B0
Requests: 14 HTTP requests in this frame

Frame: https://www.youtube.com/embed/wyWxrnkQgOc
Frame ID: 0526396B37669AD8BE78CC744D8EC3E4
Requests: 22 HTTP requests in this frame

Frame: https://www.youtube.com/embed/wyWxrnkQgOc
Frame ID: 54E0A5B8200DF414DFC60FF1DE5D3468
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

POP!SLOTS

Page URL History Show full URLs

https://popslots.casino/3inOTmn HTTP 301
https://api.popslotscasino.com/v2/landing/page?coupon=RPOP_1M_20221203_TW_gnweikv_CM HTTP 302
https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/index.html?coupon=RPOP_1M_20221203_TW_gnwe... Page URL

Detected technologies

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Page Statistics

60
Requests

95 %
HTTPS

0 %
IPv6

10
Domains

15
Subdomains

13
IPs

1
Countries

2722 kB
Transfer

7284 kB
Size

3
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://app.adjust.com/j3zswy?engagement_type=fallback_click

Search URL Search Domain Scan URL

URL: https://app.adjust.com/brerk0?engagement_type=fallback_click

Search URL Search Domain Scan URL

URL: https://app.adjust.com/j3zswy

Search URL Search Domain Scan URL

URL: https://app.adjust.com/brerk0

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://popslots.casino/3inOTmn HTTP 301
https://api.popslotscasino.com/v2/landing/page?coupon=RPOP_1M_20221203_TW_gnweikv_CM HTTP 302
https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/index.html?coupon=RPOP_1M_20221203_TW_gnweikv_CM Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 35

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

60 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request index.html Show response
landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/
Redirect Chain

https://popslots.casino/3inOTmn
https://api.popslotscasino.com/v2/landing/page?coupon=RPOP_1M_20221203_TW_gnweikv_CM
https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/index.html?coupon=RPOP_1M_20221203_TW_gnweikv_CM

6 KB
7 KB

263ms
70ms

Document
text/html

13.225.78.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/index.html?coupon=RPOP_1M_20221203_TW_gnweikv_CM
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-109.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b04d249bb558c621971b2ba1ef2e600ff0c25100bf282c42a3455e158ba0bbdc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

Accept-Ranges: bytes
Age: 365325
Cache-Control: max-age=2592000
Connection: keep-alive
Content-Encoding: UTF8
Content-Length: 6328
Content-Type: text/html
Date: Tue, 29 Nov 2022 06:41:50 GMT
ETag: "b3a051ca0e5566b9eddadce0dbe99d42"
Last-Modified: Thu, 12 Aug 2021 09:04:58 GMT
Server: AmazonS3
Via: 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 1qkYlgU19qDI4JroE7HBl3iDspFaCN4PhvID6v2sJmcKf9hsqIiWiQ==
X-Amz-Cf-Pop: FRA2-C2
X-Cache: Hit from cloudfront

Redirect headers

Connection: keep-alive
Content-Length: 20
Content-Type: text/plain; charset=UTF-8
Via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
X-Amz-Cf-Id: -3SCpz-ZWyo3fphwS3wTgrgWc5XL875gSO9Hq4nRIVB02lzBX1_bYQ==
X-Amz-Cf-Pop: FRA60-P2
X-Cache: Miss from cloudfront
content-encoding: gzip
date: Sat, 03 Dec 2022 12:10:34 GMT
location: https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/index.html?coupon=RPOP_1M_20221203_TW_gnweikv_CM
server: istio-envoy
vary: Accept-Encoding
x-atmosphere-tracking-id: 246f6d68-65e1-493e-92d8-7a946a526e53
x-envoy-upstream-service-time: 1

GET
H/1.1 200
OK stylesheet.css
landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/Styles/ 5 KB
5 KB 67ms
67ms Stylesheet
text/css 13.225.78.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/Styles/stylesheet.css
Requested by: Host: landingpages.popslotscasino.com
URL: https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/index.html?coupon=RPOP_1M_20221203_TW_gnweikv_CM
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-109.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85396fffdff6b2a01db0580728d4fade646224aef6004c00c7eabe25222359d9

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/index.html?coupon=RPOP_1M_20221203_TW_gnweikv_CM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Sat, 03 Dec 2022 11:02:06 GMT
Content-Encoding: UTF8
Via: 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
Last-Modified: Thu, 12 Aug 2021 09:04:56 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C2
Age: 2458511
ETag: "261677e56cd7922fac71da323cc1321d"
X-Cache: Hit from cloudfront
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4995
X-Amz-Cf-Id: vP9E7I0lt8bqlUxsZaz9ghmmFXMxuOzUXFA1KXdR-2SjjryGExenZQ==

GET
H/1.1 200
OK logo.png
landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/Images/ 131 KB
131 KB 138ms
67ms Image
image/png 13.225.78.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/Images/logo.png
Requested by: Host: landingpages.popslotscasino.com
URL: https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/index.html?coupon=RPOP_1M_20221203_TW_gnweikv_CM
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-109.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 597166803322b415b77d75a82a2ec8c0507d0254765ee61c5aadac029483b358

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/index.html?coupon=RPOP_1M_20221203_TW_gnweikv_CM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Thu, 03 Nov 2022 19:16:40 GMT
Via: 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
Last-Modified: Thu, 12 Aug 2021 09:04:56 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C2
Age: 2566437
ETag: "56f76f548b81e3a5d0195bb8152234d2"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 133850
X-Amz-Cf-Id: gY7WOtGfMCGQdfrq0CCOGsOIKjZgEN8MxR5r4XD53JZwvNBozKazJQ==

GET
H/1.1 200
OK guy_right.png
landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/Images/ 197 KB
197 KB 210ms
69ms Image
image/png 13.225.78.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/Images/guy_right.png
Requested by: Host: landingpages.popslotscasino.com
URL: https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/index.html?coupon=RPOP_1M_20221203_TW_gnweikv_CM
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-109.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04015ebb7467883b96ba76970d52155b41ec6877f3c3f5bc018f9c3fb32dd20f

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/index.html?coupon=RPOP_1M_20221203_TW_gnweikv_CM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Tue, 15 Nov 2022 00:54:20 GMT
Via: 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
Last-Modified: Thu, 12 Aug 2021 09:04:57 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C2
Age: 1595777
ETag: "f93a280ccae65b6701e9dbdedb0345a7"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 201225
X-Amz-Cf-Id: AHk0DzROuahhTVtxTrpR0JwdN-0OvSfAGYOm6bxm82t-Kq_PCfNjIg==

GET
H/1.1 200
OK girl_left.png
landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/Images/ 161 KB
161 KB 221ms
80ms Image
image/png 13.225.78.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/Images/girl_left.png
Requested by: Host: landingpages.popslotscasino.com
URL: https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/index.html?coupon=RPOP_1M_20221203_TW_gnweikv_CM
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-109.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd4129383f223dae8c6fd5473fe29db3182cc0e572df2f6065d6ae46d7cc43b8

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/index.html?coupon=RPOP_1M_20221203_TW_gnweikv_CM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 01:21:19 GMT
Via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
Last-Modified: Thu, 12 Aug 2021 09:04:56 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C2
Age: 2026158
ETag: "60edb074cd1da79e42e0ae38a8375e6f"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 164593
X-Amz-Cf-Id: PKRzBFxqIXYmh_NsflbuO_Moifvir0PL7STQbuJicl9L6pl_Mh0cBg==

GET
H/1.1 200
OK store_appstore.png
landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/Images/ 9 KB
9 KB 228ms
73ms Image
image/png 13.225.78.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/Images/store_appstore.png
Requested by: Host: landingpages.popslotscasino.com
URL: https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/index.html?coupon=RPOP_1M_20221203_TW_gnweikv_CM
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-109.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 430e6b5a7fc682fcb6e9289687c504b2d86be9ff897b4d7bca3efc30193b6f4a

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/index.html?coupon=RPOP_1M_20221203_TW_gnweikv_CM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Tue, 15 Nov 2022 06:41:35 GMT
Via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
Last-Modified: Thu, 12 Aug 2021 09:04:57 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C2
Age: 1574942
ETag: "d2188ceb550750c82336c9a19e8b9849"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9091
X-Amz-Cf-Id: bI6h-_vj3JIYWcudfPU9qaAZtdy1BtDgsRx-msjvbEzuwFcC4By-Ig==

GET
H/1.1 200
OK store_google.png
landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/Images/ 8 KB
8 KB 285ms
70ms Image
image/png 13.225.78.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/Images/store_google.png
Requested by: Host: landingpages.popslotscasino.com
URL: https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/index.html?coupon=RPOP_1M_20221203_TW_gnweikv_CM
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-109.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64c7efcd7ba4b45d4f13b213148cc9f4f2cb289bf08024471e83dd2528644ea1

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/index.html?coupon=RPOP_1M_20221203_TW_gnweikv_CM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Sun, 13 Nov 2022 03:08:53 GMT
Via: 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
Last-Modified: Thu, 12 Aug 2021 09:04:58 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C2
Age: 1760504
ETag: "dff8ef24bc6aa2dad8b1c1d9764a273d"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8148
X-Amz-Cf-Id: w0vc3PY-3JP3re8EclYEAGEUiQKPfqoXTW-CNIjP2O8XIlhN5H6muw==

GET
H2 200 wyWxrnkQgOc Show response
www.youtube.com/embed/ Frame 0526 69 KB
28 KB 651ms
169ms Document
text/html 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/wyWxrnkQgOc

Requested by

Host: landingpages.popslotscasino.com
URL: https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/index.html?coupon=RPOP_1M_20221203_TW_gnweikv_CM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

ESF /

Resource Hash

ea0a9c76306a72870d28a3cb8d27ad75574b1aa8726c18b3d9933abf09bdf178

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://landingpages.popslotscasino.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 12:10:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=no for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 wyWxrnkQgOc Show response
www.youtube.com/embed/ Frame 54E0 68 KB
29 KB 615ms
134ms Document
text/html 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/wyWxrnkQgOc

Requested by

Host: landingpages.popslotscasino.com
URL: https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/index.html?coupon=RPOP_1M_20221203_TW_gnweikv_CM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

ESF /

Resource Hash

a514d65a4e63b8ea77a8db65cf314bc263f35c4a25fac895ae4790d65a93bb03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://landingpages.popslotscasino.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 12:10:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=no for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
6 KB 579ms
86ms Script
text/javascript 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: landingpages.popslotscasino.com
URL: https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/index.html?coupon=RPOP_1M_20221203_TW_gnweikv_CM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f10.1e100.net

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://landingpages.popslotscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 11:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 11:00:32 GMT

GET
H/1.1 200
OK bg.png
landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/Images/ 200 KB
201 KB 279ms
67ms Image
image/png 13.225.78.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/Images/bg.png
Requested by: Host: landingpages.popslotscasino.com
URL: https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/Styles/stylesheet.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-109.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d56b0f8753d44d28a3897320a706269ab3ffa05ebb99530e4aedbdd2008b53d

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/Styles/stylesheet.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Tue, 15 Nov 2022 00:54:20 GMT
Via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
Last-Modified: Thu, 12 Aug 2021 09:04:57 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C2
Age: 1595776
ETag: "d706eba40c872bd37918a73952d47c7e"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 205100
X-Amz-Cf-Id: v-9WHjMo6NP2juJOl1lVkGXm3PeTyHs6Is8wht4R9jUmmhrVtxBdlQ==

GET
H/1.1 200
OK device.png
landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/Images/ 58 KB
59 KB 124ms
70ms Image
image/png 13.225.78.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/Images/device.png
Requested by: Host: landingpages.popslotscasino.com
URL: https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/Styles/stylesheet.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-109.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e46889937c7bc04b94d5f4ad512f830e2fb76062cf57132a72f0bf305e02667

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/Styles/stylesheet.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Tue, 15 Nov 2022 06:26:39 GMT
Via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
Last-Modified: Thu, 12 Aug 2021 09:04:57 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C2
Age: 1575838
ETag: "724345bb5451608d07c0108638d66199"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 59890
X-Amz-Cf-Id: 2hYsnSezJuMG_HSHB-I_0HRYFlRMDEdNo2cP27tXxshmhfgXLtw7bg==

GET
H/1.1 200
OK play_upstate.png
landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/Images/ 26 KB
26 KB 198ms
71ms Image
image/png 13.225.78.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/Images/play_upstate.png
Requested by: Host: landingpages.popslotscasino.com
URL: https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/Styles/stylesheet.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-109.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 87e86ebfc90656581401441d2d4d40876c0b639d9377adc876284b831dae6473

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://landingpages.popslotscasino.com/2.723.98521/site/pages/landingpop/Styles/stylesheet.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Tue, 22 Nov 2022 03:10:49 GMT
Via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
Last-Modified: Thu, 12 Aug 2021 09:04:58 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C2
Age: 982788
ETag: "86611b70cab692aa23eab1a5ed4cc6d1"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26394
X-Amz-Cf-Id: n3iNF-_tA0tdvvkSgt1_bb7FzuVzequVQsfDKh94KsJn8dWpi_xZbQ==

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 548ms
90ms Stylesheet
text/css 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Comfortaa&subset=latin

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

ESF /

Resource Hash

a094e0727c302b9b5548d226f59ede76ef692df130c8b073c289ecfc85488666

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://landingpages.popslotscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 03 Dec 2022 12:10:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 03 Dec 2022 12:10:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 03 Dec 2022 12:10:37 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/dab28f34/ Frame 54E0 360 KB
49 KB 98ms
98ms Stylesheet
text/css 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dab28f34/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/wyWxrnkQgOc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

sffe /

Resource Hash

1c8fb02f68e820bfcc5da89d05e5903e066828ef585e86d69b585af69f21216e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/embed/wyWxrnkQgOc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 07:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18225
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49849
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 03 Dec 2023 07:06:51 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 54E0 15 KB
16 KB 539ms
77ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/wyWxrnkQgOc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 19:21:27 GMT
x-content-type-options: nosniff
age: 319750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 19:21:27 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 54E0 15 KB
15 KB 557ms
96ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/wyWxrnkQgOc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 321049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 29 Nov 2023 18:59:48 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/dab28f34/ Frame 0526 360 KB
49 KB 126ms
126ms Stylesheet
text/css 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dab28f34/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/wyWxrnkQgOc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

sffe /

Resource Hash

1c8fb02f68e820bfcc5da89d05e5903e066828ef585e86d69b585af69f21216e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/embed/wyWxrnkQgOc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 07:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18225
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49849
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 03 Dec 2023 07:06:51 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0526 15 KB
15 KB 595ms
160ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/wyWxrnkQgOc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 19:21:27 GMT
x-content-type-options: nosniff
age: 319750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 19:21:27 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0526 15 KB
15 KB 619ms
184ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/wyWxrnkQgOc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 321049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 29 Nov 2023 18:59:48 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/dab28f34/www-embed-player.vflset/ Frame 54E0 314 KB
97 KB 124ms
123ms Script
text/javascript 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dab28f34/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/wyWxrnkQgOc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

sffe /

Resource Hash

9e266c87ad4ccde16ed22725e4369cbcb9522ad41233d435a2e5636f463907b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/embed/wyWxrnkQgOc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 16:02:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 158890
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99243
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 01 Dec 2023 16:02:26 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/dab28f34/player_ias.vflset/nb_NO/ Frame 54E0 2 MB
581 KB 175ms
174ms Script
text/javascript 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dab28f34/player_ias.vflset/nb_NO/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/wyWxrnkQgOc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

sffe /

Resource Hash

a824163a55900fb521ac64d81e2ac209ec0ef83a9bc7186432a543ce76a069e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/embed/wyWxrnkQgOc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 16:56:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 155635
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 594483
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 01 Dec 2023 16:56:41 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/dab28f34/fetch-polyfill.vflset/ Frame 54E0 9 KB
3 KB 173ms
173ms Script
text/javascript 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dab28f34/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/wyWxrnkQgOc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/embed/wyWxrnkQgOc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 04:50:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26420
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 03 Dec 2023 04:50:16 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/dab28f34/www-embed-player.vflset/ Frame 0526 314 KB
97 KB 266ms
264ms Script
text/javascript 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dab28f34/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/wyWxrnkQgOc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

sffe /

Resource Hash

9e266c87ad4ccde16ed22725e4369cbcb9522ad41233d435a2e5636f463907b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/embed/wyWxrnkQgOc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 16:02:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 158890
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99243
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 01 Dec 2023 16:02:26 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/dab28f34/player_ias.vflset/nb_NO/ Frame 0526 2 MB
581 KB 269ms
268ms Script
text/javascript 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dab28f34/player_ias.vflset/nb_NO/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/wyWxrnkQgOc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

sffe /

Resource Hash

a824163a55900fb521ac64d81e2ac209ec0ef83a9bc7186432a543ce76a069e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/embed/wyWxrnkQgOc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 16:56:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 155635
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 594483
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 01 Dec 2023 16:56:41 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/dab28f34/fetch-polyfill.vflset/ Frame 0526 9 KB
3 KB 273ms
272ms Script
text/javascript 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dab28f34/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/wyWxrnkQgOc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/embed/wyWxrnkQgOc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 04:50:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26420
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 03 Dec 2023 04:50:16 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 54E0
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
189 B

86ms
85ms

XHR
application/json

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/wyWxrnkQgOc

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

2a01595aedf5f7e940a6ea205522e35661cf1c3b05299b777b9d44a0155b2494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 12:10:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 03 Dec 2022 12:10:37 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 54E0 29 B
588 B 545ms
76ms Script
text/javascript 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 12:03:31 GMT
x-content-type-options: nosniff
age: 426
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 03 Dec 2022 12:18:31 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 560ms
84ms Preflight
text/html 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sat, 03 Dec 2022 12:10:37 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 54E0 66 KB
30 KB 116ms
115ms XHR
application/json+protobuf 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/nb_NO/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

fd2962516c2171c438fb2ecbbc1f11a79ea98589ea3f50734fc06896a747b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 03 Dec 2022 12:10:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30627
x-xss-protection: 0

GET
H2 200 remote.js Show response
www.youtube.com/s/player/dab28f34/player_ias.vflset/nb_NO/ Frame 54E0 119 KB
37 KB 76ms
76ms Script
text/javascript 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dab28f34/player_ias.vflset/nb_NO/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/nb_NO/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

sffe /

Resource Hash

ca2021f9363c0570ca042747a43d84b7b1d650b686443c809503019d6ea6be70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/embed/wyWxrnkQgOc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 10:35:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37271
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 03 Dec 2023 10:35:20 GMT

GET
H2 200 ayf-ZXn06Q-bf2kvL7HvZn-6GmgIdMcaNWCzb_-s5mI.js Show response
www.google.com/js/th/ Frame 54E0 36 KB
14 KB 538ms
78ms Script
text/javascript 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/ayf-ZXn06Q-bf2kvL7HvZn-6GmgIdMcaNWCzb_-s5mI.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/nb_NO/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f4.1e100.net

Software

sffe /

Resource Hash

6b27fe6579f4e90f9b7f692f2fb1ef667fba1a680874c71a3560b36ffface662

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 06:33:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14218
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Dec 2023 06:33:55 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/dab28f34/player_ias.vflset/nb_NO/ Frame 54E0 26 KB
8 KB 76ms
76ms Script
text/javascript 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dab28f34/player_ias.vflset/nb_NO/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/nb_NO/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

sffe /

Resource Hash

c122b0ae0cc327b2721682eb6129ada9781d7fbd9b22bc54d91ed8c941d42bad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/embed/wyWxrnkQgOc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 16:56:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 155636
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8299
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 01 Dec 2023 16:56:41 GMT

GET
DATA 200
OK truncated
/ Frame 54E0 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu_YqRiKjs9B7buSH6WLj1islNXV7Xw6Byj4Ai39=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 54E0 4 KB
5 KB 535ms
74ms Image
image/jpeg 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu_YqRiKjs9B7buSH6WLj1islNXV7Xw6Byj4Ai39=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/wyWxrnkQgOc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

fife /

Resource Hash

3c9bca38965c1f3a3b95c9dbd4d83da9d4693eec41e0afe0d47ee25811a81aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 11:20:52 GMT
x-content-type-options: nosniff
age: 2985
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4607
x-xss-protection: 0
server: fife
etag: "v7c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 13 Nov 2022 06:55:15 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/wyWxrnkQgOc/ Frame 54E0 48 KB
48 KB 556ms
89ms Image
image/webp 142.250.185.182
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/wyWxrnkQgOc/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/wyWxrnkQgOc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f22.1e100.net

Software

sffe /

Resource Hash

d200da9bb0568390ed33480cfc246d67d4c0822905073a187f10bf23e5d497b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 12:10:37 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49046
x-xss-protection: 0
server: sffe
etag: "1610376245"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 03 Dec 2022 14:10:37 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 0526
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

84ms
84ms

XHR
application/json

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/wyWxrnkQgOc

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

a3126e07d6df6c47b8ab2b5f59c22506d96b4e9490381c2f514170ce63981073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 12:10:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 03 Dec 2022 12:10:37 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 0526 29 B
89 B 447ms
77ms Script
text/javascript 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 12:03:31 GMT
x-content-type-options: nosniff
age: 426
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 03 Dec 2022 12:18:31 GMT

GET
H2 200 1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMDrMfIA.woff2
fonts.gstatic.com/s/comfortaa/v40/ 12 KB
12 KB 96ms
96ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/comfortaa/v40/1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMDrMfIA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Comfortaa&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

7beee22f05326e6b35fe4737c4639433f496bac10e22e2b9ae23068a3d2aba29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://landingpages.popslotscasino.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:56:11 GMT
x-content-type-options: nosniff
age: 245666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12028
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 19:17:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 15:56:11 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 455ms
85ms Preflight
text/html 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sat, 03 Dec 2022 12:10:37 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0526 66 KB
30 KB 93ms
92ms XHR
application/json+protobuf 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/nb_NO/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

2461ab8d8634e912050ae589ea4c1b3ff2a3835ea10926f5333d40b13424a803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 03 Dec 2022 12:10:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30620
x-xss-protection: 0

GET
H2 200 remote.js Show response
www.youtube.com/s/player/dab28f34/player_ias.vflset/nb_NO/ Frame 0526 119 KB
36 KB 74ms
74ms Script
text/javascript 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dab28f34/player_ias.vflset/nb_NO/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/nb_NO/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

sffe /

Resource Hash

ca2021f9363c0570ca042747a43d84b7b1d650b686443c809503019d6ea6be70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/embed/wyWxrnkQgOc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 10:35:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37271
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 03 Dec 2023 10:35:20 GMT

GET
H2 200 ayf-ZXn06Q-bf2kvL7HvZn-6GmgIdMcaNWCzb_-s5mI.js Show response
www.google.com/js/th/ Frame 0526 36 KB
14 KB 449ms
94ms Script
text/javascript 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/ayf-ZXn06Q-bf2kvL7HvZn-6GmgIdMcaNWCzb_-s5mI.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/nb_NO/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f4.1e100.net

Software

sffe /

Resource Hash

6b27fe6579f4e90f9b7f692f2fb1ef667fba1a680874c71a3560b36ffface662

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 06:33:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14218
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Dec 2023 06:33:55 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/dab28f34/player_ias.vflset/nb_NO/ Frame 0526 26 KB
8 KB 74ms
73ms Script
text/javascript 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dab28f34/player_ias.vflset/nb_NO/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/nb_NO/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

sffe /

Resource Hash

c122b0ae0cc327b2721682eb6129ada9781d7fbd9b22bc54d91ed8c941d42bad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/embed/wyWxrnkQgOc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 16:56:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 155636
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8299
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 01 Dec 2023 16:56:41 GMT

GET
DATA 200
OK truncated
/ Frame 0526 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu_YqRiKjs9B7buSH6WLj1islNXV7Xw6Byj4Ai39=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 0526 4 KB
5 KB 456ms
81ms Image
image/jpeg 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu_YqRiKjs9B7buSH6WLj1islNXV7Xw6Byj4Ai39=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/wyWxrnkQgOc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

fife /

Resource Hash

3c9bca38965c1f3a3b95c9dbd4d83da9d4693eec41e0afe0d47ee25811a81aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 11:20:52 GMT
x-content-type-options: nosniff
age: 2985
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4607
x-xss-protection: 0
server: fife
etag: "v7c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 13 Nov 2022 06:55:15 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/wyWxrnkQgOc/ Frame 0526 48 KB
48 KB 578ms
197ms Image
image/webp 142.250.185.182
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/wyWxrnkQgOc/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/wyWxrnkQgOc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f22.1e100.net

Software

sffe /

Resource Hash

d200da9bb0568390ed33480cfc246d67d4c0822905073a187f10bf23e5d497b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 12:10:37 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49046
x-xss-protection: 0
server: sffe
etag: "1610376245"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 03 Dec 2022 14:10:37 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 54E0 4 KB
3 KB 558ms
94ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/nb_NO/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 12:10:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 03 Dec 2022 12:10:37 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 0526 4 KB
2 KB 523ms
107ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/nb_NO/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 12:10:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 03 Dec 2022 12:10:37 GMT

GET
H2 204 generate_204
www.youtube.com/ Frame 54E0 0
40 B 75ms
75ms Image
text/plain 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?77FVqg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/wyWxrnkQgOc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f14.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/embed/wyWxrnkQgOc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 12:10:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 204 generate_204
www.youtube.com/ Frame 0526 0
38 B 76ms
76ms Image
text/plain 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?_adzTA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/wyWxrnkQgOc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f14.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/embed/wyWxrnkQgOc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 12:10:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/108/ Frame 54E0 52 KB
15 KB 77ms
77ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/108/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

a174ce3d0e66cfea95ba4288c928291b37bd679f3044ac1a7f4dc3958036be11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 09:34:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15164
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 00:45:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 04 Dec 2022 09:34:02 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/108/ Frame 0526 52 KB
15 KB 83ms
83ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/108/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

a174ce3d0e66cfea95ba4288c928291b37bd679f3044ac1a7f4dc3958036be11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 09:34:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15164
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 00:45:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 04 Dec 2022 09:34:02 GMT

POST
H2 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0526 90 B
181 B 194ms
194ms XHR
application/json+protobuf 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/nb_NO/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

302e19efc4e6cba8dc9a509e4eb2825cc990f1d8d267ef243a4aef2edba14dbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 03 Dec 2022 12:10:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H2 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 84ms
84ms Preflight
text/html 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sat, 03 Dec 2022 12:10:38 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 54E0 90 B
178 B 151ms
151ms XHR
application/json+protobuf 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/nb_NO/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

a0ed285e9ed9141500f02f9301e407ecc5f864bf4ecb8566737e43b813f4a47c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 03 Dec 2022 12:10:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H2 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 84ms
83ms Preflight
text/html 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sat, 03 Dec 2022 12:10:38 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET bigcasino://play?&coupon=RPOP_1M_20221203_TW_gnweikv_CM
bigcasino://play?&coupon=RPOP_1M_20221203_TW_gnweikv_CM 0
0

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 0526 28 B
342 B 91ms
91ms XHR
application/json 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
X-Goog-Request-Time: 1670069438057
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/wyWxrnkQgOc
X-YouTube-Client-Version: 1.20221130.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgstc0hmbnZ2dUgtNCi8-aycBg%3D%3D
X-YouTube-Ad-Signals: dt=1670069437086&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Sat, 03 Dec 2022 12:10:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Sat, 03 Dec 2022 12:10:38 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 54E0 28 B
174 B 168ms
168ms XHR
application/json 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
X-Goog-Request-Time: 1670069438060
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/wyWxrnkQgOc
X-YouTube-Client-Version: 1.20221130.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgstcTV0V1N4am5ZUSi8-aycBg%3D%3D
X-YouTube-Ad-Signals: dt=1670069436936&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Sat, 03 Dec 2022 12:10:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Sat, 03 Dec 2022 12:10:38 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 0526 28 B
197 B 90ms
89ms XHR
application/json 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
X-Goog-Request-Time: 1670069440275
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/wyWxrnkQgOc
X-YouTube-Client-Version: 1.20221130.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgstc0hmbnZ2dUgtNCi8-aycBg%3D%3D
X-YouTube-Ad-Signals: dt=1670069437086&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Sat, 03 Dec 2022 12:10:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Sat, 03 Dec 2022 12:10:40 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 54E0 28 B
174 B 250ms
250ms XHR
application/json 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dab28f34/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
X-Goog-Request-Time: 1670069440277
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/wyWxrnkQgOc
X-YouTube-Client-Version: 1.20221130.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgstcTV0V1N4am5ZUSi8-aycBg%3D%3D
X-YouTube-Ad-Signals: dt=1670069436936&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Sat, 03 Dec 2022 12:10:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Sat, 03 Dec 2022 12:10:40 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: play
URL: bigcasino://play?&coupon=RPOP_1M_20221203_TW_gnweikv_CM

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.popslots.casino/	1970-01-20 12:13:41	Name: _bit Value: mb3cay-9a37bb96cc18c6a4aa-000
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 93BHHkbXiW8
.youtube.com/	1970-01-20 12:13:41	Name: VISITOR_INFO1_LIVE Value: -sHfnvvuH-4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.popslotscasino.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
landingpages.popslotscasino.com
play
popslots.casino
static.doubleclick.net
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
play
13.225.78.109
142.250.181.230
142.250.185.106
142.250.185.138
142.250.185.182
142.250.185.193
142.250.185.195
142.250.185.226
142.250.185.238
142.250.186.35
172.217.18.10
172.217.18.4
18.66.122.91
67.199.248.13
04015ebb7467883b96ba76970d52155b41ec6877f3c3f5bc018f9c3fb32dd20f
1c8fb02f68e820bfcc5da89d05e5903e066828ef585e86d69b585af69f21216e
2461ab8d8634e912050ae589ea4c1b3ff2a3835ea10926f5333d40b13424a803
2a01595aedf5f7e940a6ea205522e35661cf1c3b05299b777b9d44a0155b2494
302e19efc4e6cba8dc9a509e4eb2825cc990f1d8d267ef243a4aef2edba14dbf
3c9bca38965c1f3a3b95c9dbd4d83da9d4693eec41e0afe0d47ee25811a81aa7
3d56b0f8753d44d28a3897320a706269ab3ffa05ebb99530e4aedbdd2008b53d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
430e6b5a7fc682fcb6e9289687c504b2d86be9ff897b4d7bca3efc30193b6f4a
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
597166803322b415b77d75a82a2ec8c0507d0254765ee61c5aadac029483b358
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
64c7efcd7ba4b45d4f13b213148cc9f4f2cb289bf08024471e83dd2528644ea1
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b27fe6579f4e90f9b7f692f2fb1ef667fba1a680874c71a3560b36ffface662
7beee22f05326e6b35fe4737c4639433f496bac10e22e2b9ae23068a3d2aba29
7e46889937c7bc04b94d5f4ad512f830e2fb76062cf57132a72f0bf305e02667
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
85396fffdff6b2a01db0580728d4fade646224aef6004c00c7eabe25222359d9
87e86ebfc90656581401441d2d4d40876c0b639d9377adc876284b831dae6473
9e266c87ad4ccde16ed22725e4369cbcb9522ad41233d435a2e5636f463907b2
a094e0727c302b9b5548d226f59ede76ef692df130c8b073c289ecfc85488666
a0ed285e9ed9141500f02f9301e407ecc5f864bf4ecb8566737e43b813f4a47c
a174ce3d0e66cfea95ba4288c928291b37bd679f3044ac1a7f4dc3958036be11
a3126e07d6df6c47b8ab2b5f59c22506d96b4e9490381c2f514170ce63981073
a514d65a4e63b8ea77a8db65cf314bc263f35c4a25fac895ae4790d65a93bb03
a824163a55900fb521ac64d81e2ac209ec0ef83a9bc7186432a543ce76a069e9
b04d249bb558c621971b2ba1ef2e600ff0c25100bf282c42a3455e158ba0bbdc
c122b0ae0cc327b2721682eb6129ada9781d7fbd9b22bc54d91ed8c941d42bad
ca2021f9363c0570ca042747a43d84b7b1d650b686443c809503019d6ea6be70
cd4129383f223dae8c6fd5473fe29db3182cc0e572df2f6065d6ae46d7cc43b8
d200da9bb0568390ed33480cfc246d67d4c0822905073a187f10bf23e5d497b2
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea0a9c76306a72870d28a3cb8d27ad75574b1aa8726c18b3d9933abf09bdf178
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
fd2962516c2171c438fb2ecbbc1f11a79ea98589ea3f50734fc06896a747b821

landingpages.popslotscasino.com Open in urlscan Pro 13.225.78.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

95 %HTTPS

0 %IPv6

10 Domains

15 Subdomains

13 IPs

1 Countries

2722 kBTransfer

7284 kBSize

3 Cookies

4 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

landingpages.popslotscasino.com Open in urlscan Pro
13.225.78.109 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

95 %
HTTPS

0 %
IPv6

10
Domains

15
Subdomains

13
IPs

1
Countries

2722 kB
Transfer

7284 kB
Size

3
Cookies

60 HTTP transactions
2 data transactions