rv589.facialbeautyinc.com Open in urlscan Pro
38.12.112.75  Public Scan

48 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

• https://3ae.jp/RS9EM HTTP 302
• https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome

Request Chain 121

• https://googleads.g.doubleclick.net/pagead/id HTTP 302
• https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

157 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response rv589.facialbeautyinc.com/	70 KB 18 KB	1625ms 885ms	Document text/html	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Full URL https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 4af4ef01d87b583df94876dc016a47b2e9bdc9c5455bbaa159cea0174eabd1dc Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 25 Mar 2024 22:04:15 GMT server nginx strict-transport-security max-age=31536000 vary Accept-Encoding
GET H2	200	css.js Show response rv589.facialbeautyinc.com/wp-includes/js/	578 B 791 B	237ms 200ms	Script application/javascript	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Full URL https://rv589.facialbeautyinc.com/wp-includes/js/css.js Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash ffbfd9f34ee9087939569403ce4ae1acf0179a0722543896cec86c53744cb81c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:15 GMT strict-transport-security max-age=31536000 last-modified Wed, 27 Sep 2023 11:52:22 GMT server nginx etag "65141776-242" content-type application/javascript cache-control max-age=43200 accept-ranges bytes content-length 578 expires Tue, 26 Mar 2024 10:04:15 GMT
GET H2	200	html5.js Show response rv589.facialbeautyinc.com/wp-includes/js/	6 KB 3 KB	236ms 201ms	Script application/javascript	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Full URL https://rv589.facialbeautyinc.com/wp-includes/js/html5.js Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 30df9a171e2e9ec95a4f4682c0c6ceebc6ebdcd8120a25679cc7b06a26bdaa3e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:15 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Thu, 07 Mar 2024 13:46:27 GMT server nginx etag W/"65e9c533-18d8" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 expires Tue, 26 Mar 2024 10:04:15 GMT
GET H2	200	fonts.css rv589.facialbeautyinc.com/wp-content/themes/KAjp3/css/	146 B 349 B	173ms 137ms	Stylesheet text/css	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/css/fonts.css Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 2cf1bb309d429fa4e99f311a284b152424f8ff2c4fb5f09737f3c36965052af7 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:15 GMT strict-transport-security max-age=31536000 last-modified Sun, 05 Mar 2023 03:45:24 GMT server nginx etag "64041054-92" content-type text/css cache-control max-age=43200 accept-ranges bytes content-length 146 expires Tue, 26 Mar 2024 10:04:15 GMT
GET H2	200	base.css rv589.facialbeautyinc.com/wp-content/themes/KAjp3/css/	7 KB 2 KB	174ms 138ms	Stylesheet text/css	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/css/base.css Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash e0999fb7365f6136f9591f81be3dca0415845f91a7d58a37e52cde077a50e9cc Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:15 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Sun, 05 Mar 2023 03:45:24 GMT server nginx etag W/"64041054-1d41" vary Accept-Encoding content-type text/css cache-control max-age=43200 expires Tue, 26 Mar 2024 10:04:15 GMT
GET H2	200	module_common.css rv589.facialbeautyinc.com/wp-content/themes/KAjp3/css/	36 KB 3 KB	173ms 139ms	Stylesheet text/css	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/css/module_common.css Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 7fe1762d4162940f3b257612edde10d27a53e3e684f3456cf045754b38b58f42 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:15 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Sun, 05 Mar 2023 03:45:24 GMT server nginx etag W/"64041054-8f8c" vary Accept-Encoding content-type text/css cache-control max-age=43200 expires Tue, 26 Mar 2024 10:04:15 GMT
GET H2	200	module_layout.css rv589.facialbeautyinc.com/wp-content/themes/KAjp3/css/	213 KB 23 KB	173ms 140ms	Stylesheet text/css	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/css/module_layout.css Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash a676a51c010a59c8b44de56788e5de0a183c2fee523c3c733f06e3d3f81a40b9 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:15 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Sun, 05 Mar 2023 03:45:24 GMT server nginx etag W/"64041054-354d2" vary Accept-Encoding content-type text/css cache-control max-age=43200 expires Tue, 26 Mar 2024 10:04:15 GMT
GET H2	200	global.css rv589.facialbeautyinc.com/wp-content/themes/KAjp3/css/	116 KB 14 KB	229ms 195ms	Stylesheet text/css	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/css/global.css Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 69257c26053819e39a13050efa4708002ca810f778a165e7f38b67ad27b405ce Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:15 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Sun, 05 Mar 2023 03:45:24 GMT server nginx etag W/"64041054-1d03c" vary Accept-Encoding content-type text/css cache-control max-age=43200 expires Tue, 26 Mar 2024 10:04:15 GMT
GET H2	200	index.css rv589.facialbeautyinc.com/wp-content/themes/KAjp3/css/	64 KB 9 KB	231ms 199ms	Stylesheet text/css	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/css/index.css Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash a273847f1d1eb97804d60bfe41d15e2c0ff8cb9da053c802226f9d18bfba1d0d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:15 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Sun, 05 Mar 2023 03:45:24 GMT server nginx etag W/"64041054-10032" vary Accept-Encoding content-type text/css cache-control max-age=43200 expires Tue, 26 Mar 2024 10:04:15 GMT
GET H2	200	jquery-3.2.1.min.js Show response rv589.facialbeautyinc.com/wp-content/themes/KAjp3/js/	85 KB 33 KB	267ms 236ms	Script application/javascript	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/js/jquery-3.2.1.min.js Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:15 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Sun, 05 Mar 2023 03:45:24 GMT server nginx etag W/"64041054-15283" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 expires Tue, 26 Mar 2024 10:04:15 GMT
GET H2	200	lib.js Show response rv589.facialbeautyinc.com/wp-content/themes/KAjp3/js/	97 KB 38 KB	272ms 240ms	Script application/javascript	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/js/lib.js Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash b26a1b56dbe288dc221673d8bfc6de38f0f6dc2a520d77033eabc1bd5452d7a4 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:15 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Sun, 05 Mar 2023 03:45:24 GMT server nginx etag W/"64041054-18496" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 expires Tue, 26 Mar 2024 10:04:15 GMT
GET H2	200	initialize.js Show response rv589.facialbeautyinc.com/wp-content/themes/KAjp3/js/	75 KB 22 KB	269ms 241ms	Script application/javascript	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/js/initialize.js Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 48f26fe594822511bf07120d188f886f4cf0fb45278b981a375021b79e881dda Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:15 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Sun, 05 Mar 2023 03:45:24 GMT server nginx etag W/"64041054-12de0" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 expires Tue, 26 Mar 2024 10:04:15 GMT
GET H2	200	lang.js Show response rv589.facialbeautyinc.com/wp-content/themes/KAjp3/js/	3 KB 975 B	269ms 242ms	Script application/javascript	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/js/lang.js Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 9e38e74e30e8fb8ec1bcda553819cb3484e87cc9daeb522d6b99aba0961056a2 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:15 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Sun, 05 Mar 2023 03:45:24 GMT server nginx etag W/"64041054-c78" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 expires Tue, 26 Mar 2024 10:04:15 GMT
GET H2	200	link.js Show response rv589.facialbeautyinc.com/wp-content/themes/KAjp3/js/	428 B 641 B	270ms 242ms	Script application/javascript	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/js/link.js Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 048e91b3704b347dfe098a935cc89912e06d10840e244a96e07f72f8bd2c290a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:15 GMT strict-transport-security max-age=31536000 last-modified Sun, 05 Mar 2023 03:45:24 GMT server nginx etag "64041054-1ac" content-type application/javascript cache-control max-age=43200 accept-ranges bytes content-length 428 expires Tue, 26 Mar 2024 10:04:15 GMT
GET H2	200	cn.js Show response rv589.facialbeautyinc.com/wp-content/themes/KAjp3/js/	16 B 228 B	269ms 244ms	Script application/javascript	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/js/cn.js Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 88fcc4358f1f2f8e232e203a134df8c931732bca8e9e3b0ff4fb0c6887cd2df4 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:15 GMT strict-transport-security max-age=31536000 last-modified Sun, 05 Mar 2023 03:45:24 GMT server nginx etag "64041054-10" content-type application/javascript cache-control max-age=43200 accept-ranges bytes content-length 16 expires Tue, 26 Mar 2024 10:04:15 GMT
GET H2	200	index.js Show response rv589.facialbeautyinc.com/wp-content/themes/KAjp3/js/	35 KB 8 KB	269ms 244ms	Script application/javascript	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/js/index.js Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 099127967d7680004756dc38f54b5ec88a128c495ffbdd4f178a637478ddf063 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:15 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Sun, 05 Mar 2023 03:45:24 GMT server nginx etag W/"64041054-8c1d" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 expires Tue, 26 Mar 2024 10:04:15 GMT
GET H2	200	gakumon_bnr_pc.jpg rv589.facialbeautyinc.com/wp-content/themes/KAjp3/img/	70 KB 71 KB	278ms 253ms	Image image/jpeg	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/img/gakumon_bnr_pc.jpg Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 77ced8c1d9df602d73cc6c4075631373ebbb6c534eae37261460bc3ef860da92 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:15 GMT strict-transport-security max-age=31536000 last-modified Sun, 05 Mar 2023 03:45:24 GMT server nginx etag "64041054-11940" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 72000 expires Wed, 24 Apr 2024 22:04:15 GMT
GET H2	200	gakumon_bnr_sp.jpg rv589.facialbeautyinc.com/wp-content/themes/KAjp3/img/	116 KB 116 KB	287ms 263ms	Image image/jpeg	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/img/gakumon_bnr_sp.jpg Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash df5a5fa19616f5847a07a410ccd7739bb8686d4b745ac5db7125b3338a4957a2 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:15 GMT strict-transport-security max-age=31536000 last-modified Sun, 05 Mar 2023 03:45:24 GMT server nginx etag "64041054-1d023" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 118819 expires Wed, 24 Apr 2024 22:04:15 GMT
GET H2	200	K888VIP-1110.png rv589.facialbeautyinc.com/pics/	5 KB 5 KB	104ms 102ms	Image image/png	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/pics/K888VIP-1110.png Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 552da507c8d6e90d038c9f60f9135d19a6a865ea7e60dc03ea923e28c8f40a34 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Thu, 14 Jul 2022 09:05:00 GMT server nginx etag "62cfdc3c-1218" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 4632 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	202208708.jpg rv589.facialbeautyinc.com/pics/	13 KB 13 KB	105ms 103ms	Image image/jpeg	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/pics/202208708.jpg Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 4dcf15c81b64ced5e566820a7552eecefbec05338295057b1fdb3d5f010ada13 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Fri, 12 Aug 2022 08:10:34 GMT server nginx etag "62f60afa-345c" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 13404 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	h5Bfr5PV.jpg rv589.facialbeautyinc.com/pics/	2 KB 2 KB	129ms 92ms	Image image/jpeg	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/pics/h5Bfr5PV.jpg Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash ffdb347515d7f4fc9876cbdd94f0b8a9982d34dc03cc451009d6f83584879a43 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Thu, 08 May 2014 05:18:38 GMT server nginx etag "536b13ae-8ac" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 2220 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	K888VIP-3196.png rv589.facialbeautyinc.com/pics/	6 KB 6 KB	130ms 93ms	Image image/png	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/pics/K888VIP-3196.png Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 214172440c30a14748f51e811393255019c791bdac9d391b712c94eb96efd98d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Thu, 14 Jul 2022 08:56:26 GMT server nginx etag "62cfda3a-16c9" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 5833 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	Lv5X9ZJb.jpg rv589.facialbeautyinc.com/pics/	3 KB 3 KB	134ms 97ms	Image image/jpeg	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/pics/Lv5X9ZJb.jpg Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash e36a8fde8cbe31dd7dfd42227936179a693763707521d87b469e13a709c9e1cd Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Thu, 08 May 2014 05:19:16 GMT server nginx etag "536b13d4-a34" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 2612 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	202208348.jpg rv589.facialbeautyinc.com/pics/	3 KB 3 KB	151ms 114ms	Image image/jpeg	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/pics/202208348.jpg Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash c86c8075ac3c3ee2cba9fa4beef237cc20575acc85e177880a71ff8e4d6882c6 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Fri, 12 Aug 2022 08:10:08 GMT server nginx etag "62f60ae0-c23" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 3107 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	K888VIP-0571.jpg rv589.facialbeautyinc.com/pics/	3 KB 4 KB	152ms 116ms	Image image/jpeg	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/pics/K888VIP-0571.jpg Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash d43d3df226f9fce0f6fb14c4c947e7fd2bd56c105189b035ef34959b8a65b1d9 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Sun, 04 May 2014 02:04:08 GMT server nginx etag "5365a018-d94" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 3476 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	K888VIP-3338.png rv589.facialbeautyinc.com/pics/	6 KB 6 KB	155ms 119ms	Image image/png	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/pics/K888VIP-3338.png Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash fcdedf8a2febdff5e5cf3edc3e23b030dc7279a24a9cea549989fd8d02913877 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Thu, 14 Jul 2022 08:57:48 GMT server nginx etag "62cfda8c-18ef" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 6383 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	facebook_01.png rv589.facialbeautyinc.com/wp-content/themes/KAjp3/img/	346 B 551 B	181ms 146ms	Image image/png	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/img/facebook_01.png Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash aea518c8c713fbfd9ab8f48e3d235edfc6d4ee7889644335b38b3daa866c6f90 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Sun, 05 Mar 2023 03:45:24 GMT server nginx etag "64041054-15a" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 346 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	twitter_01.png rv589.facialbeautyinc.com/wp-content/themes/KAjp3/img/	998 B 1 KB	181ms 146ms	Image image/png	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/img/twitter_01.png Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 6098142e1f2ec969625001f395ef92795e37864d3c8f380ce9394044540a5340 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Sun, 05 Mar 2023 03:45:24 GMT server nginx etag "64041054-3e6" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 998 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	instagram_01.png rv589.facialbeautyinc.com/wp-content/themes/KAjp3/img/	3 KB 3 KB	181ms 147ms	Image image/png	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/img/instagram_01.png Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash e48064cc028c63e61841f3c979e599b5a8255bcf1c3f5d0efec15216ce2c4fa0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Sun, 05 Mar 2023 03:45:24 GMT server nginx etag "64041054-a13" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 2579 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	youtube_01.png rv589.facialbeautyinc.com/wp-content/themes/KAjp3/img/	2 KB 2 KB	216ms 182ms	Image image/png	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/img/youtube_01.png Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 0bd7063d4759f79bd02b56ed8106d5fccf7020f83d0cda6125c0f885838525fb Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Sun, 05 Mar 2023 03:45:24 GMT server nginx etag "64041054-720" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 1824 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	linkedin_01.png rv589.facialbeautyinc.com/wp-content/themes/KAjp3/img/	602 B 807 B	216ms 178ms	Image image/png	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/img/linkedin_01.png Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 1747f1ebe39426f1008a9767d52efcf9d52961f0dc58e97d90f64bf349622a55 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Sun, 05 Mar 2023 03:45:24 GMT server nginx etag "64041054-25a" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 602 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	footer_title_01.png rv589.facialbeautyinc.com/wp-content/themes/KAjp3/img/	16 KB 16 KB	217ms 179ms	Image image/png	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/img/footer_title_01.png Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash d881e3ac1afd6e348ff9f2d3a6b69a3ebca9ee7e0a61c5198ceef7ff57797d7b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Sun, 05 Mar 2023 03:45:24 GMT server nginx etag "64041054-3f77" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 16247 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	footer_title_01_sp.png rv589.facialbeautyinc.com/wp-content/themes/KAjp3/img/	31 KB 31 KB	220ms 183ms	Image image/png	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/img/footer_title_01_sp.png Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 653d44ab8cce9fe18abd1e1903f4988ab41193f2ca8cd4979fb50b05bced19a8 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Sun, 05 Mar 2023 03:45:24 GMT server nginx etag "64041054-7a1b" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 31259 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	title_01.png rv589.facialbeautyinc.com/wp-content/themes/KAjp3/img/	120 KB 121 KB	331ms 294ms	Image image/png	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/img/title_01.png Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 39ae95d9e9871b84e09548833db082b838b80ace1b8cfdb2a9d12691070324b0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Sun, 05 Mar 2023 03:45:24 GMT server nginx etag "64041054-1e1e9" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 123369 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	title_01_sp.png rv589.facialbeautyinc.com/wp-content/themes/KAjp3/img/	18 KB 18 KB	433ms 396ms	Image image/png	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/img/title_01_sp.png Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash f86f3a4b3b67e7bc07d02083be2cb33fe1f6b0ad08b18ddc470e9085748848c9 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Sun, 05 Mar 2023 03:45:24 GMT server nginx etag "64041054-46e5" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 18149 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	search_01.png rv589.facialbeautyinc.com/wp-content/themes/KAjp3/img/	918 B 1 KB	464ms 427ms	Image image/png	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/img/search_01.png Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 445c088ad5dc233ee2e9bb51406ca29818a4ed0b53c7de3c8d9e70c7a146dfe9 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Sun, 05 Mar 2023 03:45:24 GMT server nginx etag "64041054-396" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 918 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	access_01.png rv589.facialbeautyinc.com/wp-content/themes/KAjp3/img/	654 B 859 B	464ms 428ms	Image image/png	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/img/access_01.png Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash ecb53f3c82145e8f9ed95167091d082f57a829be5cf2d1ca63d2fc0e3a7d632e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Sun, 05 Mar 2023 03:45:24 GMT server nginx etag "64041054-28e" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 654 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	language_01.png rv589.facialbeautyinc.com/wp-content/themes/KAjp3/img/	639 B 844 B	465ms 428ms	Image image/png	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/img/language_01.png Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 4639e006e21ac6284459a6db8016f7d59a8f4e161f9019b256b94126b59e5783 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Sun, 05 Mar 2023 03:45:24 GMT server nginx etag "64041054-27f" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 639 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	a3bb9abc1df443ea870df4435f223507.js Show response rv589.facialbeautyinc.com/wp-content/themes/KAjp3/js/	14 KB 6 KB	129ms 92ms	Script application/javascript	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/js/a3bb9abc1df443ea870df4435f223507.js Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Sun, 05 Mar 2023 03:45:24 GMT server nginx etag W/"64041054-3638" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 expires Tue, 26 Mar 2024 10:04:16 GMT
GET H2	200	red-hair_1f9b0.png rv589.facialbeautyinc.com/pics/	4 KB 4 KB	465ms 429ms	Image image/png	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/pics/red-hair_1f9b0.png Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash bdfbf2a0a077ba93856c03317eabe57b6d37d4c441fbf297dae6e14a31b6a709 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Thu, 14 Jul 2022 08:58:32 GMT server nginx etag "62cfdab8-1020" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 4128 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	K888VIP-0556.jpg rv589.facialbeautyinc.com/pics/	5 KB 5 KB	465ms 429ms	Image image/jpeg	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/pics/K888VIP-0556.jpg Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 580ca82def51df54357900f87920f0adb99e8e6c820dbb973636fe28e23a7edd Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Sun, 04 May 2014 02:04:08 GMT server nginx etag "5365a018-1508" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 5384 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	202209081.jpg rv589.facialbeautyinc.com/pics/	4 KB 5 KB	466ms 430ms	Image image/jpeg	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/pics/202209081.jpg Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 2ca71784c5c71be53d7359e90872d257467e3945522d7aed2cc7f5be27f5c671 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Fri, 12 Aug 2022 08:12:12 GMT server nginx etag "62f60b5c-11b1" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 4529 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	QU84W0U0.jpg rv589.facialbeautyinc.com/pics/	3 KB 3 KB	466ms 430ms	Image image/jpeg	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/pics/QU84W0U0.jpg Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 4351b8f0652b398a6af1facad96ca9c367576bb0c6128cfa771c5c146dc912b8 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Thu, 08 May 2014 05:18:54 GMT server nginx etag "536b13be-bdc" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 3036 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	jbJ9f1LN.jpg rv589.facialbeautyinc.com/pics/	2 KB 2 KB	466ms 431ms	Image image/jpeg	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/pics/jbJ9f1LN.jpg Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash b4dddb12be0494815e9d36f210da1cc37b2f943d0360407d624ff21b6b12ae54 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Thu, 08 May 2014 05:18:44 GMT server nginx etag "536b13b4-78e" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 1934 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	202208952.jpg rv589.facialbeautyinc.com/pics/	1 KB 1 KB	475ms 440ms	Image image/jpeg	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/pics/202208952.jpg Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash b30b6ee73f72a5b689980198139da0a51905bbc812e43860ee04d59c2276a62c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Fri, 12 Aug 2022 08:11:36 GMT server nginx etag "62f60b38-510" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 1296 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	xrX5zXvP.jpg rv589.facialbeautyinc.com/pics/	3 KB 4 KB	476ms 441ms	Image image/jpeg	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/pics/xrX5zXvP.jpg Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 0aa381e1bd38e831032eed63e9bd2c7e275add3e02ae12634e7acac42f5f7e70 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Thu, 08 May 2014 05:18:40 GMT server nginx etag "536b13b0-d68" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 3432 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	K888VIP-0315.jpeg rv589.facialbeautyinc.com/pics/	7 KB 8 KB	477ms 442ms	Image image/jpeg	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/pics/K888VIP-0315.jpeg Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 483fe63ecfc7e08d6d5d58fbea0ae124ade06c425846247972f00f67318efcea Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Thu, 11 Aug 2022 19:46:40 GMT server nginx etag "62f55ca0-1d33" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 7475 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	baby-angel_1f47c.png rv589.facialbeautyinc.com/pics/	5 KB 6 KB	477ms 443ms	Image image/png	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/pics/baby-angel_1f47c.png Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 74861105dc0bd5b2afbe26f1419ae412e1458bf3b3f6b69259f05cf8ee424e5b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Thu, 14 Jul 2022 08:52:50 GMT server nginx etag "62cfd962-1589" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 5513 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	K888VIP-2370.png rv589.facialbeautyinc.com/pics/	5 KB 5 KB	505ms 471ms	Image image/png	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/pics/K888VIP-2370.png Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 37a7b32bf5ef21fb7170c54b23d8fc0f93d4a6e0b6560a1656cdcd20c5b86f84 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Thu, 14 Jul 2022 08:48:24 GMT server nginx etag "62cfd858-1322" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 4898 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	K888VIP-2188.png rv589.facialbeautyinc.com/pics/	5 KB 6 KB	506ms 472ms	Image image/png	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/pics/K888VIP-2188.png Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 74f4aecf590ce19eb2e217eaaae8121b1e555a04d617f48ba850e16197d933af Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Thu, 14 Jul 2022 08:49:28 GMT server nginx etag "62cfd898-1540" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 5440 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	K888VIP-2792.png rv589.facialbeautyinc.com/pics/	4 KB 4 KB	506ms 473ms	Image image/png	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/pics/K888VIP-2792.png Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 474277f01f8618f4117847d5e97862e9356d2198c5a84975822f38500821e25c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Thu, 14 Jul 2022 08:52:32 GMT server nginx etag "62cfd950-10be" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 4286 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	202208945.jpg rv589.facialbeautyinc.com/pics/	8 KB 9 KB	507ms 473ms	Image image/jpeg	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/pics/202208945.jpg Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash b1180dc93779f1469a657f0189d341cc6610e58e246763c1b2c98907ab260324 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Fri, 12 Aug 2022 08:11:34 GMT server nginx etag "62f60b36-2127" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 8487 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	K888VIP-2062.png rv589.facialbeautyinc.com/pics/	6 KB 6 KB	507ms 474ms	Image image/png	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/pics/K888VIP-2062.png Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 896c7481fffcb5bc5942dcf5e4c9310580984903fd992a74d2a4d2b37630790e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Thu, 14 Jul 2022 08:53:38 GMT server nginx etag "62cfd992-18dc" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 6364 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	H5lN7b9j.jpg rv589.facialbeautyinc.com/pics/	3 KB 3 KB	507ms 475ms	Image image/jpeg	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/pics/H5lN7b9j.jpg Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash acb4457037c40ef4620dc18acc27210a79a0555303883844f999958909ba71f0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Thu, 08 May 2014 05:19:06 GMT server nginx etag "536b13ca-a15" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 2581 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	202208749.jpg rv589.facialbeautyinc.com/pics/	4 KB 4 KB	507ms 475ms	Image image/jpeg	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/pics/202208749.jpg Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 202895d5b1d6d5b42c8b2012bb662e8d99d524361b631c44fc11d61e433d4ddb Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Fri, 12 Aug 2022 08:10:58 GMT server nginx etag "62f60b12-e3b" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 3643 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	K888VIP-0088.png rv589.facialbeautyinc.com/pics/	6 KB 6 KB	507ms 476ms	Image image/png	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/pics/K888VIP-0088.png Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash fcee4271d91ee1ac1a4444312fab3dc988d55b83e83ce4a806998bc72da91c77 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Thu, 14 Jul 2022 08:45:56 GMT server nginx etag "62cfd7c4-179e" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 6046 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	202208669.jpg rv589.facialbeautyinc.com/pics/	1 KB 1 KB	521ms 490ms	Image image/jpeg	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/pics/202208669.jpg Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 6a3d2f583a3b8fe53b14b79a3afbde4f8c2392416aef246f702b1b32eb3889f2 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Fri, 12 Aug 2022 08:10:36 GMT server nginx etag "62f60afc-4fa" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 1274 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	202208600.jpg rv589.facialbeautyinc.com/pics/	129 B 335 B	521ms 490ms	Image image/jpeg	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/pics/202208600.jpg Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 6e4caa1a394b9f866d9860965f22554c9b742105a7468fabfd16237391929afe Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Fri, 12 Aug 2022 08:11:10 GMT server nginx etag "62f60b1e-81" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 129 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	menu_btn_canvas_01.gif rv589.facialbeautyinc.com/wp-content/themes/KAjp3/img/	142 B 347 B	521ms 491ms	Image image/gif	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Show image Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/img/menu_btn_canvas_01.gif Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 26acdde27109d675f0135fb0f67c6e77332906cba92f34a3611a59a8fb0e701b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Sun, 05 Mar 2023 03:45:24 GMT server nginx etag "64041054-8e" content-type image/gif cache-control max-age=2592000 accept-ranges bytes content-length 142 expires Wed, 24 Apr 2024 22:04:16 GMT
GET H2	200	matomo.js Show response 1etu.com/	65 KB 24 KB	485ms 264ms	Script application/javascript	69.197.129.106 WII
General Check archive.org Show headers Download Go to Full URL https://1etu.com/matomo.js Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/wp-includes/js/css.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 69.197.129.106 , United States, ASN32097 (WII, US), Reverse DNS termdot.com Software nginx / Resource Hash b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma public date Mon, 25 Mar 2024 22:04:16 GMT content-encoding gzip last-modified Mon, 12 Feb 2024 07:12:17 GMT server nginx etag W/"65c9c4d1-1042f" vary Accept-Encoding content-type application/javascript cache-control max-age=3600, public expires Mon, 25 Mar 2024 23:04:16 GMT
GET H/1.1	200 OK	/ Show response lp.k8.io/ Frame 674C Redirect Chain https://3ae.jp/RS9EM https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome	130 KB 130 KB	1016ms 348ms	Document text/html	34.34.143.37 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/wp-includes/js/html5.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.34.143.37 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 37.143.34.34.bc.googleusercontent.com Software nginx/1.25.4 / Resource Hash 558c860b795a44868f9e5c0e857a40de9a8de489cc364000b34dd7d29870130f Request headers Referer https://rv589.facialbeautyinc.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Length 132982 Content-Type text/html Date Mon, 25 Mar 2024 22:04:17 GMT ETag "65fd4050-20776" Last-Modified Fri, 22 Mar 2024 08:24:48 GMT Server nginx/1.25.4 Redirect headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 86a2321a2a14d9bd-MIA content-type text/html; charset=UTF-8 date Mon, 25 Mar 2024 22:04:16 GMT location https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9UJiO%2FX%2FfSZKsaOuZcqVqvhc0pOUOooNEAnBtPxGrQI%2Bl447SKNQb3sgg4bLBFMtoN3C29jFSblwVuW9OcmKBhUbXQKbB92Y5ORX%2Fy5E2f%2Ff3gdr58qn5oV9lE%2FbkIbF0GbxFlM%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=31536000
GET H2	200	print.css rv589.facialbeautyinc.com/wp-content/themes/KAjp3/css/	451 B 654 B	521ms 491ms	Stylesheet text/css	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/css/print.css Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 4c0d33e40a4642e16b7c36f4008c0e49fa9d70821a57032b45af3821789d2ed6 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://rv589.facialbeautyinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 last-modified Sun, 05 Mar 2023 03:45:24 GMT server nginx etag "64041054-1c3" content-type text/css cache-control max-age=43200 accept-ranges bytes content-length 451 expires Tue, 26 Mar 2024 10:04:16 GMT
GET H2	200	notosansjp-regular.woff2 rv589.facialbeautyinc.com/wp-content/themes/KAjp3/fonts/	250 KB 53 KB	4652ms 4638ms	Font text/html	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/fonts/notosansjp-regular.woff2 Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/css/base.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 3c59539eacb65734fdf2641b60ed8672f800602d42004659ca4304a48319edb3 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/css/base.css Origin https://rv589.facialbeautyinc.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:20 GMT strict-transport-security max-age=31536000 content-encoding gzip server nginx vary Accept-Encoding content-type text/html; charset=UTF-8
GET H2	200	notosansjp-bold.woff2 rv589.facialbeautyinc.com/wp-content/themes/KAjp3/fonts/	46 KB 16 KB	446ms 439ms	Font text/html	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/fonts/notosansjp-bold.woff2 Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/css/base.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash b7d8e178a0f4d675636e3362ac5e4b50b23cf577c7df056a34c45346712f18dd Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/css/base.css Origin https://rv589.facialbeautyinc.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:16 GMT strict-transport-security max-age=31536000 content-encoding gzip server nginx vary Accept-Encoding content-type text/html; charset=UTF-8
GET H2	200	notosansjp-medium.woff2 rv589.facialbeautyinc.com/wp-content/themes/KAjp3/fonts/	75 KB 23 KB	797ms 789ms	Font text/html	38.12.112.75 PEG-LA
General Check archive.org Show headers Download Go to Full URL https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/fonts/notosansjp-medium.woff2 Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/css/base.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.12.112.75 San Jose, United States, ASN398823 (PEG-LA, US), Reverse DNS Software nginx / Resource Hash 1dec548d9ac63d65abad7a8e8ce38b485f9ba071b88d02f5048fb93c83ffaa72 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/css/base.css Origin https://rv589.facialbeautyinc.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:17 GMT strict-transport-security max-age=31536000 content-encoding gzip server nginx vary Accept-Encoding content-type text/html; charset=UTF-8
GET H2	200	NotoSansJP-Bold.woff fonts.gstatic.com/ea/notosansjapanese/v6/	2 MB 2 MB	534ms 144ms	Font font/woff	2607:f8b0:4006:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/ea/notosansjapanese/v6/NotoSansJP-Bold.woff Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/css/base.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ae76fa4eb047884ef4b9a5cc8730b4862bc6c5671fe287af9faefc634e789589 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://rv589.facialbeautyinc.com/ Origin https://rv589.facialbeautyinc.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 20 Mar 2024 09:19:18 GMT x-content-type-options nosniff age 477900 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1932872 x-xss-protection 0 last-modified Tue, 22 Sep 2015 23:26:49 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 20 Mar 2025 09:19:18 GMT
GET H2	200	NotoSansJP-Medium.woff fonts.gstatic.com/ea/notosansjapanese/v6/	2 MB 2 MB	459ms 68ms	Font font/woff	2607:f8b0:4006:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/ea/notosansjapanese/v6/NotoSansJP-Medium.woff Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/css/base.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 38929b2f3d718ca373981d33cb0fd82d9e7ff3d6455361d127f4ec947bedc655 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://rv589.facialbeautyinc.com/ Origin https://rv589.facialbeautyinc.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 20 Mar 2024 08:01:50 GMT x-content-type-options nosniff age 482548 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1883596 x-xss-protection 0 last-modified Tue, 22 Sep 2015 23:26:49 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 20 Mar 2025 08:01:50 GMT
GET H/1.1	200 OK	matomo.js Show response lp.k8.io/js/ Frame 674C	698 B 949 B	332ms 143ms	Script application/javascript	34.34.143.37 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lp.k8.io/js/matomo.js Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.34.143.37 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 37.143.34.34.bc.googleusercontent.com Software nginx/1.25.4 / Resource Hash a8e1b559626818442221c09e5e3516db33fecbd283780100d9dd693cc11e13cf Request headers accept-language en-US,en;q=0.9 Referer https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 25 Mar 2024 22:04:18 GMT Last-Modified Fri, 22 Mar 2024 08:24:49 GMT Server nginx/1.25.4 ETag "65fd4051-2ba" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 698
GET H2	200	youtube_iframe.js Show response videos.k8team.top/ Frame 674C	413 B 703 B	433ms 48ms	Script application/javascript	2606:4700:3033::6815:390 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://videos.k8team.top/youtube_iframe.js?v=1.0.0 Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:390 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a319f6886cee048fde644f68a75993049ecf010e4631189780bec633470465bb Request headers accept-language en-US,en;q=0.9 Referer https://lp.k8.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:18 GMT content-encoding br cf-cache-status HIT last-modified Mon, 04 Mar 2024 07:41:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 42320 etag W/"65e57b18-19d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bum%2FqUz%2Fr8AeJDp1lL7OzKJWGdfzY6%2Ffaw%2F6CjJDA3wdj1A7S3yXOCbT0Lc9Z1A%2BUxVy%2BC3uiLPT7ljAfX1gSaIbGdaQwyDWC%2FzSgL6dYk72Ap1YNSZiF5YlX8gWpLawW5InlqgcfY8cRd%2BUX8MWJA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 86a232260c7bb3bf-MIA alt-svc h3=":443"; ma=86400 expires Mon, 25 Mar 2024 22:18:58 GMT
GET H/1.1	200 OK	_payload.json lp.k8.io/ Frame 674C	62 B 305 B	237ms 145ms	Other application/json	34.34.143.37 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lp.k8.io/_payload.json Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.34.143.37 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 37.143.34.34.bc.googleusercontent.com Software nginx/1.25.4 / Resource Hash 07f2f6e5fb177bb6b26ba4747cb2705477a84eab9174903f9ce8059341542054 Request headers Referer https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Origin https://lp.k8.io accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 25 Mar 2024 22:04:18 GMT Last-Modified Fri, 22 Mar 2024 08:24:48 GMT Server nginx/1.25.4 ETag "65fd4050-3e" Content-Type application/json Connection keep-alive Accept-Ranges bytes Content-Length 62
GET H/1.1	200 OK	swiper-vue.Bs3d9ZnH.css lp.k8.io/_nuxt/ Frame 674C	17 KB 18 KB	456ms 283ms	Stylesheet text/css	34.34.143.37 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lp.k8.io/_nuxt/swiper-vue.Bs3d9ZnH.css Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.34.143.37 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 37.143.34.34.bc.googleusercontent.com Software nginx/1.25.4 / Resource Hash b2aca30be8c1d58bd26708d9eb8151ab5188dfe71f509a43d45e22759ea9f4fc Request headers accept-language en-US,en;q=0.9 Referer https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 25 Mar 2024 22:04:18 GMT Last-Modified Fri, 22 Mar 2024 08:24:49 GMT Server nginx/1.25.4 ETag "65fd4051-458b" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 17803
GET H/1.1	200 OK	entry.YqFNM1KY.js Show response lp.k8.io/_nuxt/ Frame 674C	94 KB 94 KB	457ms 284ms	Script application/javascript	34.34.143.37 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lp.k8.io/_nuxt/entry.YqFNM1KY.js Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.34.143.37 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 37.143.34.34.bc.googleusercontent.com Software nginx/1.25.4 / Resource Hash 4b561439999cdb951ba9d74fbf513f19e63d9f0fbc245abe64061b826ea42a9c Request headers Referer https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Origin https://lp.k8.io accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 25 Mar 2024 22:04:18 GMT Last-Modified Fri, 22 Mar 2024 08:24:49 GMT Server nginx/1.25.4 ETag "65fd4051-1767f" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 95871
GET H/1.1	200 OK	swiper-vue.DqRT1OaE.js Show response lp.k8.io/_nuxt/ Frame 674C	153 KB 154 KB	322ms 148ms	Script application/javascript	34.34.143.37 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lp.k8.io/_nuxt/swiper-vue.DqRT1OaE.js Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.34.143.37 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 37.143.34.34.bc.googleusercontent.com Software nginx/1.25.4 / Resource Hash c627d2a214085f23f5e4b7768a655903fcb68945c0d4f8e815baa1a5597f06b2 Request headers Referer https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Origin https://lp.k8.io accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 25 Mar 2024 22:04:18 GMT Last-Modified Fri, 22 Mar 2024 08:24:49 GMT Server nginx/1.25.4 ETag "65fd4051-2657f" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 157055
GET H/1.1	200 OK	index.68ZxSqTb.js Show response lp.k8.io/_nuxt/ Frame 674C	10 KB 10 KB	316ms 142ms	Script application/javascript	34.34.143.37 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lp.k8.io/_nuxt/index.68ZxSqTb.js Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.34.143.37 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 37.143.34.34.bc.googleusercontent.com Software nginx/1.25.4 / Resource Hash 09d9494678d1844dac2b9ac6a0a8aa5208c78c5686c768e38c72795d162d8732 Request headers Referer https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Origin https://lp.k8.io accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 25 Mar 2024 22:04:18 GMT Last-Modified Fri, 22 Mar 2024 08:24:49 GMT Server nginx/1.25.4 ETag "65fd4051-2602" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 9730
GET H/1.1	200 OK	useUtils.DxCSOGt4.js Show response lp.k8.io/_nuxt/ Frame 674C	1 KB 2 KB	432ms 141ms	Script application/javascript	34.34.143.37 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lp.k8.io/_nuxt/useUtils.DxCSOGt4.js Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.34.143.37 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 37.143.34.34.bc.googleusercontent.com Software nginx/1.25.4 / Resource Hash 861633b535f94ba6c09c393eb38cf16cd79fdb98e29cc257185d619b99ceb41a Request headers Referer https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Origin https://lp.k8.io accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 25 Mar 2024 22:04:18 GMT Last-Modified Fri, 22 Mar 2024 08:24:49 GMT Server nginx/1.25.4 ETag "65fd4051-579" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 1401
GET H/1.1	200 OK	vue.f36acd1f.nQVdTF0p.js Show response lp.k8.io/_nuxt/ Frame 674C	428 B 679 B	430ms 140ms	Script application/javascript	34.34.143.37 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lp.k8.io/_nuxt/vue.f36acd1f.nQVdTF0p.js Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.34.143.37 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 37.143.34.34.bc.googleusercontent.com Software nginx/1.25.4 / Resource Hash 2162c966e8f5546030ecfa6ee8df44280cefabe44cfa9a5548199543e2a4256a Request headers Referer https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Origin https://lp.k8.io accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 25 Mar 2024 22:04:18 GMT Last-Modified Fri, 22 Mar 2024 08:24:49 GMT Server nginx/1.25.4 ETag "65fd4051-1ac" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 428
GET H2	200	navarrow.svg k8lp2.imgix.net/assets/images/svg/ Frame 674C	309 B 572 B	272ms 37ms	Image image/svg+xml	2a04:4e42:400::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://k8lp2.imgix.net/assets/images/svg/navarrow.svg?auto=format,compress Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Resource Hash 5fce34450c08f4886b836a1d05cb5e430d4da1be3a25e66527424ab3ffe21ec5 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://lp.k8.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:18 GMT content-encoding gzip x-content-type-options nosniff age 309709 x-cache HIT, HIT x-imgix-id d793246912a7e5c75cbf3f46f19cae8450a95952 cross-origin-resource-policy cross-origin content-length 229 x-served-by cache-sjc1000107-SJC, cache-mia-kmia1760035-MIA last-modified Fri, 22 Mar 2024 08:02:24 GMT server Google Frontend vary Accept-Encoding, Accept, User-Agent content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin *
GET H2	200	section1-pachinko.jpg k8lp2.imgix.net/assets/images/general/ Frame 674C	437 KB 438 KB	352ms 117ms	Image image/avif	2a04:4e42:400::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://k8lp2.imgix.net/assets/images/general/section1-pachinko.jpg?auto=format,compress Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Resource Hash ecbc670ca438b58821bdceb37e1bb69b02c2bd4cc12fd26253be6e4a91063f3b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://lp.k8.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:18 GMT x-content-type-options nosniff age 309833 x-cache HIT, HIT x-imgix-id 32521c38504b04ed8847154e4ff1da25b1c155ee cross-origin-resource-policy cross-origin content-length 447684 x-served-by cache-sjc10055-SJC, cache-mia-kmia1760035-MIA last-modified Fri, 22 Mar 2024 08:00:25 GMT server Google Frontend vary Accept, User-Agent content-type image/avif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin *
GET H2	200	section1-chat.jpg k8lp2.imgix.net/assets/images/general/ Frame 674C	88 KB 88 KB	53ms 39ms	Image image/avif	2a04:4e42:400::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://k8lp2.imgix.net/assets/images/general/section1-chat.jpg?auto=format,compress Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Resource Hash b6c52c0ec652dd0ba0bd00d3324fc5b24210f5c1a351f1fc7818b543b57f36ae Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://lp.k8.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:18 GMT x-content-type-options nosniff age 309833 x-cache HIT, HIT x-imgix-id b1f6e505a7aaf52c705865ae332a79d124668b24 cross-origin-resource-policy cross-origin content-length 89645 x-served-by cache-sjc10021-SJC, cache-mia-kmia1760035-MIA last-modified Fri, 22 Mar 2024 08:00:25 GMT server Google Frontend vary Accept, User-Agent content-type image/avif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin *
GET H2	200	section1-welcome-package.jpg k8lp2.imgix.net/assets/images/general/ Frame 674C	94 KB 95 KB	125ms 111ms	Image image/avif	2a04:4e42:400::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://k8lp2.imgix.net/assets/images/general/section1-welcome-package.jpg?auto=format,compress Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Resource Hash 06cf2191a3e3208a603ce1922a2120d89887b9f6c9598a0ca327e28e7d1ac7dc Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://lp.k8.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:18 GMT x-content-type-options nosniff age 309833 x-cache HIT, HIT x-imgix-id 9826a4af625ca9f85c6255551cfb1c4256ce2535 cross-origin-resource-policy cross-origin content-length 96672 x-served-by cache-sjc10030-SJC, cache-mia-kmia1760035-MIA last-modified Fri, 22 Mar 2024 08:00:25 GMT server Google Frontend vary Accept, User-Agent content-type image/avif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin *
POST H2	204	matomo.php 1etu.com/	0 146 B	614ms 481ms	Ping text/plain	69.197.129.106 WII
General Check archive.org Show headers Download Go to Full URL https://1etu.com/matomo.php?action_name=rv589.facialbeautyinc.com%2F%E3%80%8E%E3%82%AB%E3%82%B9%E3%83%A2%E3%82%AB%E3%82%B8%E3%83%8E%E3%82%AB%E3%82%B8%E3%83%8E%20%E5%87%BA%E9%87%91%20KYC%E3%80%8F%EF%BD%9C%E3%83%AD%E3%82%B1%E3%83%83%E3%83%88%E3%83%97%E3%83%AC%E3%82%A4%E3%82%AB%E3%82%B8%E3%83%8E%E3%82%A2%E3%82%AB%E3%82%A6%E3%83%B3%E3%83%88%E8%AA%8D%E8%A8%BC%7C%E3%82%AD%E3%83%A0%E3%83%99%E3%82%AC%E3%82%B9%E3%82%AB%E3%82%B8%E3%83%8E%20%E3%82%AB%E3%82%B8%E3%83%8E%EF%BD%A5%E3%83%9E%E3%83%AB%E3%83%8F%E3%83%B3%20%E6%AD%A4%E8%8A%B1%20%E5%8C%BA%7C%E3%82%AD%E3%83%A7%E3%83%BC%E3%82%A4%E3%83%81%20%E8%8C%B6%E5%B1%8B%20%E7%94%BA%7C%E3%83%AF%E3%82%A4%E3%83%AB%E3%82%BA%E3%82%AB%E3%82%B8%E3%83%8E%E5%87%BA%E9%87%91%E6%99%82%E9%96%93&idsite=1&rec=1&r=414037&h=12&m=4&s=17&url=https%3A%2F%2Frv589.facialbeautyinc.com%2F&_id=14836f229790e85a&_idn=1&send_image=0&_refts=0&pv_id=kX5Njj&pf_net=740&pf_srv=885&pf_tfr=40&pf_dm1=774&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200 Requested by Host: 1etu.com URL: https://1etu.com/matomo.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 69.197.129.106 , United States, ASN32097 (WII, US), Reverse DNS termdot.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://rv589.facialbeautyinc.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Response headers access-control-allow-origin https://rv589.facialbeautyinc.com date Mon, 25 Mar 2024 22:04:18 GMT strict-transport-security max-age=31536000 access-control-allow-credentials true server nginx
GET H2	200	matomo.js Show response cdn.matomo.cloud/k8.matomo.cloud/ Frame 674C	201 KB 59 KB	295ms 85ms	Script application/javascript	2600:9000:24f0:7000:c:7d55:b3c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.matomo.cloud/k8.matomo.cloud/matomo.js Requested by Host: lp.k8.io URL: https://lp.k8.io/js/matomo.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:24f0:7000:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash fe03d4956589bc1d63cc9ff8bd998fab626f3ba20447146369b8cdb28c8195d3 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://lp.k8.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 18:01:55 GMT x-amz-version-id kzTXvdcYKwJFYLrFV6VvI5rDWTksPyU4 content-encoding gzip strict-transport-security max-age=31536000 via 1.1 264f765d2ad734b490f4728d6de8ce04.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P3 age 14543 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Thu, 21 Mar 2024 00:35:34 GMT server CloudFront etag W/"b497a6c98a2a84938d6866c55f164e4d" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=691200 x-amz-cf-id ejAScoSCY9Vz44xPo4kRf_PoJfwjFs29GSyxJSgvJFcpwsABcTshDg==
GET H2	200	index.html Show response videos.k8team.top/ Frame 9EFE	4 KB 2 KB	273ms 262ms	Document text/html	2606:4700:3033::6815:390 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://videos.k8team.top/index.html Requested by Host: videos.k8team.top URL: https://videos.k8team.top/youtube_iframe.js?v=1.0.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:390 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 082c20bf1e5a8a053e7e381653593f5291877c6d47bcfea8b9356737364e394b Request headers Referer https://lp.k8.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 86a232269dc8b3bf-MIA content-encoding br content-type text/html date Mon, 25 Mar 2024 22:04:18 GMT last-modified Tue, 05 Mar 2024 03:49:21 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wGNFRlO0Ev075YwE4sb526Mz6hl28gvZNShaJCl5awxAEPZtU8GkXRapsNai4tTZcuajNDHZcB5XiifjIFHsE%2B57RZo7WnmU05tgrm6pOZK8nFWBdjT10NS1kgJz%2FqcT9ibpFejq3Aaex5VhrpKDPg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H/1.1	200 OK	error-404.DfnRtmrY.js lp.k8.io/_nuxt/ Frame 674C	0 2 KB	166ms 165ms	Other application/javascript	34.34.143.37 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lp.k8.io/_nuxt/error-404.DfnRtmrY.js Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.34.143.37 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 37.143.34.34.bc.googleusercontent.com Software nginx/1.25.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Origin https://lp.k8.io accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 25 Mar 2024 22:04:18 GMT Last-Modified Fri, 22 Mar 2024 08:24:49 GMT Server nginx/1.25.4 ETag "65fd4051-8fb" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 2299
GET H/1.1	200 OK	error-500.C4MqnYTp.js lp.k8.io/_nuxt/ Frame 674C	0 2 KB	165ms 164ms	Other application/javascript	34.34.143.37 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lp.k8.io/_nuxt/error-500.C4MqnYTp.js Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.34.143.37 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 37.143.34.34.bc.googleusercontent.com Software nginx/1.25.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Origin https://lp.k8.io accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 25 Mar 2024 22:04:18 GMT Last-Modified Fri, 22 Mar 2024 08:24:49 GMT Server nginx/1.25.4 ETag "65fd4051-7a4" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 1956
GET H2	200	iframe_api Show response www.youtube.com/ Frame 9EFE	993 B 2 KB	311ms 97ms	Script text/javascript	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/iframe_api Requested by Host: videos.k8team.top URL: https://videos.k8team.top/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 213d6d11e61bb7fb4244e5790d6ecc88ed22ea0aad32302f2b425bc8e3196f73 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://videos.k8team.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:18 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff content-encoding br p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version server ESF x-frame-options SAMEORIGIN vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version content-type text/javascript; charset=utf-8 report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} cache-control private, max-age=0 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* origin-trial AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9 cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" expires Mon, 25 Mar 2024 22:04:18 GMT
GET H2	200	logo@4x.png k8lp3.imgix.net/assets/images/general/ Frame 674C	18 KB 18 KB	69ms 46ms	Image image/png	2a04:4e42:400::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://k8lp3.imgix.net/assets/images/general/logo@4x.png Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Resource Hash 8b6a83427d0088971320f0f8f863d38e45fb32e6968fb9a72a5738e1c7c1f89d Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://lp.k8.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:18 GMT x-content-type-options nosniff last-modified Fri, 22 Mar 2024 08:02:24 GMT server Google Frontend age 308471 x-cache HIT, HIT content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 x-imgix-id 3a4a58a5626cc6120f23987f18ae1af9f85b182c cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 18441 x-served-by cache-sjc1000137-SJC, cache-mia-kmia1760035-MIA
GET H2	200	btn-signup.png k8lp3.imgix.net/assets/images/general/ Frame 674C	52 KB 53 KB	69ms 47ms	Image image/png	2a04:4e42:400::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://k8lp3.imgix.net/assets/images/general/btn-signup.png Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Resource Hash 861973ffd434795ec251d1dd7d1b33f6edfaa51afd68217a328aec05bc02c216 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://lp.k8.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:18 GMT x-content-type-options nosniff last-modified Fri, 22 Mar 2024 08:02:24 GMT server Google Frontend age 308471 x-cache HIT, HIT content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 x-imgix-id dade47dabb4dad9fe6301888ec1ffe33aa0a72c8 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 53606 x-served-by cache-sjc10043-SJC, cache-mia-kmia1760035-MIA
GET H2	200	btn-login.png k8lp3.imgix.net/assets/images/general/ Frame 674C	50 KB 51 KB	73ms 51ms	Image image/png	2a04:4e42:400::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://k8lp3.imgix.net/assets/images/general/btn-login.png Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Resource Hash fdd42913afa2cfcc0714a12b5596f92a4896ad027d7da7489fb9cca8ffeac735 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://lp.k8.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:18 GMT x-content-type-options nosniff last-modified Fri, 22 Mar 2024 08:02:24 GMT server Google Frontend age 308471 x-cache HIT, HIT content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 x-imgix-id eb4b640e907d20bc36e471de1b4b0d861e4904f9 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 51540 x-served-by cache-sjc10058-SJC, cache-mia-kmia1760035-MIA
GET H2	200	section2-desktop.png k8lp3.imgix.net/assets/images/backgrounds/ Frame 674C	303 KB 303 KB	76ms 54ms	Image image/png	2a04:4e42:400::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://k8lp3.imgix.net/assets/images/backgrounds/section2-desktop.png?w=1920&format=auto,compress Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Resource Hash c93c6f41d2cd7206848047ed7c96ec062678647946de9882efeb4a5512fc2602 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://lp.k8.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:18 GMT x-content-type-options nosniff last-modified Fri, 22 Mar 2024 08:23:08 GMT server Google Frontend age 308470 x-cache HIT, HIT content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 x-imgix-id c24ce3cb4b39071ecec9846376d3b5f49b5f0aaa cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 310294 x-served-by cache-sjc1000143-SJC, cache-mia-kmia1760035-MIA
GET H2	200	btn-register.png k8lp3.imgix.net/assets/images/general/ Frame 674C	22 KB 22 KB	64ms 42ms	Image image/png	2a04:4e42:400::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://k8lp3.imgix.net/assets/images/general/btn-register.png Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Resource Hash 4fd769dff04548e3319f5e54b6589e627fd89d8bccafca5905ad05ee5ae00caf Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://lp.k8.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:18 GMT x-content-type-options nosniff last-modified Fri, 22 Mar 2024 08:02:24 GMT server Google Frontend age 308471 x-cache HIT, HIT content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 x-imgix-id 12633438490fa35fe0384fe4b0e7654f7fcd3316 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 22529 x-served-by cache-sjc1000099-SJC, cache-mia-kmia1760035-MIA
GET H2	200	pachinko-title1-pc.png k8lp3.imgix.net/assets/images/general/ Frame 674C	25 KB 25 KB	64ms 43ms	Image image/png	2a04:4e42:400::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://k8lp3.imgix.net/assets/images/general/pachinko-title1-pc.png Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Resource Hash f85ae0d159a5509bee460fee1f65357b574b78027ccb5a626d570dd4bc8f1f6e Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://lp.k8.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:18 GMT x-content-type-options nosniff last-modified Fri, 22 Mar 2024 08:02:24 GMT server Google Frontend age 308471 x-cache HIT, HIT content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 x-imgix-id f21613027083360c5dad16d0324f5d3bf78b3f68 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 25782 x-served-by cache-sjc10036-SJC, cache-mia-kmia1760035-MIA
GET H2	200	pachinko-title2-pc.png k8lp3.imgix.net/assets/images/general/ Frame 674C	47 KB 47 KB	261ms 255ms	Image image/png	2a04:4e42:400::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://k8lp3.imgix.net/assets/images/general/pachinko-title2-pc.png Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Resource Hash 1be2c1724f036392cd9053a29efe060f06c8aedda9585e176df3401e30ab1956 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://lp.k8.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:18 GMT x-content-type-options nosniff last-modified Fri, 22 Mar 2024 08:02:24 GMT server Google Frontend age 308471 x-cache HIT, HIT content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 x-imgix-id a3728a6f6b9c071ff4b09fae3352e93d5e7d97ca cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 48279 x-served-by cache-sjc1000127-SJC, cache-mia-kmia1760035-MIA
GET H2	200	section3-bg-pc00.jpeg k8lp3.imgix.net/assets/images/backgrounds/ Frame 674C	245 KB 246 KB	266ms 261ms	Image image/jpeg	2a04:4e42:400::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://k8lp3.imgix.net/assets/images/backgrounds/section3-bg-pc00.jpeg Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Resource Hash fcbb04d9b7626bf58ce7dd10ec4ae127ddae3799752d703c8dc9685c8bcf1f56 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://lp.k8.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:18 GMT x-content-type-options nosniff last-modified Fri, 22 Mar 2024 08:02:24 GMT server Google Frontend age 308471 x-cache HIT, HIT content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 x-imgix-id d5bb532a4370457bb1c17ccb952fee55953c335e cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 251260 x-served-by cache-sjc1000085-SJC, cache-mia-kmia1760035-MIA
GET H2	200	section4-desktop.png k8lp3.imgix.net/assets/images/backgrounds/ Frame 674C	323 KB 323 KB	278ms 274ms	Image image/png	2a04:4e42:400::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://k8lp3.imgix.net/assets/images/backgrounds/section4-desktop.png?w=1920&format=auto,compress Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Resource Hash 9fcfb7184159434073dd15b3f248dfa18597df7d332f539ba569a314b5aa9beb Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://lp.k8.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:18 GMT x-content-type-options nosniff last-modified Fri, 22 Mar 2024 08:23:08 GMT server Google Frontend age 308470 x-cache HIT, HIT content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 x-imgix-id 216a42c8c59b0bc507d88941fe4cdf0e46fa781e cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 330766 x-served-by cache-sjc10046-SJC, cache-mia-kmia1760035-MIA
GET H2	200	section5-bg-top-pc.jpeg k8lp3.imgix.net/assets/images/backgrounds/ Frame 674C	67 KB 67 KB	343ms 339ms	Image image/jpeg	2a04:4e42:400::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://k8lp3.imgix.net/assets/images/backgrounds/section5-bg-top-pc.jpeg Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Resource Hash 4623711a0c4236e001f1781ca76cb24ce5ddbe6363828c21f44e8aafcd184b94 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://lp.k8.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:18 GMT x-content-type-options nosniff last-modified Fri, 22 Mar 2024 08:02:24 GMT server Google Frontend age 308470 x-cache HIT, HIT content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 x-imgix-id 2ecf5ca6d3d7a7809ea107e9996e5c16594b640e cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 68964 x-served-by cache-sjc10035-SJC, cache-mia-kmia1760035-MIA
GET H2	200	icBox-withdraw.png k8lp3.imgix.net/assets/images/general/ Frame 674C	28 KB 28 KB	256ms 254ms	Image image/png	2a04:4e42:400::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://k8lp3.imgix.net/assets/images/general/icBox-withdraw.png Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Resource Hash 4970bd36714bc4017b7daff89baf9d22ae164db9ef2e08552c1c9f4893eb6877 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://lp.k8.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:18 GMT x-content-type-options nosniff last-modified Fri, 22 Mar 2024 08:02:24 GMT server Google Frontend age 308470 x-cache HIT, HIT content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 x-imgix-id ffa33af50f8e3624f0c26a16542e244daba4a38d cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 28871 x-served-by cache-sjc1000097-SJC, cache-mia-kmia1760035-MIA
GET H2	200	icBox-deposit.png k8lp3.imgix.net/assets/images/general/ Frame 674C	28 KB 28 KB	252ms 242ms	Image image/png	2a04:4e42:400::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://k8lp3.imgix.net/assets/images/general/icBox-deposit.png Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Resource Hash b2648d59943b06bdf4b98c6d4c8eef5188e75ad5f36d8aee82ea51b358ab7302 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://lp.k8.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:18 GMT x-content-type-options nosniff last-modified Fri, 22 Mar 2024 08:02:24 GMT server Google Frontend age 308470 x-cache HIT, HIT content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 x-imgix-id 2ce1bca54db8a0420955d47f8f205c6fccf71697 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 28885 x-served-by cache-sjc1000116-SJC, cache-mia-kmia1760035-MIA
GET H2	200	icBox-slot.png k8lp3.imgix.net/assets/images/general/ Frame 674C	29 KB 29 KB	246ms 241ms	Image image/png	2a04:4e42:400::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://k8lp3.imgix.net/assets/images/general/icBox-slot.png Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Resource Hash eaf68f04f0c661f327462c9bdbd3e017d5d2db074bcaafde9ad6cd2a56183c72 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://lp.k8.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:18 GMT x-content-type-options nosniff last-modified Fri, 22 Mar 2024 08:02:24 GMT server Google Frontend age 308470 x-cache HIT, HIT content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 x-imgix-id 8892f1aef5a89622c474e2a0c8c058d1bf53fa65 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 29589 x-served-by cache-sjc10057-SJC, cache-mia-kmia1760035-MIA
GET H2	200	icBox-service.png k8lp3.imgix.net/assets/images/general/ Frame 674C	31 KB 31 KB	248ms 245ms	Image image/png	2a04:4e42:400::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://k8lp3.imgix.net/assets/images/general/icBox-service.png Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Resource Hash 11dc0c7998df365efc2fd94a7cf692e164623cb8c15cd3375347ffba572a843d Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://lp.k8.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:18 GMT x-content-type-options nosniff last-modified Fri, 22 Mar 2024 08:02:24 GMT server Google Frontend age 308470 x-cache HIT, HIT content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 x-imgix-id acac03066a1a271e8f170d090c537436c0fe4311 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 31966 x-served-by cache-sjc10049-SJC, cache-mia-kmia1760035-MIA
GET H2	200	register-btn.png k8lp3.imgix.net/assets/images/general/ Frame 674C	22 KB 22 KB	199ms 135ms	Image image/png	2a04:4e42:400::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://k8lp3.imgix.net/assets/images/general/register-btn.png Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Resource Hash 4fd769dff04548e3319f5e54b6589e627fd89d8bccafca5905ad05ee5ae00caf Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://lp.k8.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:19 GMT x-content-type-options nosniff last-modified Fri, 22 Mar 2024 08:02:24 GMT server Google Frontend age 308470 x-cache HIT, HIT content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 x-imgix-id f2a49158fd8f557f1c3cd9926ced9c1b7063a5da cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 22529 x-served-by cache-sjc1000146-SJC, cache-mia-kmia1760035-MIA
GET H2	200	section5-bg-bottom-pc.jpeg k8lp3.imgix.net/assets/images/backgrounds/ Frame 674C	126 KB 126 KB	49ms 33ms	Image image/jpeg	2a04:4e42:400::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://k8lp3.imgix.net/assets/images/backgrounds/section5-bg-bottom-pc.jpeg Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Resource Hash b859784c0aa9e5e35da2090f196a3aefd60954d6e0e2777fcc8a6f9b6fa29104 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://lp.k8.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:19 GMT x-content-type-options nosniff last-modified Fri, 22 Mar 2024 08:02:24 GMT server Google Frontend age 308470 x-cache HIT, HIT content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 x-imgix-id d9f512128760ac4721e29531bf7a1f5d68db5b4a cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 129250 x-served-by cache-sjc1000088-SJC, cache-mia-kmia1760035-MIA
GET H2	200	section7-desktop.png k8lp3.imgix.net/assets/images/backgrounds/ Frame 674C	279 KB 279 KB	52ms 35ms	Image image/png	2a04:4e42:400::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://k8lp3.imgix.net/assets/images/backgrounds/section7-desktop.png?w=1920&format=auto,compress Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Resource Hash 5e262245f3899bba3451836185c777caa1ed4ffd1e9c84d9871ec83126cf210a Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://lp.k8.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:19 GMT x-content-type-options nosniff last-modified Fri, 22 Mar 2024 08:23:10 GMT server Google Frontend age 308468 x-cache HIT, HIT content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 x-imgix-id 0ae1c10de8ccb79097839e60fb711b6e484f1d4f cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 285282 x-served-by cache-sjc10028-SJC, cache-mia-kmia1760035-MIA
GET H2	200	payment.webp k8lp3.imgix.net/assets/images/general/ Frame 674C	193 KB 193 KB	158ms 142ms	Image image/avif	2a04:4e42:400::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://k8lp3.imgix.net/assets/images/general/payment.webp?auto=format,compress Requested by Host: lp.k8.io URL: https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Resource Hash 3c4fa97c60af897239670782f740316ba87eb916b175ab4b2391dc53e63be34d Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://lp.k8.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:19 GMT x-content-type-options nosniff age 308468 x-cache HIT, HIT x-imgix-id bddde5a22fd7114df4d312a7516f882f4ae75783 cross-origin-resource-policy cross-origin content-length 197729 x-served-by cache-sjc1000133-SJC, cache-mia-kmia1760035-MIA last-modified Fri, 22 Mar 2024 08:23:10 GMT server Google Frontend vary Accept, User-Agent content-type image/avif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin *
GET H3	200	minimize.svg videos.k8team.top/ Frame 9EFE	844 B 963 B	68ms 67ms	Image image/svg+xml	2606:4700:3033::6815:390 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://videos.k8team.top/minimize.svg Requested by Host: videos.k8team.top URL: https://videos.k8team.top/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:390 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dd2af25967b287dca66fea4da6594b6c826c787b112e567fae5f46c570b0f537 Request headers accept-language en-US,en;q=0.9 Referer https://videos.k8team.top/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:18 GMT content-encoding br cf-cache-status HIT last-modified Tue, 05 Mar 2024 03:38:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6812 etag W/"65e693be-34c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UtBkchVA8gC5%2F3kclZarjkz2WRQwCB%2B1PYpTlSNszihP4k1i8nh2JAQTrCMZYoN%2BzPWzoT2C3gHxy2%2FDb236UkbWtonS5e24F%2BpwKzbv7eiKzxco%2BdK6Pha281Gixeb%2FfPA3Qq%2FgwUm7SbYYMysHKg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 86a23228accf7420-MIA alt-svc h3=":443"; ma=86400
POST H2	204	matomo.php k8.matomo.cloud/ Frame 674C	0 169 B	660ms 211ms	Ping text/plain	3.126.133.169 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://k8.matomo.cloud/matomo.php?action_name=lp.k8.io%2F&idsite=8&rec=1&r=830843&h=12&m=4&s=18&url=https%3A%2F%2Flp.k8.io%2F%3Finvite%3DJapanCasinos%26From%3DVIP107%26Welcome&urlref=https%3A%2F%2Frv589.facialbeautyinc.com%2F&_id=b6d4ff7c3be4637d&_idn=1&send_image=0&_refts=1711404259&_ref=https%3A%2F%2Frv589.facialbeautyinc.com%2F&pv_id=qwc5mu&pf_net=681&pf_srv=349&pf_tfr=306&pf_dm1=696&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200 Requested by Host: cdn.matomo.cloud URL: https://cdn.matomo.cloud/k8.matomo.cloud/matomo.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-133-169.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://lp.k8.io/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Response headers access-control-allow-origin https://lp.k8.io date Mon, 25 Mar 2024 22:04:19 GMT access-control-allow-credentials true server Apache vary Origin,X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent
GET H2	200	configs.php Show response k8.matomo.cloud/plugins/HeatmapSessionRecording/ Frame 674C	116 B 291 B	601ms 159ms	Script application/javascript	3.126.133.169 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://k8.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=8&trackerid=36Wm3G&url=https%3A%2F%2Flp.k8.io%2F%3Finvite%3DJapanCasinos%26From%3DVIP107%26Welcome Requested by Host: cdn.matomo.cloud URL: https://cdn.matomo.cloud/k8.matomo.cloud/matomo.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-133-169.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash e5cdc6ff45a8ddc3f4df8f8210f332f3f14ceb52a26c0cddf60843c72e2c0c74 Request headers accept-language en-US,en;q=0.9 Referer https://lp.k8.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:19 GMT content-encoding gzip server Apache content-length 119 vary X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent content-type application/javascript
GET H2	200	www-widgetapi.js Show response www.youtube.com/s/player/2923e6f1/www-widgetapi.vflset/ Frame 9EFE	216 KB 67 KB	87ms 86ms	Script text/javascript	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/2923e6f1/www-widgetapi.vflset/www-widgetapi.js Requested by Host: www.youtube.com URL: https://www.youtube.com/iframe_api Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 839482b4fcc78a5da8c6cd734161625a81e1f1b5e66713d9551dcc9209374304 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://videos.k8team.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 19:40:04 GMT content-encoding br x-content-type-options nosniff age 8654 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 68412 x-xss-protection 0 last-modified Thu, 21 Mar 2024 04:22:17 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 25 Mar 2025 19:40:04 GMT
GET H2	200	videos Show response videos-cms.k8team.top/api/ Frame 9EFE	1 KB 1 KB	748ms 278ms	Fetch application/json	2606:4700:3036::ac43:82d1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://videos-cms.k8team.top/api/videos?fields[0]=video_id&fields[1]=link&filters[active][$eq]=1&sort[0]=order Requested by Host: videos.k8team.top URL: https://videos.k8team.top/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:82d1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Strapi <strapi.io> Resource Hash 31595098d07ee1ab040b23ff3aa499dfeeab92497623a2c1a388f94747886f00 Security Headers Name Value Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://videos.k8team.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:19 GMT content-security-policy connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains cf-cache-status DYNAMIC x-permitted-cross-domain-policies none nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Strapi <strapi.io> x-dns-prefetch-control off content-encoding br alt-svc h3=":443"; ma=86400 referrer-policy no-referrer server cloudflare x-download-options noopen x-frame-options SAMEORIGIN vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://videos.k8team.top report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DKXS66mXGA%2FqlSZBCJl024hI%2Bk8qK0g%2B19nOPCU78UgylazklN%2BK%2F2q7muAzmjty%2F%2BC9lMvlx3XysHf8K8a4%2FbOv2BT3U67Wuq9xShgOJEU2TYlYZDmjiM2eLgL%2BS4tNNqpEU%2FlBNM66icP60OT1Si7k5nY%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 86a2322f1c77da8f-MIA
GET H3	200	/ Show response www.youtube.com/embed/ Frame 52FD	98 KB 39 KB	170ms 158ms	Document text/html	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/?playsinline=1&playlist=o1ldneqKzIU%2CDxX2HL5vask%2CbUsvdWtXYmA%2CajhqGe2-yNM%2CjgBpPFW24Gs%2CL4aDNmLBkTw%2CIxDWSsdq89c%2CLwKTbb8S-7Q%2CsUNwYetUgDY%2CJVx4GVqj5qQ&loop=1&autoplay=1&mute=1&widget_referrer=https%3A%2F%2Flp.k8.io%2F&enablejsapi=1&origin=https%3A%2F%2Fvideos.k8team.top&widgetid=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/2923e6f1/www-widgetapi.vflset/www-widgetapi.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 9055acb3cf432002935c1628ea34e1bbce4ba2f0c90b33fc0a34ee21ef822f6d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://videos.k8team.top/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding br content-type text/html; charset=utf-8 cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" cross-origin-resource-policy cross-origin date Mon, 25 Mar 2024 22:04:20 GMT expires Mon, 01 Jan 1990 00:00:00 GMT origin-trial AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* pragma no-cache report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} server ESF strict-transport-security max-age=31536000 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	c597fada-79e4-4b2e-92b6-7cfb18e29e76.json Show response lp.k8.io/_nuxt/builds/meta/ Frame 674C	267 B 512 B	147ms 146ms	Fetch application/json	34.34.143.37 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lp.k8.io/_nuxt/builds/meta/c597fada-79e4-4b2e-92b6-7cfb18e29e76.json Requested by Host: lp.k8.io URL: https://lp.k8.io/_nuxt/entry.YqFNM1KY.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.34.143.37 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 37.143.34.34.bc.googleusercontent.com Software nginx/1.25.4 / Resource Hash b2c7080ff3fb6321882ea209c3024903ab58abf047949adb2bd25e219b183152 Request headers accept-language en-US,en;q=0.9 Referer https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 25 Mar 2024 22:04:20 GMT Last-Modified Fri, 22 Mar 2024 08:24:48 GMT Server nginx/1.25.4 ETag "65fd4050-10b" Content-Type application/json Connection keep-alive Accept-Ranges bytes Content-Length 267
GET H3	200	www-player.css www.youtube.com/s/player/2923e6f1/ Frame 52FD	372 KB 47 KB	68ms 67ms	Stylesheet text/css	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/2923e6f1/www-player.css Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/?playsinline=1&playlist=o1ldneqKzIU%2CDxX2HL5vask%2CbUsvdWtXYmA%2CajhqGe2-yNM%2CjgBpPFW24Gs%2CL4aDNmLBkTw%2CIxDWSsdq89c%2CLwKTbb8S-7Q%2CsUNwYetUgDY%2CJVx4GVqj5qQ&loop=1&autoplay=1&mute=1&widget_referrer=https%3A%2F%2Flp.k8.io%2F&enablejsapi=1&origin=https%3A%2F%2Fvideos.k8team.top&widgetid=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d92695df8505f32e187619d97e4d80ddae4954306cc1171f42ef464998f27b8d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/embed/?playsinline=1&playlist=o1ldneqKzIU%2CDxX2HL5vask%2CbUsvdWtXYmA%2CajhqGe2-yNM%2CjgBpPFW24Gs%2CL4aDNmLBkTw%2CIxDWSsdq89c%2CLwKTbb8S-7Q%2CsUNwYetUgDY%2CJVx4GVqj5qQ&loop=1&autoplay=1&mute=1&widget_referrer=https%3A%2F%2Flp.k8.io%2F&enablejsapi=1&origin=https%3A%2F%2Fvideos.k8team.top&widgetid=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 07:20:47 GMT content-encoding br x-content-type-options nosniff age 398613 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48097 x-xss-protection 0 last-modified Thu, 21 Mar 2024 04:22:17 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 21 Mar 2025 07:20:47 GMT
GET H3	200	www-embed-player.js Show response www.youtube.com/s/player/2923e6f1/www-embed-player.vflset/ Frame 52FD	320 KB 95 KB	117ms 116ms	Script text/javascript	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/2923e6f1/www-embed-player.vflset/www-embed-player.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/?playsinline=1&playlist=o1ldneqKzIU%2CDxX2HL5vask%2CbUsvdWtXYmA%2CajhqGe2-yNM%2CjgBpPFW24Gs%2CL4aDNmLBkTw%2CIxDWSsdq89c%2CLwKTbb8S-7Q%2CsUNwYetUgDY%2CJVx4GVqj5qQ&loop=1&autoplay=1&mute=1&widget_referrer=https%3A%2F%2Flp.k8.io%2F&enablejsapi=1&origin=https%3A%2F%2Fvideos.k8team.top&widgetid=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash abfe8b74c9107845a6866a21f7e1621cfc633e156b0934cf6a480138430d57e3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/embed/?playsinline=1&playlist=o1ldneqKzIU%2CDxX2HL5vask%2CbUsvdWtXYmA%2CajhqGe2-yNM%2CjgBpPFW24Gs%2CL4aDNmLBkTw%2CIxDWSsdq89c%2CLwKTbb8S-7Q%2CsUNwYetUgDY%2CJVx4GVqj5qQ&loop=1&autoplay=1&mute=1&widget_referrer=https%3A%2F%2Flp.k8.io%2F&enablejsapi=1&origin=https%3A%2F%2Fvideos.k8team.top&widgetid=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 07:20:47 GMT content-encoding br x-content-type-options nosniff age 398613 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 97712 x-xss-protection 0 last-modified Thu, 21 Mar 2024 04:22:17 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 21 Mar 2025 07:20:47 GMT
GET H3	200	base.js Show response www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/ Frame 52FD	2 MB 782 KB	135ms 134ms	Script text/javascript	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/base.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/?playsinline=1&playlist=o1ldneqKzIU%2CDxX2HL5vask%2CbUsvdWtXYmA%2CajhqGe2-yNM%2CjgBpPFW24Gs%2CL4aDNmLBkTw%2CIxDWSsdq89c%2CLwKTbb8S-7Q%2CsUNwYetUgDY%2CJVx4GVqj5qQ&loop=1&autoplay=1&mute=1&widget_referrer=https%3A%2F%2Flp.k8.io%2F&enablejsapi=1&origin=https%3A%2F%2Fvideos.k8team.top&widgetid=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 558d992451639264af288b3da48bb3ecff08fac68e9a05dae0333ffe8aa96a2e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/embed/?playsinline=1&playlist=o1ldneqKzIU%2CDxX2HL5vask%2CbUsvdWtXYmA%2CajhqGe2-yNM%2CjgBpPFW24Gs%2CL4aDNmLBkTw%2CIxDWSsdq89c%2CLwKTbb8S-7Q%2CsUNwYetUgDY%2CJVx4GVqj5qQ&loop=1&autoplay=1&mute=1&widget_referrer=https%3A%2F%2Flp.k8.io%2F&enablejsapi=1&origin=https%3A%2F%2Fvideos.k8team.top&widgetid=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 07:21:02 GMT content-encoding gzip x-content-type-options nosniff age 398598 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 801042 x-xss-protection 0 last-modified Thu, 21 Mar 2024 04:22:17 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 21 Mar 2025 07:21:02 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 52FD	15 KB 15 KB	68ms 66ms	Font font/woff2	2607:f8b0:4006:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/?playsinline=1&playlist=o1ldneqKzIU%2CDxX2HL5vask%2CbUsvdWtXYmA%2CajhqGe2-yNM%2CjgBpPFW24Gs%2CL4aDNmLBkTw%2CIxDWSsdq89c%2CLwKTbb8S-7Q%2CsUNwYetUgDY%2CJVx4GVqj5qQ&loop=1&autoplay=1&mute=1&widget_referrer=https%3A%2F%2Flp.k8.io%2F&enablejsapi=1&origin=https%3A%2F%2Fvideos.k8team.top&widgetid=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 09:15:49 GMT x-content-type-options nosniff age 391711 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 21 Mar 2025 09:15:49 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 52FD	15 KB 15 KB	68ms 67ms	Font font/woff2	2607:f8b0:4006:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/?playsinline=1&playlist=o1ldneqKzIU%2CDxX2HL5vask%2CbUsvdWtXYmA%2CajhqGe2-yNM%2CjgBpPFW24Gs%2CL4aDNmLBkTw%2CIxDWSsdq89c%2CLwKTbb8S-7Q%2CsUNwYetUgDY%2CJVx4GVqj5qQ&loop=1&autoplay=1&mute=1&widget_referrer=https%3A%2F%2Flp.k8.io%2F&enablejsapi=1&origin=https%3A%2F%2Fvideos.k8team.top&widgetid=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 20 Mar 2024 07:51:32 GMT x-content-type-options nosniff age 483168 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 20 Mar 2025 07:51:32 GMT
GET H/1.1	200 OK	license.BWlRM7zJ.js Show response lp.k8.io/_nuxt/ Frame 674C	5 KB 5 KB	146ms 145ms	Script application/javascript	34.34.143.37 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lp.k8.io/_nuxt/license.BWlRM7zJ.js Requested by Host: lp.k8.io URL: https://lp.k8.io/_nuxt/entry.YqFNM1KY.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.34.143.37 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 37.143.34.34.bc.googleusercontent.com Software nginx/1.25.4 / Resource Hash b774b4a7aea7cf312a1d878e33a257de2f01bd9fef7ad7d1dafcac4e0498fdf2 Request headers Referer Origin https://lp.k8.io accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 25 Mar 2024 22:04:20 GMT Last-Modified Fri, 22 Mar 2024 08:24:49 GMT Server nginx/1.25.4 ETag "65fd4051-136f" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 4975
GET H/1.1	200 OK	welcome-package.C_AIo4Un.js Show response lp.k8.io/_nuxt/ Frame 674C	865 B 1 KB	145ms 145ms	Script application/javascript	34.34.143.37 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lp.k8.io/_nuxt/welcome-package.C_AIo4Un.js Requested by Host: lp.k8.io URL: https://lp.k8.io/_nuxt/entry.YqFNM1KY.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.34.143.37 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 37.143.34.34.bc.googleusercontent.com Software nginx/1.25.4 / Resource Hash fd5863601d9868e9f2a651560174f8a343615b96d7299710845929dff32a06e6 Request headers Referer Origin https://lp.k8.io accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 25 Mar 2024 22:04:20 GMT Last-Modified Fri, 22 Mar 2024 08:24:49 GMT Server nginx/1.25.4 ETag "65fd4051-361" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 865
GET H/1.1	200 OK	_payload.json Show response lp.k8.io/ Frame 674C	62 B 305 B	145ms 145ms	Fetch application/json	34.34.143.37 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lp.k8.io/_payload.json Requested by Host: lp.k8.io URL: https://lp.k8.io/_nuxt/entry.YqFNM1KY.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.34.143.37 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 37.143.34.34.bc.googleusercontent.com Software nginx/1.25.4 / Resource Hash 07f2f6e5fb177bb6b26ba4747cb2705477a84eab9174903f9ce8059341542054 Request headers accept-language en-US,en;q=0.9 Referer https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 25 Mar 2024 22:04:20 GMT Last-Modified Fri, 22 Mar 2024 08:24:48 GMT Server nginx/1.25.4 ETag "65fd4050-3e" Content-Type application/json Connection keep-alive Accept-Ranges bytes Content-Length 62
GET H/1.1	200 OK	_payload.json Show response lp.k8.io/license/ Frame 674C	62 B 305 B	145ms 145ms	Fetch application/json	34.34.143.37 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lp.k8.io/license/_payload.json Requested by Host: lp.k8.io URL: https://lp.k8.io/_nuxt/entry.YqFNM1KY.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.34.143.37 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 37.143.34.34.bc.googleusercontent.com Software nginx/1.25.4 / Resource Hash f3e6f5d53f9ce35dc8d633e6be96d8ed5f452193cc8c0fa99cf536dc6a38a742 Request headers accept-language en-US,en;q=0.9 Referer https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 25 Mar 2024 22:04:20 GMT Last-Modified Fri, 22 Mar 2024 08:24:48 GMT Server nginx/1.25.4 ETag "65fd4050-3e" Content-Type application/json Connection keep-alive Accept-Ranges bytes Content-Length 62
GET H/1.1	200 OK	_payload.json Show response lp.k8.io/welcome-package/ Frame 674C	62 B 305 B	144ms 144ms	Fetch application/json	34.34.143.37 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lp.k8.io/welcome-package/_payload.json Requested by Host: lp.k8.io URL: https://lp.k8.io/_nuxt/entry.YqFNM1KY.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.34.143.37 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 37.143.34.34.bc.googleusercontent.com Software nginx/1.25.4 / Resource Hash f3e6f5d53f9ce35dc8d633e6be96d8ed5f452193cc8c0fa99cf536dc6a38a742 Request headers accept-language en-US,en;q=0.9 Referer https://lp.k8.io/?invite=JapanCasinos&From=VIP107&Welcome User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 25 Mar 2024 22:04:20 GMT Last-Modified Fri, 22 Mar 2024 08:24:48 GMT Server nginx/1.25.4 ETag "65fd4050-3e" Content-Type application/json Connection keep-alive Accept-Ranges bytes Content-Length 62
GET H3	200	NotoSansJP-Regular.woff fonts.gstatic.com/ea/notosansjapanese/v6/	2 MB 2 MB	73ms 72ms	Font font/woff	2607:f8b0:4006:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/ea/notosansjapanese/v6/NotoSansJP-Regular.woff Requested by Host: rv589.facialbeautyinc.com URL: https://rv589.facialbeautyinc.com/wp-content/themes/KAjp3/css/base.css Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash afc0d91d02e145f4b61aeb70ef14a023e79b4dc19dbc1ac363a3c3a2afd199a2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://rv589.facialbeautyinc.com/ Origin https://rv589.facialbeautyinc.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 20 Mar 2024 09:19:16 GMT x-content-type-options nosniff age 477905 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1865656 x-xss-protection 0 last-modified Tue, 22 Sep 2015 23:26:49 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 20 Mar 2025 09:19:16 GMT
GET H2	200	id Show response googleads.g.doubleclick.net/pagead/ Frame 52FD Redirect Chain https://googleads.g.doubleclick.net/pagead/id https://googleads.g.doubleclick.net/pagead/id?slf_rd=1	100 B 242 B	82ms 81ms	XHR application/json	2607:f8b0:4006:80c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/?playsinline=1&playlist=o1ldneqKzIU%2CDxX2HL5vask%2CbUsvdWtXYmA%2CajhqGe2-yNM%2CjgBpPFW24Gs%2CL4aDNmLBkTw%2CIxDWSsdq89c%2CLwKTbb8S-7Q%2CsUNwYetUgDY%2CJVx4GVqj5qQ&loop=1&autoplay=1&mute=1&widget_referrer=https%3A%2F%2Flp.k8.io%2F&enablejsapi=1&origin=https%3A%2F%2Fvideos.k8team.top&widgetid=1 Protocol H2 Server 2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8f6ff2e35ef428aef5777e73df93acbf011d4f2b461bd4b9901cc25889647b4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:22 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 120 x-xss-protection 0 pragma no-cache server cafe content-type application/json; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Mon, 25 Mar 2024 22:04:22 GMT x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 access-control-allow-origin https://www.youtube.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ad_status.js Show response static.doubleclick.net/instream/ Frame 52FD	29 B 494 B	539ms 69ms	Script text/javascript	2607:f8b0:4006:824::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://static.doubleclick.net/instream/ad_status.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/2923e6f1/www-embed-player.vflset/www-embed-player.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 21:54:02 GMT x-content-type-options nosniff age 620 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29 x-xss-protection 0 last-modified Thu, 12 Dec 2013 23:40:16 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 25 Mar 2024 22:09:02 GMT
OPTIONS H2	200	Create jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0	493ms 76ms	Preflight text/html	2607:f8b0:4006:81e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-goog-api-key,x-user-agent Access-Control-Request-Method POST Origin https://www.youtube.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-goog-api-key,x-user-agent access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://www.youtube.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Mon, 25 Mar 2024 22:04:22 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
POST H2	200	Create Show response jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 52FD	89 KB 41 KB	86ms 84ms	XHR application/json+protobuf	2607:f8b0:4006:81e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2da03002122969833643fee86ed0f4464cbcc0a14bf20d38b79f6856b700c34a Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-User-Agent grpc-web-javascript/0.1 Referer https://www.youtube.com/ X-Goog-Api-Key AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type application/json+protobuf Response headers date Mon, 25 Mar 2024 22:04:22 GMT content-encoding gzip x-content-type-options nosniff server ESF vary Origin, X-Origin, Referer x-frame-options SAMEORIGIN content-type application/json+protobuf; charset=UTF-8 access-control-allow-origin https://www.youtube.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41761 x-xss-protection 0
POST H3	200	player Show response www.youtube.com/youtubei/v1/ Frame 52FD	73 KB 31 KB	151ms 150ms	XHR application/json	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/player?prettyPrint=false Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash b13ef460f24cd87abf13a91991d77e0806be6112ff6e9a0ac4f2d14d11e49310 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-Youtube-Bootstrap-Logged-In false accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type application/json Referer https://www.youtube.com/embed/?playsinline=1&playlist=o1ldneqKzIU%2CDxX2HL5vask%2CbUsvdWtXYmA%2CajhqGe2-yNM%2CjgBpPFW24Gs%2CL4aDNmLBkTw%2CIxDWSsdq89c%2CLwKTbb8S-7Q%2CsUNwYetUgDY%2CJVx4GVqj5qQ&loop=1&autoplay=1&mute=1&widget_referrer=https%3A%2F%2Flp.k8.io%2F&enablejsapi=1&origin=https%3A%2F%2Fvideos.k8team.top&widgetid=1 X-Youtube-Client-Name 56 X-Youtube-Client-Version 1.20240320.00.00 X-Goog-Visitor-Id Cgt0OEdfcnlUdDZpWSjk6YewBjIKCgJVUxIEGgAgKQ%3D%3D Response headers date Mon, 25 Mar 2024 22:04:21 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31325 x-xss-protection 0
GET H2	200	L2pH9zZ7r2OJpuXU7uL7n8NJSLzBNlHl64n-oK-u8oc.js Show response www.google.com/js/th/ Frame 52FD	52 KB 20 KB	404ms 67ms	Script text/javascript	2607:f8b0:4006:822::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/th/L2pH9zZ7r2OJpuXU7uL7n8NJSLzBNlHl64n-oK-u8oc.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2f6a47f7367baf6389a6e5d4eee2fb9fc34948bcc13651e5eb89fea0afaef287 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 20 Mar 2024 05:04:51 GMT content-encoding br x-content-type-options nosniff age 493171 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20262 x-xss-protection 0 last-modified Tue, 19 Mar 2024 16:00:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 20 Mar 2025 05:04:51 GMT
GET H3	200	embed.js Show response www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/ Frame 52FD	57 KB 18 KB	67ms 67ms	Script text/javascript	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/embed.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c72dbcb58f3ed87e0e2c18186dcfbb4a5405db86cd3ac7a9616a6c411b035375 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/embed/?playsinline=1&playlist=o1ldneqKzIU%2CDxX2HL5vask%2CbUsvdWtXYmA%2CajhqGe2-yNM%2CjgBpPFW24Gs%2CL4aDNmLBkTw%2CIxDWSsdq89c%2CLwKTbb8S-7Q%2CsUNwYetUgDY%2CJVx4GVqj5qQ&loop=1&autoplay=1&mute=1&widget_referrer=https%3A%2F%2Flp.k8.io%2F&enablejsapi=1&origin=https%3A%2F%2Fvideos.k8team.top&widgetid=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 07:21:03 GMT content-encoding br x-content-type-options nosniff age 398599 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18068 x-xss-protection 0 last-modified Thu, 21 Mar 2024 04:22:17 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 21 Mar 2025 07:21:03 GMT
GET DATA	200 OK	truncated / Frame 52FD	175 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Type image/png
GET H2	200	0TBNmE2D0St68x3cXuZZFapbiceU6dUtl2zeDgHJcp8hJQo-ZU74G5HASuNIvQ-MiR1VSGD6bw=s68-c-k-c0x00ffffff-no-rj yt3.ggpht.com/ Frame 52FD	5 KB 5 KB	217ms 71ms	Image image/jpeg	2607:f8b0:4006:81d::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://yt3.ggpht.com/0TBNmE2D0St68x3cXuZZFapbiceU6dUtl2zeDgHJcp8hJQo-ZU74G5HASuNIvQ-MiR1VSGD6bw=s68-c-k-c0x00ffffff-no-rj Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/?playsinline=1&playlist=o1ldneqKzIU%2CDxX2HL5vask%2CbUsvdWtXYmA%2CajhqGe2-yNM%2CjgBpPFW24Gs%2CL4aDNmLBkTw%2CIxDWSsdq89c%2CLwKTbb8S-7Q%2CsUNwYetUgDY%2CJVx4GVqj5qQ&loop=1&autoplay=1&mute=1&widget_referrer=https%3A%2F%2Flp.k8.io%2F&enablejsapi=1&origin=https%3A%2F%2Fvideos.k8team.top&widgetid=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 0a0af61d43a728d9b2d0d6c143cb2d1457b7fa2ed80486c5eb184a9b8e175c3e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 20:46:00 GMT x-content-type-options nosniff age 4702 content-disposition inline;filename="channels4_profile.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4949 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Tue, 26 Mar 2024 20:46:00 GMT
GET DATA	200 OK	truncated / Frame 52FD	275 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c0a2e1755c774f1f301ff3b5206ce2545886cb3cca18ecfa7bdcbbe3d1cf8fb5 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Type image/png
POST H3	200	GenerateIT Show response jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 52FD	90 B 134 B	87ms 86ms	XHR application/json+protobuf	2607:f8b0:4006:81e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 969072773db12cf3222bc4c03ddbe2b6333a68bdf00cc4f66abd854fcfda4d37 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-User-Agent grpc-web-javascript/0.1 Referer https://www.youtube.com/ X-Goog-Api-Key AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type application/json+protobuf Response headers date Mon, 25 Mar 2024 22:04:22 GMT content-encoding gzip x-content-type-options nosniff server ESF vary Origin, X-Origin, Referer x-frame-options SAMEORIGIN content-type application/json+protobuf; charset=UTF-8 access-control-allow-origin https://www.youtube.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 110 x-xss-protection 0
OPTIONS H3	200	GenerateIT jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0	74ms 73ms	Preflight text/html	2607:f8b0:4006:81e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-goog-api-key,x-user-agent Access-Control-Request-Method POST Origin https://www.youtube.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-goog-api-key,x-user-agent access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://www.youtube.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Mon, 25 Mar 2024 22:04:22 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
POST H3	204	qoe Show response www.youtube.com/api/stats/ Frame 52FD	0 19 B	92ms 91ms	XHR text/html	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/api/stats/qoe?fmt=243&cpn=K2J3Cdhi3t79WcfN&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C73455%2C230596%2C84737%2C36318%2C6271%2C26439494%2C4054%2C7111%2C9369%2C10825%2C16149%2C9673%2C281%2C1192%2C26496%2C1598%2C3460%2C1908%2C2%2C2870%2C3819%2C655%2C225%2C1127%2C18642%2C2948%2C6761%2C795%2C644%2C58%2C185%2C12853&cl=617698619&seq=1&docid=o1ldneqKzIU&ei=5fQBZqSbMMSJ_9EPwZSs4A4&event=streamingstats&plid=AAYUg1sXsY3GjZlK&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F%3Fplaysinline%3D1%26playlist%3Do1ldneqKzIU%252CDxX2HL5vask%252CbUsvdWtXYmA%252CajhqGe2-yNM%252CjgBpPFW24Gs%252CL4aDNmLBkTw%252CIxDWSsdq89c%252CLwKTbb8S-7Q%252CsUNwYetUgDY%252CJVx4GVqj5qQ%26loop%3D1%26autoplay%3D1%26mute%3D1%26widget_referrer%3Dhttps%253A%252F%252Flp.k8.io%252F%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fvideos.k8team.top%26widgetid%3D1&qclc=ChBLMkozQ2RoaTN0NzlXY2ZOEAE&embargoed=0&cbr=Chrome&cbrver=122.0.6261.128&c=WEB_EMBEDDED_PLAYER&cver=1.20240320.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.038:B,0.989:B,0.989:B&cat=streaming&cmt=0.038:0.000,0.989:0.000&vfs=0.989:243:243::r&view=0.989:380:260&bwe=0.989:130000&bat=0.989:1:1&vis=0.989:0&bh=0.989:0.000 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Video Stats Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type application/x-www-form-urlencoded X-YouTube-Utc-Offset -600 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/?playsinline=1&playlist=o1ldneqKzIU%2CDxX2HL5vask%2CbUsvdWtXYmA%2CajhqGe2-yNM%2CjgBpPFW24Gs%2CL4aDNmLBkTw%2CIxDWSsdq89c%2CLwKTbb8S-7Q%2CsUNwYetUgDY%2CJVx4GVqj5qQ&loop=1&autoplay=1&mute=1&widget_referrer=https%3A%2F%2Flp.k8.io%2F&enablejsapi=1&origin=https%3A%2F%2Fvideos.k8team.top&widgetid=1 X-YouTube-Client-Version 1.20240320.00.00 X-YouTube-Time-Zone Pacific/Honolulu X-Goog-Visitor-Id Cgt0OEdfcnlUdDZpWSjk6YewBjIKCgJVUxIEGgAgKQ%3D%3D X-YouTube-Ad-Signals dt=1711404261527&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C380%2C260&vis=1&wgl=true&ca_type=image Response headers pragma no-cache date Mon, 25 Mar 2024 22:04:22 GMT x-content-type-options nosniff server Video Stats Server x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, must-revalidate access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200 OK	videoplayback Show response rr1---sn-q4fzen7e.googlevideo.com/ Frame 52FD	139 KB 140 KB	1197ms 107ms	Fetch application/vnd.yt-ump	2607:f8b0:4000:9::6 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr1---sn-q4fzen7e.googlevideo.com/videoplayback?expire=1711425861&ei=5fQBZqSbMMSJ_9EPwZSs4A4&ip=2001%3A550%3A1d05%3A1%3A%3A7&id=o-ANTR73t_i1-jRba6nwTi2pVFGnefiyulvaHOuAODBK3y&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=M3&mm=31%2C26&mn=sn-q4fzen7e%2Csn-vgqsknzz&ms=au%2Conr&mv=m&mvi=1&pl=48&initcwndbps=2325000&spc=UWF9fyzVJ1aQ2odSILJMdAglTaD2BFqrcRlCZdDSpeWjpE8&vprv=1&svpuc=1&mime=video%2Fwebm&ns=2ZL2QhcTOAXJJvAcOv5sq5UQ&gir=yes&clen=16866106&dur=307.941&lmt=1709819111586753&mt=1711403326&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=530F224&n=g3l64OCfPVGlSQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRgIhAN3o4WyTL5zTSGoTr8r9Nyzn0N-EIVXT4aYH-UpbbM2kAiEAq1deiaTEu8NL-z6EJn9MOlWbLWd4FpVBlETIbUCJ4vA%3D&alr=yes&sig=AJfQdSswRQIgWfI3Q5RsMAuCvzbhe6u_hKNtNsxSyIDdyjpiwlqjL6wCIQCJCc_zMIjbL-oGBhO0qfwI_c125stzG26bMGXqOYNEsA%3D%3D&cpn=K2J3Cdhi3t79WcfN&cver=1.20240320.00.00&range=0-142272&rn=1&rbuf=0&pot=IjiMRoxA6kd4oM8h-HbDA-gg7yjgE-gC1jbbFeYtuh_pMc4sxQ3PIcYQ2T7FA8shzSHHF6l1yGO_Ag==&ump=1&srfvp=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/base.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4000:9::6 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash 25f2e86d3aa885d3dbd65b79fc11b214d7fb27578b679ed6d51b04569819e065 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 25 Mar 2024 22:04:23 GMT X-Restrict-Formats-Hint None X-Content-Type-Options nosniff Transfer-Encoding chunked Cross-Origin-Resource-Policy cross-origin Connection keep-alive Alt-Svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" Last-Modified Thu, 07 Mar 2024 13:45:11 GMT Server gvs 1.0 Vary Origin Content-Type application/vnd.yt-ump Access-Control-Allow-Origin https://www.youtube.com Access-Control-Expose-Headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms Cache-Control private, max-age=21298 Access-Control-Allow-Credentials true Timing-Allow-Origin https://www.youtube.com Expires Mon, 25 Mar 2024 22:04:23 GMT
POST H/1.1	200 OK	videoplayback Show response rr1---sn-q4fzen7e.googlevideo.com/ Frame 52FD	65 KB 66 KB	1154ms 68ms	Fetch application/vnd.yt-ump	2607:f8b0:4000:9::6 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr1---sn-q4fzen7e.googlevideo.com/videoplayback?expire=1711425861&ei=5fQBZqSbMMSJ_9EPwZSs4A4&ip=2001%3A550%3A1d05%3A1%3A%3A7&id=o-ANTR73t_i1-jRba6nwTi2pVFGnefiyulvaHOuAODBK3y&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=M3&mm=31%2C26&mn=sn-q4fzen7e%2Csn-vgqsknzz&ms=au%2Conr&mv=m&mvi=1&pl=48&initcwndbps=2325000&spc=UWF9fyzVJ1aQ2odSILJMdAglTaD2BFqrcRlCZdDSpeWjpE8&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=2ZL2QhcTOAXJJvAcOv5sq5UQ&gir=yes&clen=4533498&dur=307.981&lmt=1709819376622501&mt=1711403326&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=g3l64OCfPVGlSQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRAIgNT_WuSyCr1lKrJLsWlWYXndCNrU0cwgIP-dcebc-L90CIApXnkIlix6tm_PMFNRFHTvHGUriD6I1_5GzB8WGaYas&alr=yes&sig=AJfQdSswRQIhAIMH9tRUotrh1PLHvW6R9Nzvj0X5aAlB4utnWK7RMbfmAiA-4CA0lsxdRbPuOMNzTlSAe_U0zV0Eof6hkRN9ODZmMw%3D%3D&cpn=K2J3Cdhi3t79WcfN&cver=1.20240320.00.00&range=0-66325&rn=2&rbuf=0&pot=IjhO907xKPa6EQ2QOscBsiqRLZkioiqzFIcZpCSceK4rgAydB7wNkAShG48HsgmQD5AFpmvECtJ9sw==&ump=1&srfvp=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/base.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4000:9::6 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash b838c0613c025dc7e6ec88f5bd9064f1f032f40172d13eda68752474d70bb4b9 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 25 Mar 2024 22:04:23 GMT X-Content-Type-Options nosniff Transfer-Encoding chunked Cross-Origin-Resource-Policy cross-origin Connection keep-alive Alt-Svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" Last-Modified Thu, 07 Mar 2024 13:49:36 GMT Server gvs 1.0 Vary Origin Content-Type application/vnd.yt-ump Access-Control-Allow-Origin https://www.youtube.com Access-Control-Expose-Headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms Cache-Control private, max-age=21298 Access-Control-Allow-Credentials true Timing-Allow-Origin https://www.youtube.com Expires Mon, 25 Mar 2024 22:04:23 GMT
GET H3	200	remote.js Show response www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/ Frame 52FD	117 KB 33 KB	70ms 69ms	Script text/javascript	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/remote.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bdb5c5d420d726084757ac40575fa14cb3c905545c2c03e4ad5ad209c3bcdd01 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/embed/?playsinline=1&playlist=o1ldneqKzIU%2CDxX2HL5vask%2CbUsvdWtXYmA%2CajhqGe2-yNM%2CjgBpPFW24Gs%2CL4aDNmLBkTw%2CIxDWSsdq89c%2CLwKTbb8S-7Q%2CsUNwYetUgDY%2CJVx4GVqj5qQ&loop=1&autoplay=1&mute=1&widget_referrer=https%3A%2F%2Flp.k8.io%2F&enablejsapi=1&origin=https%3A%2F%2Fvideos.k8team.top&widgetid=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 07:24:58 GMT content-encoding br x-content-type-options nosniff age 398364 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33847 x-xss-protection 0 last-modified Thu, 21 Mar 2024 04:22:17 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 21 Mar 2025 07:24:58 GMT
GET H3	200	captions.js Show response www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/ Frame 52FD	71 KB 24 KB	71ms 69ms	Script text/javascript	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/captions.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ee43184e22392f2162bf3274df11a5421f4bc893543ba1df44b947279d8bc6ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/embed/?playsinline=1&playlist=o1ldneqKzIU%2CDxX2HL5vask%2CbUsvdWtXYmA%2CajhqGe2-yNM%2CjgBpPFW24Gs%2CL4aDNmLBkTw%2CIxDWSsdq89c%2CLwKTbb8S-7Q%2CsUNwYetUgDY%2CJVx4GVqj5qQ&loop=1&autoplay=1&mute=1&widget_referrer=https%3A%2F%2Flp.k8.io%2F&enablejsapi=1&origin=https%3A%2F%2Fvideos.k8team.top&widgetid=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 07:25:47 GMT content-encoding br x-content-type-options nosniff age 398315 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24417 x-xss-protection 0 last-modified Thu, 21 Mar 2024 04:22:17 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 21 Mar 2025 07:25:47 GMT
GET H3	200	endscreen.js Show response www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/ Frame 52FD	34 KB 8 KB	73ms 72ms	Script text/javascript	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/endscreen.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash aaf245f809d1a34574eda4db375b4793a58ab7fcc57c1333738fc3bd521c122c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/embed/?playsinline=1&playlist=o1ldneqKzIU%2CDxX2HL5vask%2CbUsvdWtXYmA%2CajhqGe2-yNM%2CjgBpPFW24Gs%2CL4aDNmLBkTw%2CIxDWSsdq89c%2CLwKTbb8S-7Q%2CsUNwYetUgDY%2CJVx4GVqj5qQ&loop=1&autoplay=1&mute=1&widget_referrer=https%3A%2F%2Flp.k8.io%2F&enablejsapi=1&origin=https%3A%2F%2Fvideos.k8team.top&widgetid=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 07:24:58 GMT content-encoding br x-content-type-options nosniff age 398364 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8433 x-xss-protection 0 last-modified Thu, 21 Mar 2024 04:22:17 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 21 Mar 2025 07:24:58 GMT
POST H3	200	next Show response www.youtube.com/youtubei/v1/ Frame 52FD	32 KB 6 KB	434ms 433ms	XHR application/json	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/next?prettyPrint=false Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash 71ac9cd4735207eca26320970c17e068830de41ec865645024f40e39cf546e55 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-Youtube-Bootstrap-Logged-In false accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type application/json Referer https://www.youtube.com/embed/?playsinline=1&playlist=o1ldneqKzIU%2CDxX2HL5vask%2CbUsvdWtXYmA%2CajhqGe2-yNM%2CjgBpPFW24Gs%2CL4aDNmLBkTw%2CIxDWSsdq89c%2CLwKTbb8S-7Q%2CsUNwYetUgDY%2CJVx4GVqj5qQ&loop=1&autoplay=1&mute=1&widget_referrer=https%3A%2F%2Flp.k8.io%2F&enablejsapi=1&origin=https%3A%2F%2Fvideos.k8team.top&widgetid=1 X-Youtube-Client-Name 56 X-Youtube-Client-Version 1.20240320.00.00 X-Goog-Visitor-Id Cgt0OEdfcnlUdDZpWSjk6YewBjIKCgJVUxIEGgAgKQ%3D%3D Response headers date Mon, 25 Mar 2024 22:04:23 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5992 x-xss-protection 0
GET H3	204	generate_204 www.youtube.com/ Frame 52FD	0 10 B	71ms 70ms	Image text/plain	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.youtube.com/generate_204?tAerDA Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/?playsinline=1&playlist=o1ldneqKzIU%2CDxX2HL5vask%2CbUsvdWtXYmA%2CajhqGe2-yNM%2CjgBpPFW24Gs%2CL4aDNmLBkTw%2CIxDWSsdq89c%2CLwKTbb8S-7Q%2CsUNwYetUgDY%2CJVx4GVqj5qQ&loop=1&autoplay=1&mute=1&widget_referrer=https%3A%2F%2Flp.k8.io%2F&enablejsapi=1&origin=https%3A%2F%2Fvideos.k8team.top&widgetid=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/embed/?playsinline=1&playlist=o1ldneqKzIU%2CDxX2HL5vask%2CbUsvdWtXYmA%2CajhqGe2-yNM%2CjgBpPFW24Gs%2CL4aDNmLBkTw%2CIxDWSsdq89c%2CLwKTbb8S-7Q%2CsUNwYetUgDY%2CJVx4GVqj5qQ&loop=1&autoplay=1&mute=1&widget_referrer=https%3A%2F%2Flp.k8.io%2F&enablejsapi=1&origin=https%3A%2F%2Fvideos.k8team.top&widgetid=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:22 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	cast_sender.js Show response www.gstatic.com/cv/js/sender/v1/ Frame 52FD	4 KB 2 KB	962ms 104ms	Script text/javascript	2607:f8b0:4006:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 22:04:23 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2007 x-xss-protection 0 last-modified Tue, 16 Feb 2021 23:57:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview" vary Accept-Encoding report-to {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 25 Mar 2024 22:04:23 GMT
GET H2	200	0TBNmE2D0St68x3cXuZZFapbiceU6dUtl2zeDgHJcp8hJQo-ZU74G5HASuNIvQ-MiR1VSGD6bw=s88-c-k-c0x00ffffff-no-rj yt3.ggpht.com/ Frame 52FD	6 KB 6 KB	70ms 69ms	Image image/jpeg	2607:f8b0:4006:81d::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://yt3.ggpht.com/0TBNmE2D0St68x3cXuZZFapbiceU6dUtl2zeDgHJcp8hJQo-ZU74G5HASuNIvQ-MiR1VSGD6bw=s88-c-k-c0x00ffffff-no-rj Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/?playsinline=1&playlist=o1ldneqKzIU%2CDxX2HL5vask%2CbUsvdWtXYmA%2CajhqGe2-yNM%2CjgBpPFW24Gs%2CL4aDNmLBkTw%2CIxDWSsdq89c%2CLwKTbb8S-7Q%2CsUNwYetUgDY%2CJVx4GVqj5qQ&loop=1&autoplay=1&mute=1&widget_referrer=https%3A%2F%2Flp.k8.io%2F&enablejsapi=1&origin=https%3A%2F%2Fvideos.k8team.top&widgetid=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 4cb4939c4b7c442c9162ffa20b2413e15ffd147aaf480b68599a5a8d920f5210 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 20:46:01 GMT x-content-type-options nosniff age 4702 content-disposition inline;filename="channels4_profile.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6505 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Tue, 26 Mar 2024 20:46:01 GMT
GET H2	200	cast_sender.js Show response www.gstatic.com/eureka/clank/122/ Frame 52FD	50 KB 15 KB	70ms 69ms	Script text/javascript	2607:f8b0:4006:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/eureka/clank/122/cast_sender.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 765a638d2813ec1b917fc56cf90863f88991ef2550c1a14c99e9e9b243e80f74 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 25 Mar 2024 07:56:12 GMT content-encoding gzip x-content-type-options nosniff age 50891 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14711 x-xss-protection 0 last-modified Mon, 15 Jan 2024 16:03:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview-release" vary Accept-Encoding report-to {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]} content-type text/javascript cache-control public, max-age=86400 accept-ranges bytes expires Tue, 26 Mar 2024 07:56:12 GMT
POST H3	200	log_event Show response www.youtube.com/youtubei/v1/ Frame 52FD	28 B 50 B	136ms 131ms	XHR application/json	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/2923e6f1/www-embed-player.vflset/www-embed-player.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 X-Goog-Request-Time 1711404263952 Content-Type application/json X-YouTube-Utc-Offset -600 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/?playsinline=1&playlist=o1ldneqKzIU%2CDxX2HL5vask%2CbUsvdWtXYmA%2CajhqGe2-yNM%2CjgBpPFW24Gs%2CL4aDNmLBkTw%2CIxDWSsdq89c%2CLwKTbb8S-7Q%2CsUNwYetUgDY%2CJVx4GVqj5qQ&loop=1&autoplay=1&mute=1&widget_referrer=https%3A%2F%2Flp.k8.io%2F&enablejsapi=1&origin=https%3A%2F%2Fvideos.k8team.top&widgetid=1 X-YouTube-Client-Version 1.20240320.00.00 X-YouTube-Time-Zone Pacific/Honolulu X-Goog-Visitor-Id Cgt0OEdfcnlUdDZpWSjk6YewBjIKCgJVUxIEGgAgKQ%3D%3D X-YouTube-Ad-Signals dt=1711404261342&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C380%2C260&vis=1&wgl=true&ca_type=image Response headers date Mon, 25 Mar 2024 22:04:24 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31 x-xss-protection 0
POST H3	200	videoplayback Show response rr1---sn-q4fzen7e.googlevideo.com/ Frame 52FD	70 KB 70 KB	150ms 65ms	Fetch application/vnd.yt-ump	2607:f8b0:4000:9::6 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr1---sn-q4fzen7e.googlevideo.com/videoplayback?expire=1711425861&ei=5fQBZqSbMMSJ_9EPwZSs4A4&ip=2001%3A550%3A1d05%3A1%3A%3A7&id=o-ANTR73t_i1-jRba6nwTi2pVFGnefiyulvaHOuAODBK3y&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=M3&mm=31%2C26&mn=sn-q4fzen7e%2Csn-vgqsknzz&ms=au%2Conr&mv=m&mvi=1&pl=48&initcwndbps=2325000&spc=UWF9fyzVJ1aQ2odSILJMdAglTaD2BFqrcRlCZdDSpeWjpE8&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=2ZL2QhcTOAXJJvAcOv5sq5UQ&gir=yes&clen=4533498&dur=307.981&lmt=1709819376622501&mt=1711403326&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=g3l64OCfPVGlSQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRAIgNT_WuSyCr1lKrJLsWlWYXndCNrU0cwgIP-dcebc-L90CIApXnkIlix6tm_PMFNRFHTvHGUriD6I1_5GzB8WGaYas&alr=yes&sig=AJfQdSswRQIhAIMH9tRUotrh1PLHvW6R9Nzvj0X5aAlB4utnWK7RMbfmAiA-4CA0lsxdRbPuOMNzTlSAe_U0zV0Eof6hkRN9ODZmMw%3D%3D&cpn=K2J3Cdhi3t79WcfN&cver=1.20240320.00.00&range=66326-138381&rn=3&rbuf=4764&pot=MnSQLugblBk2oZAWjSRqfuYD0b160A0nw78vbv71zRtp_6ApL6e0f4mQa8jqOXdS2vdGleGrk0FoCrh4QgwNeDHKgmSGPAaw0kUT80EhuPXRWwWpbrAaQzzNJwWCppKbu1EKYrgJiCBmZlhnL6kEeU5QDF3mtw==&ump=1&srfvp=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4000:9::6 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash af35df9d430b77eb1b2b640e37c30fdee99197bfcc7417783b60157cea105d1b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers client-protocol quic date Mon, 25 Mar 2024 22:04:24 GMT x-content-type-options nosniff last-modified Thu, 07 Mar 2024 13:49:36 GMT server gvs 1.0 vary Origin content-type application/vnd.yt-ump access-control-allow-origin https://www.youtube.com access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21297 access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin https://www.youtube.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" expires Mon, 25 Mar 2024 22:04:24 GMT
POST H3	200	log_event Show response www.youtube.com/youtubei/v1/ Frame 52FD	28 B 50 B	87ms 84ms	XHR application/json	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/2923e6f1/www-embed-player.vflset/www-embed-player.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 X-Goog-Request-Time 1711404264077 Content-Type application/json X-YouTube-Utc-Offset -600 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/?playsinline=1&playlist=o1ldneqKzIU%2CDxX2HL5vask%2CbUsvdWtXYmA%2CajhqGe2-yNM%2CjgBpPFW24Gs%2CL4aDNmLBkTw%2CIxDWSsdq89c%2CLwKTbb8S-7Q%2CsUNwYetUgDY%2CJVx4GVqj5qQ&loop=1&autoplay=1&mute=1&widget_referrer=https%3A%2F%2Flp.k8.io%2F&enablejsapi=1&origin=https%3A%2F%2Fvideos.k8team.top&widgetid=1 X-YouTube-Client-Version 1.20240320.00.00 X-YouTube-Time-Zone Pacific/Honolulu X-Goog-Visitor-Id Cgt0OEdfcnlUdDZpWSjk6YewBjIKCgJVUxIEGgAgKQ%3D%3D X-YouTube-Ad-Signals dt=1711404261342&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C380%2C260&vis=1&wgl=true&ca_type=image Response headers date Mon, 25 Mar 2024 22:04:24 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31 x-xss-protection 0
GET H3	204	playback Show response www.youtube.com/api/stats/ Frame 52FD	0 17 B	86ms 86ms	XHR text/html	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=K2J3Cdhi3t79WcfN&ver=2&cmt=0.043&fmt=243&fs=0&rt=2.383&euri=https%3A%2F%2Fvideos.k8team.top%2F&lact=2456&cl=617698619&mos=1&volume=100&cbr=Chrome&cbrver=122.0.6261.128&c=WEB_EMBEDDED_PLAYER&cver=1.20240320.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&delay=4&hl=en_US&cr=US&len=307.981&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C73455%2C230596%2C84737%2C36318%2C6271%2C26439494%2C4054%2C7111%2C9369%2C10825%2C16149%2C9673%2C281%2C1192%2C26496%2C1598%2C3460%2C1908%2C2%2C2870%2C3819%2C655%2C225%2C1127%2C18642%2C2948%2C6761%2C795%2C644%2C58%2C185%2C12853&rtn=13&afmt=251&size=380%3A260&inview=0.97&muted=1&docid=o1ldneqKzIU&ei=5fQBZqSbMMSJ_9EPwZSs4A4&plid=AAYUg1sXsY3GjZlK&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F%3Fplaysinline%3D1%26playlist%3Do1ldneqKzIU%252CDxX2HL5vask%252CbUsvdWtXYmA%252CajhqGe2-yNM%252CjgBpPFW24Gs%252CL4aDNmLBkTw%252CIxDWSsdq89c%252CLwKTbb8S-7Q%252CsUNwYetUgDY%252CJVx4GVqj5qQ%26loop%3D1%26autoplay%3D1%26mute%3D1%26widget_referrer%3Dhttps%253A%252F%252Flp.k8.io%252F%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fvideos.k8team.top%26widgetid%3D1&list=TLGG7QFdggYdjTQyNTAzMjAyNA&of=blOcMhsINBeXi4TWW_X7Gg&vm=CAEQARgCOjJBSHFpSlRJOHVncUl1cnNwNXNFRmlJUE9wdGJoZWlEa2lHbDRnemRIckk0bFVPSDJhQWJwQVBta0tES0x4ajVPazI2SHdLZTdxNGJNM2ZmSG5mT0wza1pZZFdUQVFCaEtaX052RlEyT3R2akU4Ty1fZFdiMmFWbU9VVmo3YV9vaWFZelJpeVZTR1pwRjc1dEpvWUhEell4eFN1X25JNWwzSjlLSWgC Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Video Stats Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 X-YouTube-Utc-Offset -600 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/?playsinline=1&playlist=o1ldneqKzIU%2CDxX2HL5vask%2CbUsvdWtXYmA%2CajhqGe2-yNM%2CjgBpPFW24Gs%2CL4aDNmLBkTw%2CIxDWSsdq89c%2CLwKTbb8S-7Q%2CsUNwYetUgDY%2CJVx4GVqj5qQ&loop=1&autoplay=1&mute=1&widget_referrer=https%3A%2F%2Flp.k8.io%2F&enablejsapi=1&origin=https%3A%2F%2Fvideos.k8team.top&widgetid=1 X-YouTube-Client-Version 1.20240320.00.00 X-YouTube-Time-Zone Pacific/Honolulu X-Goog-Visitor-Id Cgt0OEdfcnlUdDZpWSjk6YewBjIKCgJVUxIEGgAgKQ%3D%3D X-YouTube-Ad-Signals dt=1711404261527&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C380%2C260&vis=1&wgl=true&ca_type=image Response headers pragma no-cache date Mon, 25 Mar 2024 22:04:24 GMT x-content-type-options nosniff server Video Stats Server x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	ptracking Show response www.youtube.com/ Frame 52FD	0 17 B	85ms 84ms	XHR text/html	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/ptracking?html5=1&video_id=o1ldneqKzIU&cpn=K2J3Cdhi3t79WcfN&ei=5fQBZqSbMMSJ_9EPwZSs4A4&ptk=youtube_single&oid=M0O5y4ipxDomi0B9ya4uIw&pltype=contentugc Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Video Stats Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 X-YouTube-Utc-Offset -600 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/?playsinline=1&playlist=o1ldneqKzIU%2CDxX2HL5vask%2CbUsvdWtXYmA%2CajhqGe2-yNM%2CjgBpPFW24Gs%2CL4aDNmLBkTw%2CIxDWSsdq89c%2CLwKTbb8S-7Q%2CsUNwYetUgDY%2CJVx4GVqj5qQ&loop=1&autoplay=1&mute=1&widget_referrer=https%3A%2F%2Flp.k8.io%2F&enablejsapi=1&origin=https%3A%2F%2Fvideos.k8team.top&widgetid=1 X-YouTube-Client-Version 1.20240320.00.00 X-YouTube-Time-Zone Pacific/Honolulu X-Goog-Visitor-Id Cgt0OEdfcnlUdDZpWSjk6YewBjIKCgJVUxIEGgAgKQ%3D%3D X-YouTube-Ad-Signals dt=1711404261527&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C380%2C260&vis=1&wgl=true&ca_type=image Response headers pragma no-cache date Mon, 25 Mar 2024 22:04:24 GMT x-content-type-options nosniff server Video Stats Server x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	videoplayback Show response rr1---sn-q4fzen7e.googlevideo.com/ Frame 52FD	279 KB 279 KB	66ms 65ms	Fetch application/vnd.yt-ump	2607:f8b0:4000:9::6 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr1---sn-q4fzen7e.googlevideo.com/videoplayback?expire=1711425861&ei=5fQBZqSbMMSJ_9EPwZSs4A4&ip=2001%3A550%3A1d05%3A1%3A%3A7&id=o-ANTR73t_i1-jRba6nwTi2pVFGnefiyulvaHOuAODBK3y&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=M3&mm=31%2C26&mn=sn-q4fzen7e%2Csn-vgqsknzz&ms=au%2Conr&mv=m&mvi=1&pl=48&initcwndbps=2325000&spc=UWF9fyzVJ1aQ2odSILJMdAglTaD2BFqrcRlCZdDSpeWjpE8&vprv=1&svpuc=1&mime=video%2Fwebm&ns=2ZL2QhcTOAXJJvAcOv5sq5UQ&gir=yes&clen=16866106&dur=307.941&lmt=1709819111586753&mt=1711403326&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=530F224&n=g3l64OCfPVGlSQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRgIhAN3o4WyTL5zTSGoTr8r9Nyzn0N-EIVXT4aYH-UpbbM2kAiEAq1deiaTEu8NL-z6EJn9MOlWbLWd4FpVBlETIbUCJ4vA%3D&alr=yes&sig=AJfQdSswRQIgWfI3Q5RsMAuCvzbhe6u_hKNtNsxSyIDdyjpiwlqjL6wCIQCJCc_zMIjbL-oGBhO0qfwI_c125stzG26bMGXqOYNEsA%3D%3D&cpn=K2J3Cdhi3t79WcfN&cver=1.20240320.00.00&range=142273-427593&rn=4&rbuf=5143&pot=MnSQLugblBk2oZAWjSRqfuYD0b160A0nw78vbv71zRtp_6ApL6e0f4mQa8jqOXdS2vdGleGrk0FoCrh4QgwNeDHKgmSGPAaw0kUT80EhuPXRWwWpbrAaQzzNJwWCppKbu1EKYrgJiCBmZlhnL6kEeU5QDF3mtw==&ump=1&srfvp=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4000:9::6 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash 5351b30d31e0fa1830d6ada79ca839d4c536ee40591806c90ec398edd7dbb90b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers expires Mon, 25 Mar 2024 22:04:24 GMT date Mon, 25 Mar 2024 22:04:24 GMT x-restrict-formats-hint None x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" last-modified Thu, 07 Mar 2024 13:45:11 GMT server gvs 1.0 vary Origin content-type application/vnd.yt-ump access-control-allow-origin https://www.youtube.com access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21297 access-control-allow-credentials true timing-allow-origin https://www.youtube.com client-protocol quic
POST H3	200	videoplayback Show response rr1---sn-q4fzen7e.googlevideo.com/ Frame 52FD	144 KB 144 KB	66ms 65ms	Fetch application/vnd.yt-ump	2607:f8b0:4000:9::6 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr1---sn-q4fzen7e.googlevideo.com/videoplayback?expire=1711425861&ei=5fQBZqSbMMSJ_9EPwZSs4A4&ip=2001%3A550%3A1d05%3A1%3A%3A7&id=o-ANTR73t_i1-jRba6nwTi2pVFGnefiyulvaHOuAODBK3y&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=M3&mm=31%2C26&mn=sn-q4fzen7e%2Csn-vgqsknzz&ms=au%2Conr&mv=m&mvi=1&pl=48&initcwndbps=2325000&spc=UWF9fyzVJ1aQ2odSILJMdAglTaD2BFqrcRlCZdDSpeWjpE8&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=2ZL2QhcTOAXJJvAcOv5sq5UQ&gir=yes&clen=4533498&dur=307.981&lmt=1709819376622501&mt=1711403326&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=g3l64OCfPVGlSQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRAIgNT_WuSyCr1lKrJLsWlWYXndCNrU0cwgIP-dcebc-L90CIApXnkIlix6tm_PMFNRFHTvHGUriD6I1_5GzB8WGaYas&alr=yes&sig=AJfQdSswRQIhAIMH9tRUotrh1PLHvW6R9Nzvj0X5aAlB4utnWK7RMbfmAiA-4CA0lsxdRbPuOMNzTlSAe_U0zV0Eof6hkRN9ODZmMw%3D%3D&cpn=K2J3Cdhi3t79WcfN&cver=1.20240320.00.00&range=138382-286045&rn=5&rbuf=9554&pot=MnSQLugblBk2oZAWjSRqfuYD0b160A0nw78vbv71zRtp_6ApL6e0f4mQa8jqOXdS2vdGleGrk0FoCrh4QgwNeDHKgmSGPAaw0kUT80EhuPXRWwWpbrAaQzzNJwWCppKbu1EKYrgJiCBmZlhnL6kEeU5QDF3mtw==&ump=1&srfvp=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4000:9::6 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash 20a3ad1cfac9ce9a9038577398faab1ef675385e731612739f94a41ce5a06c47 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers client-protocol quic date Mon, 25 Mar 2024 22:04:24 GMT x-content-type-options nosniff last-modified Thu, 07 Mar 2024 13:49:36 GMT server gvs 1.0 vary Origin content-type application/vnd.yt-ump access-control-allow-origin https://www.youtube.com access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21297 access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin https://www.youtube.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" expires Mon, 25 Mar 2024 22:04:24 GMT
POST H3	200	videoplayback Show response rr1---sn-q4fzen7e.googlevideo.com/ Frame 52FD	478 KB 478 KB	68ms 68ms	Fetch application/vnd.yt-ump	2607:f8b0:4000:9::6 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr1---sn-q4fzen7e.googlevideo.com/videoplayback?expire=1711425861&ei=5fQBZqSbMMSJ_9EPwZSs4A4&ip=2001%3A550%3A1d05%3A1%3A%3A7&id=o-ANTR73t_i1-jRba6nwTi2pVFGnefiyulvaHOuAODBK3y&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=M3&mm=31%2C26&mn=sn-q4fzen7e%2Csn-vgqsknzz&ms=au%2Conr&mv=m&mvi=1&pl=48&initcwndbps=2325000&spc=UWF9fyzVJ1aQ2odSILJMdAglTaD2BFqrcRlCZdDSpeWjpE8&vprv=1&svpuc=1&mime=video%2Fwebm&ns=2ZL2QhcTOAXJJvAcOv5sq5UQ&gir=yes&clen=16866106&dur=307.941&lmt=1709819111586753&mt=1711403326&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=530F224&n=g3l64OCfPVGlSQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRgIhAN3o4WyTL5zTSGoTr8r9Nyzn0N-EIVXT4aYH-UpbbM2kAiEAq1deiaTEu8NL-z6EJn9MOlWbLWd4FpVBlETIbUCJ4vA%3D&alr=yes&sig=AJfQdSswRQIgWfI3Q5RsMAuCvzbhe6u_hKNtNsxSyIDdyjpiwlqjL6wCIQCJCc_zMIjbL-oGBhO0qfwI_c125stzG26bMGXqOYNEsA%3D%3D&cpn=K2J3Cdhi3t79WcfN&cver=1.20240320.00.00&range=427594-916867&rn=6&rbuf=9814&pot=MnSQLugblBk2oZAWjSRqfuYD0b160A0nw78vbv71zRtp_6ApL6e0f4mQa8jqOXdS2vdGleGrk0FoCrh4QgwNeDHKgmSGPAaw0kUT80EhuPXRWwWpbrAaQzzNJwWCppKbu1EKYrgJiCBmZlhnL6kEeU5QDF3mtw==&ump=1&srfvp=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4000:9::6 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash 5dec42c3dddbd0da12c2dddbcd7affe6b0b27f69f03919bdd78b46bdf4853ba4 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers expires Mon, 25 Mar 2024 22:04:24 GMT date Mon, 25 Mar 2024 22:04:24 GMT x-restrict-formats-hint None x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" last-modified Thu, 07 Mar 2024 13:45:11 GMT server gvs 1.0 vary Origin content-type application/vnd.yt-ump access-control-allow-origin https://www.youtube.com access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21297 access-control-allow-credentials true timing-allow-origin https://www.youtube.com client-protocol quic
POST H3	200	log_event Show response www.youtube.com/youtubei/v1/ Frame 52FD	28 B 50 B	85ms 84ms	XHR application/json	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/2923e6f1/www-embed-player.vflset/www-embed-player.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 X-Goog-Request-Time 1711404266099 Content-Type application/json X-YouTube-Utc-Offset -600 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/?playsinline=1&playlist=o1ldneqKzIU%2CDxX2HL5vask%2CbUsvdWtXYmA%2CajhqGe2-yNM%2CjgBpPFW24Gs%2CL4aDNmLBkTw%2CIxDWSsdq89c%2CLwKTbb8S-7Q%2CsUNwYetUgDY%2CJVx4GVqj5qQ&loop=1&autoplay=1&mute=1&widget_referrer=https%3A%2F%2Flp.k8.io%2F&enablejsapi=1&origin=https%3A%2F%2Fvideos.k8team.top&widgetid=1 X-YouTube-Client-Version 1.20240320.00.00 X-YouTube-Time-Zone Pacific/Honolulu X-Goog-Visitor-Id Cgt0OEdfcnlUdDZpWSjk6YewBjIKCgJVUxIEGgAgKQ%3D%3D X-YouTube-Ad-Signals dt=1711404261342&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C380%2C260&vis=1&wgl=true&ca_type=image Response headers date Mon, 25 Mar 2024 22:04:26 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31 x-xss-protection 0
POST H3	200	videoplayback Show response rr1---sn-q4fzen7e.googlevideo.com/ Frame 52FD	147 KB 147 KB	68ms 68ms	Fetch application/vnd.yt-ump	2607:f8b0:4000:9::6 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr1---sn-q4fzen7e.googlevideo.com/videoplayback?expire=1711425861&ei=5fQBZqSbMMSJ_9EPwZSs4A4&ip=2001%3A550%3A1d05%3A1%3A%3A7&id=o-ANTR73t_i1-jRba6nwTi2pVFGnefiyulvaHOuAODBK3y&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=M3&mm=31%2C26&mn=sn-q4fzen7e%2Csn-vgqsknzz&ms=au%2Conr&mv=m&mvi=1&pl=48&initcwndbps=2325000&spc=UWF9fyzVJ1aQ2odSILJMdAglTaD2BFqrcRlCZdDSpeWjpE8&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=2ZL2QhcTOAXJJvAcOv5sq5UQ&gir=yes&clen=4533498&dur=307.981&lmt=1709819376622501&mt=1711403326&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=g3l64OCfPVGlSQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRAIgNT_WuSyCr1lKrJLsWlWYXndCNrU0cwgIP-dcebc-L90CIApXnkIlix6tm_PMFNRFHTvHGUriD6I1_5GzB8WGaYas&alr=yes&sig=AJfQdSswRQIhAIMH9tRUotrh1PLHvW6R9Nzvj0X5aAlB4utnWK7RMbfmAiA-4CA0lsxdRbPuOMNzTlSAe_U0zV0Eof6hkRN9ODZmMw%3D%3D&cpn=K2J3Cdhi3t79WcfN&cver=1.20240320.00.00&range=286046-436540&rn=7&rbuf=15490&pot=MnSQLugblBk2oZAWjSRqfuYD0b160A0nw78vbv71zRtp_6ApL6e0f4mQa8jqOXdS2vdGleGrk0FoCrh4QgwNeDHKgmSGPAaw0kUT80EhuPXRWwWpbrAaQzzNJwWCppKbu1EKYrgJiCBmZlhnL6kEeU5QDF3mtw==&ump=1&srfvp=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4000:9::6 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash 6928cdc2208066bbf7a108178a9fe98a3861fe815b4067047d9a0d50b5302dd7 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers client-protocol quic date Mon, 25 Mar 2024 22:04:28 GMT x-content-type-options nosniff last-modified Thu, 07 Mar 2024 13:49:36 GMT server gvs 1.0 vary Origin content-type application/vnd.yt-ump access-control-allow-origin https://www.youtube.com access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21293 access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin https://www.youtube.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" expires Mon, 25 Mar 2024 22:04:28 GMT
POST H3	204	atr Show response www.youtube.com/api/stats/ Frame 52FD	0 19 B	100ms 99ms	XHR text/html	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=K2J3Cdhi3t79WcfN&ver=2&cmt=4.653&fmt=243&fs=0&rt=7.028&euri=https%3A%2F%2Fvideos.k8team.top%2F&lact=7101&cl=617698619&mos=1&volume=100&cbr=Chrome&cbrver=122.0.6261.128&c=WEB_EMBEDDED_PLAYER&cver=1.20240320.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&delay=4&hl=en_US&cr=US&len=307.981&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C73455%2C230596%2C84737%2C36318%2C6271%2C26439494%2C4054%2C7111%2C9369%2C10825%2C16149%2C9673%2C281%2C1192%2C26496%2C1598%2C3460%2C1908%2C2%2C2870%2C3819%2C655%2C225%2C1127%2C18642%2C2948%2C6761%2C795%2C644%2C58%2C185%2C12853&afmt=251&muted=1&docid=o1ldneqKzIU&ei=5fQBZqSbMMSJ_9EPwZSs4A4&plid=AAYUg1sXsY3GjZlK&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F%3Fplaysinline%3D1%26playlist%3Do1ldneqKzIU%252CDxX2HL5vask%252CbUsvdWtXYmA%252CajhqGe2-yNM%252CjgBpPFW24Gs%252CL4aDNmLBkTw%252CIxDWSsdq89c%252CLwKTbb8S-7Q%252CsUNwYetUgDY%252CJVx4GVqj5qQ%26loop%3D1%26autoplay%3D1%26mute%3D1%26widget_referrer%3Dhttps%253A%252F%252Flp.k8.io%252F%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fvideos.k8team.top%26widgetid%3D1&list=TLGG7QFdggYdjTQyNTAzMjAyNA&of=blOcMhsINBeXi4TWW_X7Gg&vm=CAEQARgCOjJBSHFpSlRJOHVncUl1cnNwNXNFRmlJUE9wdGJoZWlEa2lHbDRnemRIckk0bFVPSDJhQWJwQVBta0tES0x4ajVPazI2SHdLZTdxNGJNM2ZmSG5mT0wza1pZZFdUQVFCaEtaX052RlEyT3R2akU4Ty1fZFdiMmFWbU9VVmo3YV9vaWFZelJpeVZTR1pwRjc1dEpvWUhEell4eFN1X25JNWwzSjlLSWgC Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Video Stats Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type application/x-www-form-urlencoded X-YouTube-Utc-Offset -600 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/?playsinline=1&playlist=o1ldneqKzIU%2CDxX2HL5vask%2CbUsvdWtXYmA%2CajhqGe2-yNM%2CjgBpPFW24Gs%2CL4aDNmLBkTw%2CIxDWSsdq89c%2CLwKTbb8S-7Q%2CsUNwYetUgDY%2CJVx4GVqj5qQ&loop=1&autoplay=1&mute=1&widget_referrer=https%3A%2F%2Flp.k8.io%2F&enablejsapi=1&origin=https%3A%2F%2Fvideos.k8team.top&widgetid=1 X-YouTube-Client-Version 1.20240320.00.00 X-YouTube-Time-Zone Pacific/Honolulu X-Goog-Visitor-Id Cgt0OEdfcnlUdDZpWSjk6YewBjIKCgJVUxIEGgAgKQ%3D%3D X-YouTube-Ad-Signals dt=1711404261527&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C380%2C260&vis=1&wgl=true&ca_type=image Response headers pragma no-cache date Mon, 25 Mar 2024 22:04:28 GMT x-content-type-options nosniff server Video Stats Server x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, must-revalidate access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	videoplayback Show response rr1---sn-q4fzen7e.googlevideo.com/ Frame 52FD	1 MB 1 MB	70ms 69ms	Fetch application/vnd.yt-ump	2607:f8b0:4000:9::6 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr1---sn-q4fzen7e.googlevideo.com/videoplayback?expire=1711425861&ei=5fQBZqSbMMSJ_9EPwZSs4A4&ip=2001%3A550%3A1d05%3A1%3A%3A7&id=o-ANTR73t_i1-jRba6nwTi2pVFGnefiyulvaHOuAODBK3y&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=M3&mm=31%2C26&mn=sn-q4fzen7e%2Csn-vgqsknzz&ms=au%2Conr&mv=m&mvi=1&pl=48&initcwndbps=2325000&spc=UWF9fyzVJ1aQ2odSILJMdAglTaD2BFqrcRlCZdDSpeWjpE8&vprv=1&svpuc=1&mime=video%2Fwebm&ns=2ZL2QhcTOAXJJvAcOv5sq5UQ&gir=yes&clen=16866106&dur=307.941&lmt=1709819111586753&mt=1711403326&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=530F224&n=g3l64OCfPVGlSQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRgIhAN3o4WyTL5zTSGoTr8r9Nyzn0N-EIVXT4aYH-UpbbM2kAiEAq1deiaTEu8NL-z6EJn9MOlWbLWd4FpVBlETIbUCJ4vA%3D&alr=yes&sig=AJfQdSswRQIgWfI3Q5RsMAuCvzbhe6u_hKNtNsxSyIDdyjpiwlqjL6wCIQCJCc_zMIjbL-oGBhO0qfwI_c125stzG26bMGXqOYNEsA%3D%3D&cpn=K2J3Cdhi3t79WcfN&cver=1.20240320.00.00&range=916868-2039448&rn=8&rbuf=16148&pot=MnSQLugblBk2oZAWjSRqfuYD0b160A0nw78vbv71zRtp_6ApL6e0f4mQa8jqOXdS2vdGleGrk0FoCrh4QgwNeDHKgmSGPAaw0kUT80EhuPXRWwWpbrAaQzzNJwWCppKbu1EKYrgJiCBmZlhnL6kEeU5QDF3mtw==&ump=1&srfvp=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4000:9::6 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash a21e7b5e8863f7789b6d85e3fe574169016406c0c81defb2f1fe9d7efb6f718a Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers expires Mon, 25 Mar 2024 22:04:29 GMT date Mon, 25 Mar 2024 22:04:29 GMT x-restrict-formats-hint None x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" last-modified Thu, 07 Mar 2024 13:45:11 GMT server gvs 1.0 vary Origin content-type application/vnd.yt-ump access-control-allow-origin https://www.youtube.com access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21292 access-control-allow-credentials true timing-allow-origin https://www.youtube.com client-protocol quic
POST H3	204	qoe Show response www.youtube.com/api/stats/ Frame 52FD	0 19 B	86ms 86ms	XHR text/html	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/api/stats/qoe?fmt=243&afmt=251&cpn=K2J3Cdhi3t79WcfN&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C73455%2C230596%2C84737%2C36318%2C6271%2C26439494%2C4054%2C7111%2C9369%2C10825%2C16149%2C9673%2C281%2C1192%2C26496%2C1598%2C3460%2C1908%2C2%2C2870%2C3819%2C655%2C225%2C1127%2C18642%2C2948%2C6761%2C795%2C644%2C58%2C185%2C12853&cl=617698619&seq=2&docid=o1ldneqKzIU&ei=5fQBZqSbMMSJ_9EPwZSs4A4&event=streamingstats&plid=AAYUg1sXsY3GjZlK&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F%3Fplaysinline%3D1%26playlist%3Do1ldneqKzIU%252CDxX2HL5vask%252CbUsvdWtXYmA%252CajhqGe2-yNM%252CjgBpPFW24Gs%252CL4aDNmLBkTw%252CIxDWSsdq89c%252CLwKTbb8S-7Q%252CsUNwYetUgDY%252CJVx4GVqj5qQ%26loop%3D1%26autoplay%3D1%26mute%3D1%26widget_referrer%3Dhttps%253A%252F%252Flp.k8.io%252F%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fvideos.k8team.top%26widgetid%3D1&qclc=ChBLMkozQ2RoaTN0NzlXY2ZOEAI&embargoed=0&cbr=Chrome&cbrver=122.0.6261.128&c=WEB_EMBEDDED_PLAYER&cver=1.20240320.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&afs=0.994:251::i&bh=2.298:4.638,10.006:22.394&cmt=2.298:0.002,3.055:0.720,10.006:7.631&vps=2.298:PL,10.006:PL&user_intent=0&bwm=10.006:2476458:3.727&bwe=10.006:3102019&bat=10.006:1:1&df=10.006:27 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Video Stats Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type application/x-www-form-urlencoded X-YouTube-Utc-Offset -600 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/?playsinline=1&playlist=o1ldneqKzIU%2CDxX2HL5vask%2CbUsvdWtXYmA%2CajhqGe2-yNM%2CjgBpPFW24Gs%2CL4aDNmLBkTw%2CIxDWSsdq89c%2CLwKTbb8S-7Q%2CsUNwYetUgDY%2CJVx4GVqj5qQ&loop=1&autoplay=1&mute=1&widget_referrer=https%3A%2F%2Flp.k8.io%2F&enablejsapi=1&origin=https%3A%2F%2Fvideos.k8team.top&widgetid=1 X-YouTube-Client-Version 1.20240320.00.00 X-YouTube-Time-Zone Pacific/Honolulu X-Goog-Visitor-Id Cgt0OEdfcnlUdDZpWSjk6YewBjIKCgJVUxIEGgAgKQ%3D%3D X-YouTube-Ad-Signals dt=1711404261527&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C380%2C260&vis=1&wgl=true&ca_type=image Response headers pragma no-cache date Mon, 25 Mar 2024 22:04:31 GMT x-content-type-options nosniff server Video Stats Server x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, must-revalidate access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	videoplayback Show response rr1---sn-q4fzen7e.googlevideo.com/ Frame 52FD	290 KB 290 KB	74ms 74ms	Fetch application/vnd.yt-ump	2607:f8b0:4000:9::6 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr1---sn-q4fzen7e.googlevideo.com/videoplayback?expire=1711425861&ei=5fQBZqSbMMSJ_9EPwZSs4A4&ip=2001%3A550%3A1d05%3A1%3A%3A7&id=o-ANTR73t_i1-jRba6nwTi2pVFGnefiyulvaHOuAODBK3y&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=M3&mm=31%2C26&mn=sn-q4fzen7e%2Csn-vgqsknzz&ms=au%2Conr&mv=m&mvi=1&pl=48&initcwndbps=2325000&spc=UWF9fyzVJ1aQ2odSILJMdAglTaD2BFqrcRlCZdDSpeWjpE8&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=2ZL2QhcTOAXJJvAcOv5sq5UQ&gir=yes&clen=4533498&dur=307.981&lmt=1709819376622501&mt=1711403326&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=g3l64OCfPVGlSQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRAIgNT_WuSyCr1lKrJLsWlWYXndCNrU0cwgIP-dcebc-L90CIApXnkIlix6tm_PMFNRFHTvHGUriD6I1_5GzB8WGaYas&alr=yes&sig=AJfQdSswRQIhAIMH9tRUotrh1PLHvW6R9Nzvj0X5aAlB4utnWK7RMbfmAiA-4CA0lsxdRbPuOMNzTlSAe_U0zV0Eof6hkRN9ODZmMw%3D%3D&cpn=K2J3Cdhi3t79WcfN&cver=1.20240320.00.00&range=436541-733663&rn=9&rbuf=20542&pot=MnSQLugblBk2oZAWjSRqfuYD0b160A0nw78vbv71zRtp_6ApL6e0f4mQa8jqOXdS2vdGleGrk0FoCrh4QgwNeDHKgmSGPAaw0kUT80EhuPXRWwWpbrAaQzzNJwWCppKbu1EKYrgJiCBmZlhnL6kEeU5QDF3mtw==&ump=1&srfvp=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/2923e6f1/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4000:9::6 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash 8728521b8a0cb502565d201fc184ffb46e1d49c152f53d3925d1c47f03aa957a Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers client-protocol quic date Mon, 25 Mar 2024 22:04:33 GMT x-content-type-options nosniff last-modified Thu, 07 Mar 2024 13:49:36 GMT server gvs 1.0 vary Origin content-type application/vnd.yt-ump access-control-allow-origin https://www.youtube.com access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21288 access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin https://www.youtube.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" expires Mon, 25 Mar 2024 22:04:33 GMT