www.youtube.com Open in urlscan Pro
2607:f8b0:4006:81e::200e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ksan.drofortho.com/
Effective URL:
https://www.youtube.com/watch?si=YTGg1ndjXv1bwBvk&v=EWDDJPpPQgs&feature=youtu.be
Submission: On January 22 via api (January 22nd 2025, 12:27:46 pm UTC) from US — Scanned from US

Summary HTTP 40 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 19 domains to perform 40 HTTP transactions. The main IP is 2607:f8b0:4006:81e::200e, located in United States and belongs to GOOGLE, US. The main domain is www.youtube.com. The Cisco Umbrella rank of the primary domain is 79.
TLS certificate: Issued by WR2 on December 9th 2024. Valid for: 3 months.

This is the only time www.youtube.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	172.98.192.37 172.98.192.37	31863 (DACEN-2) (DACEN-2)
1 2	18.235.30.113 18.235.30.113	14618 (AMAZON-AES) (AMAZON-AES)
1 1	5.161.89.212 5.161.89.212	213230 (HETZNER-C...) (HETZNER-CLOUD2-AS Hetzner Online GmbH)
1 1	2606:4700::68... 2606:4700::6812:a88	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6812:f0e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	64.225.91.73 64.225.91.73	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700::68... 2606:4700::6812:1a2d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	64.190.63.136 64.190.63.136	47846 (SEDO-AS S...) (SEDO-AS SEDO GmbH)
1	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS)
3 4	173.239.53.32 173.239.53.32	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 2	15.197.224.234 15.197.224.234	16509 (AMAZON-02) (AMAZON-02)
2	130.211.29.114 130.211.29.114	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	35.241.15.240 35.241.15.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2607:f8b0:400... 2607:f8b0:4006:823::200e	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:81e::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80d::2016	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:809::200a	15169 (GOOGLE) (GOOGLE)
2	2600:803:1504... 2600:803:1504:1::e	701 (UUNET) (UUNET)
40	16

2 172.98.192.37 (United States) 1 redirects

ASN31863 (DACEN-2, US)

ksan.drofortho.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 18.235.30.113 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-30-113.compute-1.amazonaws.com

nanai-clw.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
ernus-dop.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 5.161.89.212 (United States) 1 redirects

ASN213230 (HETZNER-CLOUD2-AS Hetzner Online GmbH, DE)
PTR: us-psh2.1push.io

so-gre8.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700::6812:a88 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

user-agent.trafficdecisions.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 2606:4700::6812:f0e (United States)

ASN13335 (CLOUDFLARENET, US)

go.c0nect.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 64.225.91.73 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

scienceinabag.org	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700::6812:1a2d (United States)

ASN13335 (CLOUDFLARENET, US)

domaincntrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 64.190.63.136 (Germany) 2 redirects

ASN47846 (SEDO-AS SEDO GmbH, DE)

ww2.scienceinabag.org	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net

img.sedoparking.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 173.239.53.32 (New York, United States) 3 redirects

ASN27257 (WEBAIR-INTERNET, US)

xml.sedodna.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
xml-v4.lensgard-4.online	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
tq.lensgard-4.online	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 15.197.224.234 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ab226b763647f1870.awsglobalaccelerator.com

trbx-l1.online	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 130.211.29.114 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 114.29.211.130.bc.googleusercontent.com

cdn.perfdrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 35.241.15.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.15.241.35.bc.googleusercontent.com

cas.avalon.perfdrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2607:f8b0:4006:823::200e (United States) 1 redirects

ASN15169 (GOOGLE, US)

youtu.be	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 2607:f8b0:4006:81e::200e (United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2607:f8b0:4006:80d::2016 (United States)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2607:f8b0:4006:809::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2600:803:1504:1::e (United States)

ASN701 (UUNET, US)

rr3---sn-8xgp1vo-2pul.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
7	scienceinabag.org 2 redirects scienceinabag.org ww2.scienceinabag.org	4 KB
6	perfdrive.com cdn.perfdrive.com — Cisco Umbrella Rank: 40488 cas.avalon.perfdrive.com — Cisco Umbrella Rank: 12459	99 KB
4	youtube.com www.youtube.com — Cisco Umbrella Rank: 79	38 KB
4	c0nect.com go.c0nect.com — Cisco Umbrella Rank: 230362	1 KB
3	lensgard-4.online 2 redirects xml-v4.lensgard-4.online tq.lensgard-4.online	16 KB
2	googlevideo.com rr3---sn-8xgp1vo-2pul.googlevideo.com — Cisco Umbrella Rank: 245093	14 B
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 96	12 KB
2	trbx-l1.online 1 redirects trbx-l1.online	21 KB
2	drofortho.com 1 redirects ksan.drofortho.com	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	15 KB
1	youtu.be 1 redirects youtu.be — Cisco Umbrella Rank: 8443	1 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 7813	411 B
1	sedodna.com 1 redirects xml.sedodna.com — Cisco Umbrella Rank: 333917	232 B
1	sedoparking.com img.sedoparking.com — Cisco Umbrella Rank: 66937	15 KB
1	domaincntrol.com domaincntrol.com — Cisco Umbrella Rank: 261654	338 B
1	trafficdecisions.com 1 redirects user-agent.trafficdecisions.com — Cisco Umbrella Rank: 230012	574 B
1	so-gre8.net 1 redirects so-gre8.net — Cisco Umbrella Rank: 73320	279 B
1	ernus-dop.com 1 redirects ernus-dop.com — Cisco Umbrella Rank: 285449	660 B
1	nanai-clw.com nanai-clw.com — Cisco Umbrella Rank: 342885	3 KB
40	19

	Domain	Requested by
5	ww2.scienceinabag.org	2 redirects scienceinabag.org ww2.scienceinabag.org
4	www.youtube.com	www.youtube.com
4	cas.avalon.perfdrive.com	cdn.perfdrive.com
4	go.c0nect.com	nanai-clw.com
2	rr3---sn-8xgp1vo-2pul.googlevideo.com	www.youtube.com
2	i.ytimg.com	www.youtube.com
2	xml-v4.lensgard-4.online	2 redirects
2	cdn.perfdrive.com	trbx-l1.online tq.lensgard-4.online
2	trbx-l1.online	1 redirects ww2.scienceinabag.org
2	scienceinabag.org
2	ksan.drofortho.com	1 redirects
1	fonts.googleapis.com	www.youtube.com
1	youtu.be	1 redirects
1	bit.ly	1 redirects
1	tq.lensgard-4.online	trbx-l1.online
1	xml.sedodna.com	1 redirects
1	img.sedoparking.com
1	domaincntrol.com	scienceinabag.org
1	user-agent.trafficdecisions.com	1 redirects
1	so-gre8.net	1 redirects
1	ernus-dop.com	1 redirects
1	nanai-clw.com	ksan.drofortho.com
40	22

This site contains no links.

Subject Issuer	Validity	Valid
drofortho.com R10	`2024-11-28` - `2025-02-26`	3 months	crt.sh
zeropark.com Amazon RSA 2048 M02	`2024-06-11` - `2025-07-09`	a year	crt.sh
c0nect.com WE1	`2024-12-06` - `2025-03-06`	3 months	crt.sh
scienceinabag.org E6	`2025-01-02` - `2025-04-02`	3 months	crt.sh
domaincntrol.com WE1	`2025-01-17` - `2025-04-17`	3 months	crt.sh
ww2.scienceinabag.org Encryption Everywhere DV TLS CA - G2	`2025-01-21` - `2026-01-21`	a year	crt.sh
*.cachefly.net GlobalSign RSA OV SSL CA 2018	`2024-11-12` - `2025-12-14`	a year	crt.sh
trbx-l1.online Amazon RSA 2048 M02	`2025-01-22` - `2026-02-20`	a year	crt.sh
*.perfdrive.com Go Daddy Secure Certificate Authority - G2	`2024-09-20` - `2025-09-26`	a year	crt.sh
cas.avalon.perfdrive.com Go Daddy Secure Certificate Authority - G2	`2024-07-26` - `2025-08-05`	a year	crt.sh
lensgard-4.online R10	`2024-12-17` - `2025-03-17`	3 months	crt.sh
*.google.com WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
edgestatic.com WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
*.googlevideo.com WR2	`2025-01-14` - `2025-03-25`	2 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.youtube.com/watch?si=YTGg1ndjXv1bwBvk&v=EWDDJPpPQgs&feature=youtu.be
Frame ID: 0D76838618A7414EBEBB6197F84E8BA3
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ksan.drofortho.com/ HTTP 307
https://ksan.drofortho.com/ Page URL
https://ksan.drofortho.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MT... HTTP 302
http://nanai-clw.com/zclkvisitor/49617632-d8bc-11ef-bc13-0afff3258aab/72092e88-2c53-401c-b988-51e... HTTP 307
https://nanai-clw.com/zclkvisitor/49617632-d8bc-11ef-bc13-0afff3258aab/72092e88-2c53-401c-b988-51e... Page URL
https://ernus-dop.com/zclkredirect?visitid=49617632-d8bc-11ef-bc13-0afff3258aab&type=js&browserWid... HTTP 302
https://so-gre8.net/r/xymof9wRzdUPJkd2IUFo75A2y34vsHEF6-djp1CgwwVbhPjAvrvC1uxEWBONzGGUgPYu7FZlZz... HTTP 302
https://user-agent.trafficdecisions.com/okay/?d=okay&t=2 HTTP 302
https://go.c0nect.com/?t=3 Page URL
https://go.c0nect.com/?d=undefined&t=3-post&8s4n53_source=1737548868362&8s4n53_domain=http://scien... Page URL
http://scienceinabag.org/?utm_source=google HTTP 307
https://scienceinabag.org/?utm_source=google Page URL
http://ww2.scienceinabag.org/ HTTP 307
https://ww2.scienceinabag.org/ Page URL
https://ww2.scienceinabag.org/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DUqVZ3OVsnZ... HTTP 302
https://ww2.scienceinabag.org/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DUqVZ3OVsnZ... HTTP 302
https://xml.sedodna.com/click?i=UqVZ3OVsnZM_0 HTTP 302
http://trbx-l1.online/api/v1/px?xmlid=RUzmAsFJRAR2fAOQRAAYDpvNgSANS40ArJPnkTHO HTTP 307
https://trbx-l1.online/api/v1/px?xmlid=RUzmAsFJRAR2fAOQRAAYDpvNgSANS40ArJPnkTHO Page URL
https://trbx-l1.online/api/v1/pxcheck?impId=RUzmAsFJRAR2fAOQRAAYDpvNgSANS40ArJPnkTHO&minfo=eyJjb29r... HTTP 302
http://xml-v4.lensgard-4.online/click?seat=3082852&i=o60UJjb*7j0_0 HTTP 307
https://xml-v4.lensgard-4.online/click?seat=3082852&i=o60UJjb*7j0_0 HTTP 302
https://tq.lensgard-4.online/filter?q=scienceinabag&i=o60UJjb*7j0_0&ci=5453458456455008592&t=2096951658&h=29 Page URL
https://xml-v4.lensgard-4.online/click2?i=o60UJjb*7j0_0&ci=5453458456455008592&j=rv%3Db%26ss%3D1600x1200%26ws... HTTP 302
https://bit.ly/4hVR4rD HTTP 301
https://youtu.be/EWDDJPpPQgs?si=YTGg1ndjXv1bwBvk HTTP 303
https://www.youtube.com/watch?si=YTGg1ndjXv1bwBvk&v=EWDDJPpPQgs&feature=youtu.be Page URL

Page Statistics

40
Requests

73 %
HTTPS

42 %
IPv6

19
Domains

22
Subdomains

16
IPs

2
Countries

224 kB
Transfer

1103 kB
Size

26
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ksan.drofortho.com/ HTTP 307
https://ksan.drofortho.com/ Page URL
https://ksan.drofortho.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTczNzU1NjA2NiwiaWF0IjoxNzM3NTQ4ODY2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIzMGVnNnY4MWY3NW0wa3IydDAwdDlha2YiLCJuYmYiOjE3Mzc1NDg4NjYsInRzIjoxNzM3NTQ4ODY2NjY1MzkyfQ.IB6tUXcgwMd39Y94JE8Dzc6Bqq6m35hTvecKTdUvHsI&sid=494763f3-d8bc-11ef-8b83-42fc3c145858 HTTP 302
http://nanai-clw.com/zclkvisitor/49617632-d8bc-11ef-bc13-0afff3258aab/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=49765dc2-d8bc-11ef-bc13-0afff3258aab HTTP 307
https://nanai-clw.com/zclkvisitor/49617632-d8bc-11ef-bc13-0afff3258aab/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=49765dc2-d8bc-11ef-bc13-0afff3258aab Page URL
https://ernus-dop.com/zclkredirect?visitid=49617632-d8bc-11ef-bc13-0afff3258aab&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu HTTP 302
https://so-gre8.net/r/xymof9wRzdUPJkd2IUFo75A2y34vsHEF6-djp1CgwwVbhPjAvrvC1uxEWBONzGGUgPYu7FZlZznahNwEnSD6Sb1c9D9gjkVtXI-vqUHp2JCA6dglJsluvpPO5Jdl45keJLfMWJHa-c_SfKt2zkDPA82RlS3PuOhKLYmHVMeZppL4kDmdKAG3EB00MBiXQPsRNu7o3YTseGaSNR-nYTiHgGudKIXTqwvq7fNLK1_O-PxWjb2YU8bpXFbHF8hWWEIZt2zDpUtZFNpK7bCejnbTAuJiYtFxHEHqRI239TL-axtIvx0PyvibBQ2LDtjgCXpXzWJk7Aq7GwhihAChdh2I4CsGmMSfoy_6526lRiQgnAQgl23TqA3vyJ9w7nEWjAalO2KXoTj88nkOTUnak_LNFOS3wDO871QA9fx5-Q3k4EIAE7VeDdliqU7RIvUud3TMJXQMQ_BQxDRvZ3VNR71-_V5czDUXbJ3n HTTP 302
https://user-agent.trafficdecisions.com/okay/?d=okay&t=2 HTTP 302
https://go.c0nect.com/?t=3 Page URL
https://go.c0nect.com/?d=undefined&t=3-post&8s4n53_source=1737548868362&8s4n53_domain=http://scienceinabag.org?utm_source=google Page URL
http://scienceinabag.org/?utm_source=google HTTP 307
https://scienceinabag.org/?utm_source=google Page URL
http://ww2.scienceinabag.org/ HTTP 307
https://ww2.scienceinabag.org/ Page URL
https://ww2.scienceinabag.org/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DUqVZ3OVsnZM_0&v=NTZjMWQ1YjM5ZDdjZjQ2YTllZjI1YWQyYmMwNDVkYjQJMQl3dzIuc2NpZW5jZWluYWJhZy5vcmc2NzkwZTQ0NWUwM2UwOC44NzI5OTE4Nwl3dzIuc2NpZW5jZWluYWJhZy5vcmc2NzkwZTQ0NWUwNDdiMS45NjEwNjAyMQkxNzM3NTQ4ODcxCWFkXzYzXzA%3D&l=ogcDM7vWk2RYKSFv1BYIdWRLxwv9C9HUfL2Oh9gc08qrbecsicCfB4UE8jD0qbiQP4UCI92BIZwIRf2_H6VKtL6NleRDPoU85PdMuwTPf2F1fVdhKf5sd_E-bMk8kC5Xi6kBjL8ArP9DBsBroT8jiAPUe2yC3vjb3pnT38vYA3wcqkGKcRw_RlH-CCIOPeYEsE9aXW7Xh6MgVXhO9c8d6sBOejyBlH-XR5B8pbfALB-lrIUAdXUdBgZjs28Gb4k_uH2AKufGHMcI-X292vvh5WAla1Zp09mfEO8znO7k6Ds4R0YPJmMsH3ch1GoD-qeSMHyhkOaSHnVoislgrqq-UAraUd6ZMms99rHrDcxKMSM2pO8AR2GqSwdBuWaXiLMpcTRPT1oOc2MOEHTVD1kzzkxu5ifJv03OQmEFuEnSYgYrxuxZyvFOd8ImpSfEJXlp68Nk43r82Pnhf5bOMmlqY42Ka9lffN8nLGN9gPmiA3PiZlb-cc_5s6MzA19KetdLYVhqEr-hdhNK6dCbNQes0XcAw50Pvrkg2DmNRLafhm-0Ook5oHS1rvW3gYPyqQfLiEdlx4UVJvObkZjPWHkj8_wv_FnB3sVYJO2490yQHwoFIiv4oH0QU1YA08xEgIbkoUkiwZfJz9Mk6MvJVnVuNBMKK2AfmLz_yEu-Df-EkKD5NXsjdOcGXJhns1GNsFjPbcrli1iUEwn7S9Vtx5tHWPxh_c HTTP 302
https://ww2.scienceinabag.org/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DUqVZ3OVsnZM_0&v=NTZjMWQ1YjM5ZDdjZjQ2YTllZjI1YWQyYmMwNDVkYjQJMQl3dzIuc2NpZW5jZWluYWJhZy5vcmc2NzkwZTQ0NWUwM2UwOC44NzI5OTE4Nwl3dzIuc2NpZW5jZWluYWJhZy5vcmc2NzkwZTQ0NWUwNDdiMS45NjEwNjAyMQkxNzM3NTQ4ODcxCWFkXzYzXzA%3D&l=ogcDM7vWk2RYKSFv1BYIdWRLxwv9C9HUfL2Oh9gc08qrbecsicCfB4UE8jD0qbiQP4UCI92BIZwIRf2_H6VKtL6NleRDPoU85PdMuwTPf2F1fVdhKf5sd_E-bMk8kC5Xi6kBjL8ArP9DBsBroT8jiAPUe2yC3vjb3pnT38vYA3wcqkGKcRw_RlH-CCIOPeYEsE9aXW7Xh6MgVXhO9c8d6sBOejyBlH-XR5B8pbfALB-lrIUAdXUdBgZjs28Gb4k_uH2AKufGHMcI-X292vvh5WAla1Zp09mfEO8znO7k6Ds4R0YPJmMsH3ch1GoD-qeSMHyhkOaSHnVoislgrqq-UAraUd6ZMms99rHrDcxKMSM2pO8AR2GqSwdBuWaXiLMpcTRPT1oOc2MOEHTVD1kzzkxu5ifJv03OQmEFuEnSYgYrxuxZyvFOd8ImpSfEJXlp68Nk43r82Pnhf5bOMmlqY42Ka9lffN8nLGN9gPmiA3PiZlb-cc_5s6MzA19KetdLYVhqEr-hdhNK6dCbNQes0XcAw50Pvrkg2DmNRLafhm-0Ook5oHS1rvW3gYPyqQfLiEdlx4UVJvObkZjPWHkj8_wv_FnB3sVYJO2490yQHwoFIiv4oH0QU1YA08xEgIbkoUkiwZfJz9Mk6MvJVnVuNBMKK2AfmLz_yEu-Df-EkKD5NXsjdOcGXJhns1GNsFjPbcrli1iUEwn7S9Vtx5tHWPxh_c HTTP 302
https://xml.sedodna.com/click?i=UqVZ3OVsnZM_0 HTTP 302
http://trbx-l1.online/api/v1/px?xmlid=RUzmAsFJRAR2fAOQRAAYDpvNgSANS40ArJPnkTHO HTTP 307
https://trbx-l1.online/api/v1/px?xmlid=RUzmAsFJRAR2fAOQRAAYDpvNgSANS40ArJPnkTHO Page URL
https://trbx-l1.online/api/v1/pxcheck?impId=RUzmAsFJRAR2fAOQRAAYDpvNgSANS40ArJPnkTHO&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTMxLjAuMC4wIFNhZmFyaS81MzcuMzYiLCJpZnJhbWUiOmZhbHNlLCJkZXZpY2VQaXhlbFJhdGlvIjoxLCJ3bmRMb2NIcmVmIjoiaHR0cHM6Ly90cmJ4LWwxLm9ubGluZS9hcGkvdjEvcHg/eG1saWQ9UlV6bUFzRkpSQVIyZkFPUVJBQVlEcHZOZ1NBTlM0MEFySlBua1RITyIsImRldmljZVNyZWVuU2l6ZSI6IjEyMDB4MTYwMCIsImRldmljZVdpbmRvd1NpemUiOiIxMjAweDE2MDAiLCJ3bmQyc3JjUmF0aW9Md3IwNiI6ZmFsc2UsImVmZmVjdGl2ZVR5cGUiOiI0ZyIsInR6Ijo2MDAsInR6SW50bCI6IlBhY2lmaWMvSG9ub2x1bHUiLCJpc0JvdCI6ZmFsc2UsImZCb3ROYW1lIjoiIiwiZlJlYXNvbnMiOiIifQ== HTTP 302
http://xml-v4.lensgard-4.online/click?seat=3082852&i=o60UJjb*7j0_0 HTTP 307
https://xml-v4.lensgard-4.online/click?seat=3082852&i=o60UJjb*7j0_0 HTTP 302
https://tq.lensgard-4.online/filter?q=scienceinabag&i=o60UJjb*7j0_0&ci=5453458456455008592&t=2096951658&h=29 Page URL
https://xml-v4.lensgard-4.online/click2?i=o60UJjb*7j0_0&ci=5453458456455008592&j=rv%3Db%26ss%3D1600x1200%26ws%3D1600x1200%26wp%3D120x120%26ce%3D1%26ck%3Djc%26cv%3D5516%26cs%3D1%26fr%3D0%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D5%26rf%3D%26lo%3Dtq.lensgard-4.online%26mb%3D0%26hb%3D1%26pl%3DLinux%2Bx86_64%26ua%3DMozilla%252F5.0%2B%28X11%253B%2BLinux%2Bx86_64%29%2BAppleWebKit%252F537.36%2B%28KHTML%252C%2Blike%2BGecko%29%2BChrome%252F131.0.0.0%2BSafari%252F537.36%26tp%3D81%26nd%3D0%26to%3Dnull%26wbd%3D1%26wbde%3D0%26sqm%3D0%26phj%3D0%26nmj%3D0%26sln%3D0%26es%3D0%26er%3D%26shs%3D%26ln%3Den-US%252Cen%26lnl%3D2%26hsc%3D1%26frc%3D1%26dbt%3D0%26prb%3D20030107%26tz%3D600%26hid%3D0%26mq%3D1%26my%3D8%26geo%3D1%26thx%3D0%26the%3D0%26ths%3D0%26cpc%3D%26ocp%3D%26hwc%3D16%26hrl%3D%26acd%3Dpppmp%26vcd%3Dnpp%26pal%3D5%26pai%3D1%26pli%3D1%26win%3D1600x1200%26wout%3D1600x1285%26wpof%3D0x0%26bcld%3D1584x18%26scrp%3D120x120%26scrad%3D1600x1200%26spd%3D24%26pxr%3D1%26sck%3D1%26ckl%3D52%26sls%3D1%26sss%3D1%26six%3D1%26sdb%3D0%26vvr%3DIntel%2BInc.%26vrd%3DIntel%2BIris%2BOpenGL%2BEngine%26pnt%3Dprompt%26bch%3D1%26blv%3D1%26cnvs%3D80808080%26mmd_ao%3D3%26mmd_ai%3D3%26mmd_vi%3D1 HTTP 302
https://bit.ly/4hVR4rD HTTP 301
https://youtu.be/EWDDJPpPQgs?si=YTGg1ndjXv1bwBvk HTTP 303
https://www.youtube.com/watch?si=YTGg1ndjXv1bwBvk&v=EWDDJPpPQgs&feature=youtu.be Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ksan.drofortho.com/ HTTP 307
https://ksan.drofortho.com/

Request Chain 1

https://ksan.drofortho.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTczNzU1NjA2NiwiaWF0IjoxNzM3NTQ4ODY2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIzMGVnNnY4MWY3NW0wa3IydDAwdDlha2YiLCJuYmYiOjE3Mzc1NDg4NjYsInRzIjoxNzM3NTQ4ODY2NjY1MzkyfQ.IB6tUXcgwMd39Y94JE8Dzc6Bqq6m35hTvecKTdUvHsI&sid=494763f3-d8bc-11ef-8b83-42fc3c145858 HTTP 302
http://nanai-clw.com/zclkvisitor/49617632-d8bc-11ef-bc13-0afff3258aab/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=49765dc2-d8bc-11ef-bc13-0afff3258aab HTTP 307
https://nanai-clw.com/zclkvisitor/49617632-d8bc-11ef-bc13-0afff3258aab/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=49765dc2-d8bc-11ef-bc13-0afff3258aab

Request Chain 2

https://ernus-dop.com/zclkredirect?visitid=49617632-d8bc-11ef-bc13-0afff3258aab&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu HTTP 302
https://so-gre8.net/r/xymof9wRzdUPJkd2IUFo75A2y34vsHEF6-djp1CgwwVbhPjAvrvC1uxEWBONzGGUgPYu7FZlZznahNwEnSD6Sb1c9D9gjkVtXI-vqUHp2JCA6dglJsluvpPO5Jdl45keJLfMWJHa-c_SfKt2zkDPA82RlS3PuOhKLYmHVMeZppL4kDmdKAG3EB00MBiXQPsRNu7o3YTseGaSNR-nYTiHgGudKIXTqwvq7fNLK1_O-PxWjb2YU8bpXFbHF8hWWEIZt2zDpUtZFNpK7bCejnbTAuJiYtFxHEHqRI239TL-axtIvx0PyvibBQ2LDtjgCXpXzWJk7Aq7GwhihAChdh2I4CsGmMSfoy_6526lRiQgnAQgl23TqA3vyJ9w7nEWjAalO2KXoTj88nkOTUnak_LNFOS3wDO871QA9fx5-Q3k4EIAE7VeDdliqU7RIvUud3TMJXQMQ_BQxDRvZ3VNR71-_V5czDUXbJ3n HTTP 302
https://user-agent.trafficdecisions.com/okay/?d=okay&t=2 HTTP 302
https://go.c0nect.com/?t=3

Request Chain 5

http://scienceinabag.org/?utm_source=google HTTP 307
https://scienceinabag.org/?utm_source=google

Request Chain 9

http://ww2.scienceinabag.org/ HTTP 307
https://ww2.scienceinabag.org/

Request Chain 13

https://ww2.scienceinabag.org/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DUqVZ3OVsnZM_0&v=NTZjMWQ1YjM5ZDdjZjQ2YTllZjI1YWQyYmMwNDVkYjQJMQl3dzIuc2NpZW5jZWluYWJhZy5vcmc2NzkwZTQ0NWUwM2UwOC44NzI5OTE4Nwl3dzIuc2NpZW5jZWluYWJhZy5vcmc2NzkwZTQ0NWUwNDdiMS45NjEwNjAyMQkxNzM3NTQ4ODcxCWFkXzYzXzA%3D&l=ogcDM7vWk2RYKSFv1BYIdWRLxwv9C9HUfL2Oh9gc08qrbecsicCfB4UE8jD0qbiQP4UCI92BIZwIRf2_H6VKtL6NleRDPoU85PdMuwTPf2F1fVdhKf5sd_E-bMk8kC5Xi6kBjL8ArP9DBsBroT8jiAPUe2yC3vjb3pnT38vYA3wcqkGKcRw_RlH-CCIOPeYEsE9aXW7Xh6MgVXhO9c8d6sBOejyBlH-XR5B8pbfALB-lrIUAdXUdBgZjs28Gb4k_uH2AKufGHMcI-X292vvh5WAla1Zp09mfEO8znO7k6Ds4R0YPJmMsH3ch1GoD-qeSMHyhkOaSHnVoislgrqq-UAraUd6ZMms99rHrDcxKMSM2pO8AR2GqSwdBuWaXiLMpcTRPT1oOc2MOEHTVD1kzzkxu5ifJv03OQmEFuEnSYgYrxuxZyvFOd8ImpSfEJXlp68Nk43r82Pnhf5bOMmlqY42Ka9lffN8nLGN9gPmiA3PiZlb-cc_5s6MzA19KetdLYVhqEr-hdhNK6dCbNQes0XcAw50Pvrkg2DmNRLafhm-0Ook5oHS1rvW3gYPyqQfLiEdlx4UVJvObkZjPWHkj8_wv_FnB3sVYJO2490yQHwoFIiv4oH0QU1YA08xEgIbkoUkiwZfJz9Mk6MvJVnVuNBMKK2AfmLz_yEu-Df-EkKD5NXsjdOcGXJhns1GNsFjPbcrli1iUEwn7S9Vtx5tHWPxh_c HTTP 302
https://ww2.scienceinabag.org/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DUqVZ3OVsnZM_0&v=NTZjMWQ1YjM5ZDdjZjQ2YTllZjI1YWQyYmMwNDVkYjQJMQl3dzIuc2NpZW5jZWluYWJhZy5vcmc2NzkwZTQ0NWUwM2UwOC44NzI5OTE4Nwl3dzIuc2NpZW5jZWluYWJhZy5vcmc2NzkwZTQ0NWUwNDdiMS45NjEwNjAyMQkxNzM3NTQ4ODcxCWFkXzYzXzA%3D&l=ogcDM7vWk2RYKSFv1BYIdWRLxwv9C9HUfL2Oh9gc08qrbecsicCfB4UE8jD0qbiQP4UCI92BIZwIRf2_H6VKtL6NleRDPoU85PdMuwTPf2F1fVdhKf5sd_E-bMk8kC5Xi6kBjL8ArP9DBsBroT8jiAPUe2yC3vjb3pnT38vYA3wcqkGKcRw_RlH-CCIOPeYEsE9aXW7Xh6MgVXhO9c8d6sBOejyBlH-XR5B8pbfALB-lrIUAdXUdBgZjs28Gb4k_uH2AKufGHMcI-X292vvh5WAla1Zp09mfEO8znO7k6Ds4R0YPJmMsH3ch1GoD-qeSMHyhkOaSHnVoislgrqq-UAraUd6ZMms99rHrDcxKMSM2pO8AR2GqSwdBuWaXiLMpcTRPT1oOc2MOEHTVD1kzzkxu5ifJv03OQmEFuEnSYgYrxuxZyvFOd8ImpSfEJXlp68Nk43r82Pnhf5bOMmlqY42Ka9lffN8nLGN9gPmiA3PiZlb-cc_5s6MzA19KetdLYVhqEr-hdhNK6dCbNQes0XcAw50Pvrkg2DmNRLafhm-0Ook5oHS1rvW3gYPyqQfLiEdlx4UVJvObkZjPWHkj8_wv_FnB3sVYJO2490yQHwoFIiv4oH0QU1YA08xEgIbkoUkiwZfJz9Mk6MvJVnVuNBMKK2AfmLz_yEu-Df-EkKD5NXsjdOcGXJhns1GNsFjPbcrli1iUEwn7S9Vtx5tHWPxh_c HTTP 302
https://xml.sedodna.com/click?i=UqVZ3OVsnZM_0 HTTP 302
http://trbx-l1.online/api/v1/px?xmlid=RUzmAsFJRAR2fAOQRAAYDpvNgSANS40ArJPnkTHO HTTP 307
https://trbx-l1.online/api/v1/px?xmlid=RUzmAsFJRAR2fAOQRAAYDpvNgSANS40ArJPnkTHO

Request Chain 17

https://trbx-l1.online/api/v1/pxcheck?impId=RUzmAsFJRAR2fAOQRAAYDpvNgSANS40ArJPnkTHO&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTMxLjAuMC4wIFNhZmFyaS81MzcuMzYiLCJpZnJhbWUiOmZhbHNlLCJkZXZpY2VQaXhlbFJhdGlvIjoxLCJ3bmRMb2NIcmVmIjoiaHR0cHM6Ly90cmJ4LWwxLm9ubGluZS9hcGkvdjEvcHg/eG1saWQ9UlV6bUFzRkpSQVIyZkFPUVJBQVlEcHZOZ1NBTlM0MEFySlBua1RITyIsImRldmljZVNyZWVuU2l6ZSI6IjEyMDB4MTYwMCIsImRldmljZVdpbmRvd1NpemUiOiIxMjAweDE2MDAiLCJ3bmQyc3JjUmF0aW9Md3IwNiI6ZmFsc2UsImVmZmVjdGl2ZVR5cGUiOiI0ZyIsInR6Ijo2MDAsInR6SW50bCI6IlBhY2lmaWMvSG9ub2x1bHUiLCJpc0JvdCI6ZmFsc2UsImZCb3ROYW1lIjoiIiwiZlJlYXNvbnMiOiIifQ== HTTP 302
http://xml-v4.lensgard-4.online/click?seat=3082852&i=o60UJjb*7j0_0 HTTP 307
https://xml-v4.lensgard-4.online/click?seat=3082852&i=o60UJjb*7j0_0 HTTP 302
https://tq.lensgard-4.online/filter?q=scienceinabag&i=o60UJjb*7j0_0&ci=5453458456455008592&t=2096951658&h=29

40 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
ksan.drofortho.com/
Redirect Chain

http://ksan.drofortho.com/
https://ksan.drofortho.com/

480 B
760 B

282ms
103ms

Document
text/html

172.98.192.37
DACEN-2

General

Check archive.org

Download Go to

Full URL: https://ksan.drofortho.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.98.192.37 , United States, ASN31863 (DACEN-2, US),
Reverse DNS
Software: Cowboy /
Resource Hash: e33b591af912f64d961d43fab98fc380ae166ed666045769d318d8560cd0ab8f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
content-length: 480
content-type: text/html; charset=utf-8
date: Wed, 22 Jan 2025 12:27:46 GMT
server: Cowboy

Redirect headers

Location: https://ksan.drofortho.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2

200

72092e88-2c53-401c-b988-51ef43ce1034 Show response
nanai-clw.com/zclkvisitor/49617632-d8bc-11ef-bc13-0afff3258aab/
Redirect Chain

https://ksan.drofortho.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTczNzU1NjA2NiwiaWF0IjoxNzM3NTQ4ODY2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIzMGVnNnY4MWY3NW0wa3Iy...
http://nanai-clw.com/zclkvisitor/49617632-d8bc-11ef-bc13-0afff3258aab/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=49765dc2-d8bc-11ef-bc13-0afff3258aab
https://nanai-clw.com/zclkvisitor/49617632-d8bc-11ef-bc13-0afff3258aab/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=49765dc2-d8bc-11ef-bc13-0afff3258aab

3 KB
3 KB

151ms
54ms

Document
text/html

18.235.30.113
AMAZON-AES

General

Check archive.org

Download Go to

Full URL

https://nanai-clw.com/zclkvisitor/49617632-d8bc-11ef-bc13-0afff3258aab/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=49765dc2-d8bc-11ef-bc13-0afff3258aab

Requested by

Host: ksan.drofortho.com
URL: https://ksan.drofortho.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.235.30.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-235-30-113.compute-1.amazonaws.com

Software

Resource Hash

1d32df71a3c3e443d3179e72d367171372ab40421b23d77a2cd01d236462a8d8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer: https://ksan.drofortho.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With,Content-Type
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 3088
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
content-type: text/html;charset=UTF-8
date: Wed, 22 Jan 2025 12:27:47 GMT

Redirect headers

Location: https://nanai-clw.com/zclkvisitor/49617632-d8bc-11ef-bc13-0afff3258aab/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=49765dc2-d8bc-11ef-bc13-0afff3258aab
Non-Authoritative-Reason: HttpsUpgrades

GET
H3

200

/ Show response
go.c0nect.com/
Redirect Chain

https://ernus-dop.com/zclkredirect?visitid=49617632-d8bc-11ef-bc13-0afff3258aab&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel...
https://so-gre8.net/r/xymof9wRzdUPJkd2IUFo75A2y34vsHEF6-djp1CgwwVbhPjAvrvC1uxEWBONzGGUgPYu7FZlZznahNwEnSD6Sb1c9D9gjkVtXI-vqUHp2JCA6dglJsluvpPO5Jdl45keJLfMWJHa-c_SfKt2zkDPA82RlS3PuOhKLYmHVMeZppL4kDm...
https://user-agent.trafficdecisions.com/okay/?d=okay&t=2
https://go.c0nect.com/?t=3

797 B
804 B

127ms
46ms

Document
text/html

2606:4700::6812:f0e
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://go.c0nect.com/?t=3
Requested by: Host: nanai-clw.com
URL: https://nanai-clw.com/zclkvisitor/49617632-d8bc-11ef-bc13-0afff3258aab/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=49765dc2-d8bc-11ef-bc13-0afff3258aab
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5e243914e668142f45c1490d75fbf0ac1ba4767957dc487040708b2dab54d4f

Request headers

Referer: https://nanai-clw.com/zclkvisitor/49617632-d8bc-11ef-bc13-0afff3258aab/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=49765dc2-d8bc-11ef-bc13-0afff3258aab
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 905f8a4b2a684207-EWR
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Wed, 22 Jan 2025 12:27:48 GMT
priority: u=0,i
server: cloudflare
server-timing: cfExtPri
vary: Accept-Encoding

Redirect headers

cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 905f8a4a09c6de9a-EWR
content-length: 143
content-type: text/html
date: Wed, 22 Jan 2025 12:27:48 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
location: https://go.c0nect.com/?t=3
server: cloudflare
vary: Accept-Encoding

GET
H3 200 favicon.ico
go.c0nect.com/ 5 B
159 B 34ms
34ms Other
text/plain 2606:4700::6812:f0e
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://go.c0nect.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54a0e8c17ebb21a11f8a25b8042786ef7efe52441e6cc87e92c67e0c4c0c6e78

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cf-ray: 905f8a4bfb3a4207-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 5
date: Wed, 22 Jan 2025 12:27:48 GMT
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

POST
H3 200 / Show response
go.c0nect.com/ 394 B
355 B 59ms
59ms Document
text/html 2606:4700::6812:f0e
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://go.c0nect.com/?d=undefined&t=3-post&8s4n53_source=1737548868362&8s4n53_domain=http://scienceinabag.org?utm_source=google
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e927516f91a10aa4218e2667cb9ca355e8b358aa3a0010ee24466547324eca7d

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 905f8a4cabea4207-EWR
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Wed, 22 Jan 2025 12:27:48 GMT
priority: u=0,i
server: cloudflare
server-timing: cfExtPri
vary: Accept-Encoding

GET
H/1.1

200
OK

/ Show response
scienceinabag.org/
Redirect Chain

http://scienceinabag.org/?utm_source=google
https://scienceinabag.org/?utm_source=google

593 B
606 B

457ms
171ms

Document
text/html

64.225.91.73
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL: https://scienceinabag.org/?utm_source=google
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.225.91.73 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7392749832c70fcfc2d440d7afc2f880000dd564930d95d634eb1199fa15de30

Request headers

Referer: https://go.c0nect.com/?d=undefined&t=3-post&8s4n53_source=1737548868362&8s4n53_domain=http://scienceinabag.org?utm_source=google
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 22 Jan 2025 12:27:49 GMT
ETag: W/"63f68860-251"
Last-Modified: Wed, 22 Feb 2023 21:25:52 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

Redirect headers

Location: https://scienceinabag.org/?utm_source=google
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 favicon.ico
go.c0nect.com/ 5 B
159 B 34ms
34ms Other
text/plain 2606:4700::6812:f0e
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://go.c0nect.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cf-ray: 905f8a4d2c684207-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 5
date: Wed, 22 Jan 2025 12:27:48 GMT
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H2 200 /
domaincntrol.com/ 30 B
338 B 232ms
106ms Fetch
text/javascript 2606:4700::6812:1a2d
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://domaincntrol.com/?orighost=https://scienceinabag.org/?utm_source=google
Requested by: Host: scienceinabag.org
URL: https://scienceinabag.org/?utm_source=google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://scienceinabag.org/

Response headers

x_details: {"destination":"sedo","orighost":"scienceinabag.org","type":"arb","finalurl":"http://ww2.scienceinabag.org","browser":"chrome","os":"linux","country":"US","device":"desktop","isbot":false,"botscore":99}
cf-ray: 905f8a51283a7ce7-EWR
access-control-allow-origin: *
content-length: 30
date: Wed, 22 Jan 2025 12:27:49 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK favicon.ico
scienceinabag.org/ 593 B
606 B 89ms
88ms Other
text/html 64.225.91.73
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL: https://scienceinabag.org/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.225.91.73 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7392749832c70fcfc2d440d7afc2f880000dd564930d95d634eb1199fa15de30

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://scienceinabag.org/?utm_source=google

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: W/"63f68860-251"
Connection: keep-alive
Date: Wed, 22 Jan 2025 12:27:49 GMT
Content-Type: text/html
Last-Modified: Wed, 22 Feb 2023 21:25:52 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H2

200

/ Show response
ww2.scienceinabag.org/
Redirect Chain

http://ww2.scienceinabag.org/
https://ww2.scienceinabag.org/

3 KB
2 KB

2039ms
1697ms

Document
text/html

64.190.63.136
SEDO-AS SEDO GmbH

General

Check archive.org

Download Go to

Full URL: https://ww2.scienceinabag.org/
Requested by: Host: scienceinabag.org
URL: https://scienceinabag.org/?utm_source=google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.190.63.136 , Germany, ASN47846 (SEDO-AS SEDO GmbH, DE),
Reverse DNS
Software: Parking/1.0 /
Resource Hash: 85be745658cd69d22d49bc05b83928a20ac151241824f5172b072bd745db687b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 22 Jan 2025 12:27:51 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 22 Jan 2025 12:27:49 GMT
pragma: no-cache
server: Parking/1.0
vary: Accept-Encoding
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_L7m5HPPhrhqfQaiLZwkyIqn2SiqmA2Qsm90MBh+9d5AKbOpRWJ17Y6oAk5ueo8G0nR+WamGO5zDb7k8hAENZaw==
x-cache-miss-from: parking-5f7bdb5f75-qmtvg

Redirect headers

Location: https://ww2.scienceinabag.org/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 441 js_preloader.gif
ww2.scienceinabag.org/img.sedoparking.com/images/ 0
19 B 120ms
120ms Image
text/plain 64.190.63.136
SEDO-AS SEDO GmbH

General

Check archive.org

Download Go to Show image

Full URL: https://ww2.scienceinabag.org/img.sedoparking.com/images/js_preloader.gif
Requested by: Host: ww2.scienceinabag.org
URL: https://ww2.scienceinabag.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.190.63.136 , Germany, ASN47846 (SEDO-AS SEDO GmbH, DE),
Reverse DNS
Software: Parking/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ww2.scienceinabag.org/

Response headers

date: Wed, 22 Jan 2025 12:27:51 GMT
server: Parking/1.0
content-length: 0

GET
H2 200 tsc.php
ww2.scienceinabag.org/search/ 0
35 B 235ms
234ms XHR
text/html 64.190.63.136
SEDO-AS SEDO GmbH

General

Check archive.org

Download Go to

Full URL: https://ww2.scienceinabag.org/search/tsc.php?ses=ogch_c_DSajlj6xnMLvkSe4SvKfKodSzOV23RZuhUuJ70feV8SwCcxfqd-tbJw3PSexBYqjhE5XiT8hFKuRewAOoVlGt7-pSS89NDDoyC8ieCwYkDB0VxkuqKaYQtDq6cSwsTiqwIoFrq4lgv0UVX9pXByxgiKdd-CoSQ5ycXYz61b9YdYvX7vQviEirXVipIZ1ePURlY7zOrcO-Q0SvAYCb-RU-fIcQ7tD0khRsSEjXFtyffHb7UaA2106hkQ3S4kIJ_XJ-u2TFflLM830F8mQhuhU-uiVRD-EXLwj2khebGjKfLJv3hlB7bDSYxVYF9rvqFWvE8EmBfBt0H2nfbD4SdWZwNNyO_wAuI04vU2-dX9vBsKCcDskQ0B5TfZ1&cv=2
Requested by: Host: ww2.scienceinabag.org
URL: https://ww2.scienceinabag.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.190.63.136 , Germany, ASN47846 (SEDO-AS SEDO GmbH, DE),
Reverse DNS
Software: Parking/1.0 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ww2.scienceinabag.org/

Response headers

x-cache-miss-from: parking-5f7bdb5f75-62tdz
content-length: 0
date: Wed, 22 Jan 2025 12:27:51 GMT
content-type: text/html; charset=UTF-8
server: Parking/1.0

GET
H2 200 sedo_logo.png
img.sedoparking.com/templates/logos/ 15 KB
15 KB 129ms
31ms Other
image/png 205.234.175.175
CACHENETWORKS

General

Check archive.org

Download Go to

Full URL: https://img.sedoparking.com/templates/logos/sedo_logo.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ww2.scienceinabag.org/

Response headers

x-cf-rand: 7.161
x-cf2: H
expires: Wed, 29 Jan 2025 12:27:51 GMT
x-cf1: 11696:fA.ewr1:cf:nom:cacheN.ewr1-01:H
date: Wed, 22 Jan 2025 12:27:51 GMT
cf4ttl: 31536000.000
content-type: image/png
x-cff: B
last-modified: Mon, 11 Jan 2021 07:44:34 GMT
x-cf-reqid: 4b4dbd4f21ae6ddd2138ffe09353a97b
cf4age: 2354427
cache-control: max-age=604800
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15086
x-cfhash: "def00c11b1596db4efee6a9fbe64fc27"
x-cf-tsc: 1684184564
server: CFS 0215

GET
H2

200

px Show response
trbx-l1.online/api/v1/
Redirect Chain

https://ww2.scienceinabag.org/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DUqVZ3OVsnZM_0&v=NTZjMWQ1YjM5ZDdjZjQ2YTllZjI1YWQyYmMwNDVkYjQJMQl3dzIuc2NpZW5jZWluYWJhZy5vcmc2NzkwZTQ0N...
https://ww2.scienceinabag.org/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DUqVZ3OVsnZM_0&v=NTZjMWQ1YjM5ZDdjZjQ2YTllZjI1YWQyYmMwNDVkYjQJMQl3dzIuc2NpZW5jZWluYWJhZy5vcmc2NzkwZTQ0N...
https://xml.sedodna.com/click?i=UqVZ3OVsnZM_0
http://trbx-l1.online/api/v1/px?xmlid=RUzmAsFJRAR2fAOQRAAYDpvNgSANS40ArJPnkTHO
https://trbx-l1.online/api/v1/px?xmlid=RUzmAsFJRAR2fAOQRAAYDpvNgSANS40ArJPnkTHO

90 KB
21 KB

177ms
76ms

Document
text/html

15.197.224.234
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://trbx-l1.online/api/v1/px?xmlid=RUzmAsFJRAR2fAOQRAAYDpvNgSANS40ArJPnkTHO
Requested by: Host: ww2.scienceinabag.org
URL: https://ww2.scienceinabag.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.224.234 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab226b763647f1870.awsglobalaccelerator.com
Software: /
Resource Hash: 4a5eb8b6710a4596d53f6831a2ec73e4daf1c4a9c11920d56cacf0f64847e856

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 22 Jan 2025 12:27:52 GMT
etag: W/"1698b-TeEDNrnAA0zbFVjXdnjJXrV2Y7I"
vary: Accept-Encoding

Redirect headers

Location: https://trbx-l1.online/api/v1/px?xmlid=RUzmAsFJRAR2fAOQRAAYDpvNgSANS40ArJPnkTHO
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 stormcaster.js Show response
cdn.perfdrive.com/advanced/ 240 KB
90 KB 121ms
33ms Script
application/javascript 130.211.29.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Requested by: Host: trbx-l1.online
URL: https://trbx-l1.online/api/v1/px?xmlid=RUzmAsFJRAR2fAOQRAAYDpvNgSANS40ArJPnkTHO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.29.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.29.211.130.bc.googleusercontent.com
Software: nginx/1.10.1 /
Resource Hash: 06355098292635455e261866d3ae12f98ce81e3dac79295425ed5863e823e79f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://trbx-l1.online/

Response headers

cache-control: max-age=3600,public
content-encoding: gzip
etag: W/"678f7a43-3bf3a"
age: 2048
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91395
date: Wed, 22 Jan 2025 11:53:44 GMT
last-modified: Tue, 21 Jan 2025 10:43:15 GMT
content-type: application/javascript
server: nginx/1.10.1
vary: Accept-Encoding

POST
H2 200 jsdata
cas.avalon.perfdrive.com/ 360 B
505 B 119ms
33ms XHR
text/plain 35.241.15.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://cas.avalon.perfdrive.com/jsdata?
Requested by: Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.15.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.15.241.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://trbx-l1.online/

Response headers

via: 1.1 google
x-response-time: 1ms
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 360
date: Wed, 22 Jan 2025 12:27:52 GMT
content-type: text/plain; charset=UTF-8

POST
H2 200 jsdata
cas.avalon.perfdrive.com/ 198 B
256 B 117ms
32ms XHR
text/plain 35.241.15.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://cas.avalon.perfdrive.com/jsdata?
Requested by: Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.15.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.15.241.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://trbx-l1.online/

Response headers

via: 1.1 google
x-response-time: 0ms
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198
date: Wed, 22 Jan 2025 12:27:52 GMT
content-type: text/plain; charset=UTF-8

GET
H/1.1

200
OK

filter Show response
tq.lensgard-4.online/
Redirect Chain

https://trbx-l1.online/api/v1/pxcheck?impId=RUzmAsFJRAR2fAOQRAAYDpvNgSANS40ArJPnkTHO&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMz...
http://xml-v4.lensgard-4.online/click?seat=3082852&i=o60UJjb*7j0_0
https://xml-v4.lensgard-4.online/click?seat=3082852&i=o60UJjb*7j0_0
https://tq.lensgard-4.online/filter?q=scienceinabag&i=o60UJjb*7j0_0&ci=5453458456455008592&t=2096951658&h=29

15 KB
15 KB

143ms
50ms

Document
text/html

173.239.53.32
WEBAIR-INTERNET

General

Check archive.org

Download Go to

Full URL: https://tq.lensgard-4.online/filter?q=scienceinabag&i=o60UJjb*7j0_0&ci=5453458456455008592&t=2096951658&h=29
Requested by: Host: trbx-l1.online
URL: https://trbx-l1.online/api/v1/px?xmlid=RUzmAsFJRAR2fAOQRAAYDpvNgSANS40ArJPnkTHO
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.239.53.32 New York, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: 893cbdb1bf4fcb822578b0d9cd44828daff9668fe72d44ed5bc034e3e4089af0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store
Connection: keep-alive
Content-Length: 15422
Content-Type: text/html; charset=utf-8
Date: Wed, 22 Jan 2025 12:27:52 GMT
Referrer-Policy: unsafe-url
Server: nginx

Redirect headers

Cache-Control: no-store
Connection: keep-alive
Content-Length: 0
Date: Wed, 22 Jan 2025 12:27:52 GMT
Location: https://tq.lensgard-4.online/filter?q=scienceinabag&i=o60UJjb*7j0_0&ci=5453458456455008592&t=2096951658&h=29
Server: nginx

GET
H2 200 aperture.js Show response
cdn.perfdrive.com/aperture/ 26 KB
8 KB 141ms
33ms Script
application/javascript 130.211.29.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://cdn.perfdrive.com/aperture/aperture.js
Requested by: Host: tq.lensgard-4.online
URL: https://tq.lensgard-4.online/filter?q=scienceinabag&i=o60UJjb*7j0_0&ci=5453458456455008592&t=2096951658&h=29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.29.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.29.211.130.bc.googleusercontent.com
Software: nginx/1.10.1 /
Resource Hash: 9fb91ff0e8c179aea40dbe6842b36fd201654f5647c21dcec41fd18be535d506

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tq.lensgard-4.online/filter?q=scienceinabag&i=o60UJjb*7j0_0&ci=5453458456455008592&t=2096951658&h=29

Response headers

cache-control: max-age=3600,public
content-encoding: gzip
etag: W/"678f7a53-6844"
age: 3101
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7938
date: Wed, 22 Jan 2025 11:36:12 GMT
last-modified: Tue, 21 Jan 2025 10:43:31 GMT
content-type: application/javascript
server: nginx/1.10.1
vary: Accept-Encoding

POST
H2 200 jsdata
cas.avalon.perfdrive.com/ 316 B
375 B 164ms
87ms XHR
text/plain 35.241.15.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://cas.avalon.perfdrive.com/jsdata?
Requested by: Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.15.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.15.241.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://tq.lensgard-4.online/filter?q=scienceinabag&i=o60UJjb*7j0_0&ci=5453458456455008592&t=2096951658&h=29

Response headers

via: 1.1 google
x-response-time: 3ms
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316
date: Wed, 22 Jan 2025 12:27:53 GMT
content-type: text/plain; charset=UTF-8

POST
H2 200 jsdata
cas.avalon.perfdrive.com/ 198 B
343 B 161ms
86ms XHR
text/plain 35.241.15.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://cas.avalon.perfdrive.com/jsdata?
Requested by: Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.15.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.15.241.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://tq.lensgard-4.online/filter?q=scienceinabag&i=o60UJjb*7j0_0&ci=5453458456455008592&t=2096951658&h=29

Response headers

via: 1.1 google
x-response-time: 1ms
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198
date: Wed, 22 Jan 2025 12:27:53 GMT
content-type: text/plain; charset=UTF-8

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tq.lensgard-4.online/filter?q=scienceinabag&i=o60UJjb*7j0_0&ci=5453458456455008592&t=2096951658&h=29

Response headers

Content-Type: image/png

GET
H2

200

Primary Request watch
www.youtube.com/
Redirect Chain

https://xml-v4.lensgard-4.online/click2?i=o60UJjb*7j0_0&ci=5453458456455008592&j=rv%3Db%26ss%3D1600x1200%26ws%3D1600x1200%26wp%3D120x120%26ce%3D1%26ck%3Djc%26cv%3D5516%26cs%3D1%26fr%3D0%26hc%3D0%26...
https://bit.ly/4hVR4rD
https://youtu.be/EWDDJPpPQgs?si=YTGg1ndjXv1bwBvk
https://www.youtube.com/watch?si=YTGg1ndjXv1bwBvk&v=EWDDJPpPQgs&feature=youtu.be

494 KB
0

155ms
70ms

Document
text/html

2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.youtube.com/watch?si=YTGg1ndjXv1bwBvk&v=EWDDJPpPQgs&feature=youtu.be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tq.lensgard-4.online/filter?q=scienceinabag&i=o60UJjb*7j0_0&ci=5453458456455008592&t=2096951658&h=29
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="youtube_main"
date: Wed, 22 Jan 2025 12:27:53 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-security-policy: require-trusted-types-for 'script'
content-type: application/binary
cross-origin-opener-policy: same-origin-allow-popups; report-to="SHORT_URL"
date: Wed, 22 Jan 2025 12:27:53 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://www.youtube.com/watch?si=YTGg1ndjXv1bwBvk&v=EWDDJPpPQgs&feature=youtu.be
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"SHORT_URL","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SHORT_URL"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 204 generate_204
i.ytimg.com/ 0
117 B 180ms
63ms Other
text/plain 2607:f8b0:4006:80d::2016
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://i.ytimg.com/generate_204
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/watch?si=YTGg1ndjXv1bwBvk&v=EWDDJPpPQgs&feature=youtu.be
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2016 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.youtube.com/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 22 Jan 2025 12:27:54 GMT
cross-origin-resource-policy: cross-origin

GET base.js
www.youtube.com/s/player/dd017f77/player_ias.vflset/en_US/ 0
0

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/EWDDJPpPQgs/ 11 KB
12 KB 179ms
64ms Image
image/jpeg 2607:f8b0:4006:80d::2016
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/EWDDJPpPQgs/hqdefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/watch?si=YTGg1ndjXv1bwBvk&v=EWDDJPpPQgs&feature=youtu.be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2016 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5ff59c6c92d8858ea3cc930af4b5af27e17829398255fc4519774e5b5eea60f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.youtube.com/

Response headers

etag: "1725380326"
age: 0
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Wed, 22 Jan 2025 14:27:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 22 Jan 2025 12:27:54 GMT
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 11563
x-xss-protection: 0
server: sffe

GET desktop_polymer.js
www.youtube.com/s/desktop/3205cbb0/jsbin/desktop_polymer.vflset/ 0
0

GET
H2 200 web-animations-next-lite.min.js Show response
www.youtube.com/s/desktop/3205cbb0/jsbin/web-animations-next-lite.min.vflset/ 50 KB
15 KB 108ms
106ms Script
text/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.youtube.com/s/desktop/3205cbb0/jsbin/web-animations-next-lite.min.vflset/web-animations-next-lite.min.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/watch?si=YTGg1ndjXv1bwBvk&v=EWDDJPpPQgs&feature=youtu.be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

708021b0a03278843afdf5190777b25bead3458548e7c221ac1ff6f6e6e17bad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.youtube.com/watch?si=YTGg1ndjXv1bwBvk&v=EWDDJPpPQgs&feature=youtu.be

Response headers

content-encoding: br
age: 426840
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Sat, 17 Jan 2026 13:53:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 17 Jan 2025 13:53:53 GMT
last-modified: Fri, 17 Jan 2025 04:16:50 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 15162
x-xss-protection: 0
server: sffe

GET
H2 200 custom-elements-es5-adapter.js Show response
www.youtube.com/s/desktop/3205cbb0/jsbin/custom-elements-es5-adapter.vflset/ 2 KB
853 B 115ms
113ms Script
text/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.youtube.com/s/desktop/3205cbb0/jsbin/custom-elements-es5-adapter.vflset/custom-elements-es5-adapter.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/watch?si=YTGg1ndjXv1bwBvk&v=EWDDJPpPQgs&feature=youtu.be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59ce6bdf8e3d17bb68667499c34a3ec32b9f7836dbca59d03237a4c9fffefd35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.youtube.com/watch?si=YTGg1ndjXv1bwBvk&v=EWDDJPpPQgs&feature=youtu.be

Response headers

content-encoding: br
age: 426840
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Sat, 17 Jan 2026 13:53:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 17 Jan 2025 13:53:53 GMT
last-modified: Fri, 17 Jan 2025 04:16:50 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 789
x-xss-protection: 0
server: sffe

GET
H2 200 webcomponents-sd.js Show response
www.youtube.com/s/desktop/3205cbb0/jsbin/webcomponents-sd.vflset/ 77 KB
23 KB 95ms
94ms Script
text/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.youtube.com/s/desktop/3205cbb0/jsbin/webcomponents-sd.vflset/webcomponents-sd.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/watch?si=YTGg1ndjXv1bwBvk&v=EWDDJPpPQgs&feature=youtu.be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb87b198456171c713437e7e440cbd94d72f263ad190f12cd9720a06fc540d0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.youtube.com/watch?si=YTGg1ndjXv1bwBvk&v=EWDDJPpPQgs&feature=youtu.be

Response headers

content-encoding: br
age: 426840
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Sat, 17 Jan 2026 13:53:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 17 Jan 2025 13:53:53 GMT
last-modified: Fri, 17 Jan 2025 04:16:50 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 22928
x-xss-protection: 0
server: sffe

GET intersection-observer.min.js
www.youtube.com/s/desktop/3205cbb0/jsbin/intersection-observer.min.vflset/ 0
0

GET scheduler.js
www.youtube.com/s/desktop/3205cbb0/jsbin/scheduler.vflset/ 0
0

GET www-i18n-constants.js
www.youtube.com/s/desktop/3205cbb0/jsbin/www-i18n-constants-en_US.vflset/ 0
0

GET
H2 200 css2
fonts.googleapis.com/ 73 KB
15 KB 203ms
67ms Stylesheet
text/css 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto_old:wght@300;400;500;700&family=YouTube+Sans:wght@300..900&display=swap

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/watch?si=YTGg1ndjXv1bwBvk&v=EWDDJPpPQgs&feature=youtu.be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6ab214629c0cc2adc644f84674f4bba534983275772febf979ac3a69e95b624a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.youtube.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 22 Jan 2025 12:27:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 22 Jan 2025 12:27:54 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 22 Jan 2025 11:15:21 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET www-player.css
www.youtube.com/s/player/dd017f77/ 0
0

GET www-main-desktop-watch-page-skeleton.css
www.youtube.com/s/desktop/3205cbb0/cssbin/ 0
0

GET www-main-desktop-player-skeleton.css
www.youtube.com/s/desktop/3205cbb0/cssbin/ 0
0

GET www-onepick.css
www.youtube.com/s/desktop/3205cbb0/cssbin/ 0
0

GET rs=AGKMywE44GtlB0q6qypxR9oBE3wzh1QmYA
www.youtube.com/s/_/ytmainappweb/_/ss/k=ytmainappweb.kevlar_base.hBIyFHzkDl4.L.B1.O/am=AABBAg/d=0/br=1/ 0
0

GET
H3 204 generate_204
rr3---sn-8xgp1vo-2pul.googlevideo.com/ 0
7 B 141ms
43ms Other
text/plain 2600:803:1504:1::e
UUNET

General

Check archive.org

Download Go to

Full URL: https://rr3---sn-8xgp1vo-2pul.googlevideo.com/generate_204
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/watch?si=YTGg1ndjXv1bwBvk&v=EWDDJPpPQgs&feature=youtu.be
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:803:1504:1::e , United States, ASN701 (UUNET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.youtube.com/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"

GET
H3 204 generate_204
rr3---sn-8xgp1vo-2pul.googlevideo.com/ 0
7 B 142ms
44ms Other
text/plain 2600:803:1504:1::e
UUNET

General

Check archive.org

Download Go to

Full URL: https://rr3---sn-8xgp1vo-2pul.googlevideo.com/generate_204?conn2
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/watch?si=YTGg1ndjXv1bwBvk&v=EWDDJPpPQgs&feature=youtu.be
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:803:1504:1::e , United States, ASN701 (UUNET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.youtube.com/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/s/player/dd017f77/player_ias.vflset/en_US/base.js

Domain: www.youtube.com
URL: https://www.youtube.com/s/desktop/3205cbb0/jsbin/desktop_polymer.vflset/desktop_polymer.js

Domain: www.youtube.com
URL: https://www.youtube.com/s/desktop/3205cbb0/jsbin/intersection-observer.min.vflset/intersection-observer.min.js

Domain: www.youtube.com
URL: https://www.youtube.com/s/desktop/3205cbb0/jsbin/scheduler.vflset/scheduler.js

Domain: www.youtube.com
URL: https://www.youtube.com/s/desktop/3205cbb0/jsbin/www-i18n-constants-en_US.vflset/www-i18n-constants.js

Domain: www.youtube.com
URL: https://www.youtube.com/s/player/dd017f77/www-player.css

Domain: www.youtube.com
URL: https://www.youtube.com/s/desktop/3205cbb0/cssbin/www-main-desktop-watch-page-skeleton.css

Domain: www.youtube.com
URL: https://www.youtube.com/s/desktop/3205cbb0/cssbin/www-main-desktop-player-skeleton.css

Domain: www.youtube.com
URL: https://www.youtube.com/s/desktop/3205cbb0/cssbin/www-onepick.css

Domain: www.youtube.com
URL: https://www.youtube.com/s/_/ytmainappweb/_/ss/k=ytmainappweb.kevlar_base.hBIyFHzkDl4.L.B1.O/am=AABBAg/d=0/br=1/rs=AGKMywE44GtlB0q6qypxR9oBE3wzh1QmYA

Verdicts & Comments Add Verdict or Comment

18 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.drofortho.com/	1970-01-21 12:15:08	Name: sid Value: 494763f3-d8bc-11ef-8b83-42fc3c145858
.trafficdecisions.com/	1970-01-21 02:39:10	Name: __cf_bm Value: vyAJtnuuC7HFvKBNKpx7wGDxjONyNNqgQn42n4oQHvM-1737548868-1.0.1.1-jdMLjSOvgvX9sBhcMJK37ZkIR74coqADbZ53mHsNePOy1J4W8VXUY9ZNY4z8TAMMWxEF7sScg4OXanffOQ8V0g
.c0nect.com/	1970-01-21 02:39:10	Name: __cf_bm Value: 1LaJNJ1suDRAywLpW1qciNHiJfiofDoQm2oASi34yV4-1737548868-1.0.1.1-xcmgTTbSIbnQOymxDABZvC0FTw.Gy0k03QZLA_UfeqM2fExEuyqoFCDvYvr2IQ62unnxt90Va_.qAIoARr8LAA
.trbx-l1.online/	1970-01-21 06:58:20	Name: __ssds Value: 2
.trbx-l1.online/	1970-01-21 06:58:20	Name: __ssuzjsr2 Value: a9be0cd8e
.trbx-l1.online/	1970-01-21 06:58:20	Name: __uzmaj2 Value: 87bfc66c-9743-43b6-8de9-cf42adffbc21
.trbx-l1.online/	1970-01-21 06:58:20	Name: __uzmbj2 Value: 1737548872
.trbx-l1.online/	1970-01-21 06:58:20	Name: __uzmcj2 Value: 803781047314
.trbx-l1.online/	1970-01-21 06:58:20	Name: __uzmdj2 Value: 1737548872
.trbx-l1.online/	1970-01-21 06:58:20	Name: __uzmlj2 Value: arpRNnWdVGhhakEuP1Qa4yJxPo7OdYWPSYERvG/J10Q=
.trbx-l1.online/	1970-01-21 06:58:20	Name: __uzmfj2 Value: 7f6000a2245c75-51d1-45cc-b4ea-e24a6afc51b017375488726550-6d02e4d33cb3b56010
.lensgard-4.online/	1969-12-31 23:59:59	Name: x3325799 Value: 2073536250
tq.lensgard-4.online/	1969-12-31 23:59:59	Name: c859661311 Value: 2073536250
.lensgard-4.online/	1970-01-21 06:58:20	Name: __ssds Value: 2
tq.lensgard-4.online/	1969-12-31 23:59:59	Name: jc Value: 5516
.lensgard-4.online/	1970-01-21 06:58:20	Name: __ssuzjsr2 Value: a9be0cd8e
.lensgard-4.online/	1970-01-21 06:58:20	Name: __uzmaj2 Value: 2e8ba663-bed3-4a71-a496-e105fdd4d353
.lensgard-4.online/	1970-01-21 06:58:20	Name: __uzmbj2 Value: 1737548873
.lensgard-4.online/	1970-01-21 06:58:20	Name: __uzmcj2 Value: 777381086457
.lensgard-4.online/	1970-01-21 06:58:20	Name: __uzmdj2 Value: 1737548873
.bit.ly/	1970-01-21 06:58:20	Name: _bit Value: p0mcrR-a613f78721bcc56198-00I
.youtube.com/	1970-01-21 02:39:10	Name: GPS Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: d8Mn39zE4Es
.youtube.com/	1970-01-21 06:58:20	Name: VISITOR_INFO1_LIVE Value: CmCoFQy0wiw
.youtube.com/	1970-01-21 06:58:20	Name: VISITOR_PRIVACY_METADATA Value: CgJVUxIEGgAgVg%3D%3D
.youtube.com/	1970-01-21 06:58:20	Name: __Secure-ROLLOUT_TOKEN Value: CO_w_6O5jM6e8wEQ-oGf-6mJiwMY-oGf-6mJiwM%3D

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://nanai-clw.com/zclkvisitor/49617632-d8bc-11ef-bc13-0afff3258aab/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=49765dc2-d8bc-11ef-bc13-0afff3258aab Message: [GroupMarkerNotSet(crbug.com/242999)!:A04065004C190000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://ww2.scienceinabag.org/img.sedoparking.com/images/js_preloader.gif Message: Failed to load resource: the server responded with a status of 441 ()
rendering	warning	URL: https://trbx-l1.online/api/v1/px?xmlid=RUzmAsFJRAR2fAOQRAAYDpvNgSANS40ArJPnkTHO Message: [GroupMarkerNotSet(crbug.com/242999)!:A0A065004C190000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://tq.lensgard-4.online/filter?q=scienceinabag&i=o60UJjb7j0_0&ci=5453458456455008592&t=2096951658&h=29 Message*: [GroupMarkerNotSet(crbug.com/242999)!:A0A065004C190000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
javascript	warning	URL: https://www.youtube.com/watch?si=YTGg1ndjXv1bwBvk&v=EWDDJPpPQgs&feature=youtu.be Message: The resource https://rr3---sn-8xgp1vo-2pul.googlevideo.com/generate_204?conn2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.youtube.com/watch?si=YTGg1ndjXv1bwBvk&v=EWDDJPpPQgs&feature=youtu.be Message: The resource https://rr3---sn-8xgp1vo-2pul.googlevideo.com/generate_204 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.youtube.com/watch?si=YTGg1ndjXv1bwBvk&v=EWDDJPpPQgs&feature=youtu.be Message: The resource https://i.ytimg.com/generate_204 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.youtube.com/watch?si=YTGg1ndjXv1bwBvk&v=EWDDJPpPQgs&feature=youtu.be Message: The resource https://i.ytimg.com/vi/EWDDJPpPQgs/hqdefault.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
cas.avalon.perfdrive.com
cdn.perfdrive.com
domaincntrol.com
ernus-dop.com
fonts.googleapis.com
go.c0nect.com
i.ytimg.com
img.sedoparking.com
ksan.drofortho.com
nanai-clw.com
rr3---sn-8xgp1vo-2pul.googlevideo.com
scienceinabag.org
so-gre8.net
tq.lensgard-4.online
trbx-l1.online
user-agent.trafficdecisions.com
ww2.scienceinabag.org
www.youtube.com
xml-v4.lensgard-4.online
xml.sedodna.com
youtu.be
www.youtube.com
130.211.29.114
15.197.224.234
172.98.192.37
173.239.53.32
18.235.30.113
205.234.175.175
2600:803:1504:1::e
2606:4700::6812:1a2d
2606:4700::6812:a88
2606:4700::6812:f0e
2607:f8b0:4006:809::200a
2607:f8b0:4006:80d::2016
2607:f8b0:4006:81e::200e
2607:f8b0:4006:823::200e
35.241.15.240
5.161.89.212
64.190.63.136
64.225.91.73
67.199.248.10
06355098292635455e261866d3ae12f98ce81e3dac79295425ed5863e823e79f
1d32df71a3c3e443d3179e72d367171372ab40421b23d77a2cd01d236462a8d8
4a5eb8b6710a4596d53f6831a2ec73e4daf1c4a9c11920d56cacf0f64847e856
54a0e8c17ebb21a11f8a25b8042786ef7efe52441e6cc87e92c67e0c4c0c6e78
59ce6bdf8e3d17bb68667499c34a3ec32b9f7836dbca59d03237a4c9fffefd35
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
6ab214629c0cc2adc644f84674f4bba534983275772febf979ac3a69e95b624a
708021b0a03278843afdf5190777b25bead3458548e7c221ac1ff6f6e6e17bad
7392749832c70fcfc2d440d7afc2f880000dd564930d95d634eb1199fa15de30
85be745658cd69d22d49bc05b83928a20ac151241824f5172b072bd745db687b
893cbdb1bf4fcb822578b0d9cd44828daff9668fe72d44ed5bc034e3e4089af0
9fb91ff0e8c179aea40dbe6842b36fd201654f5647c21dcec41fd18be535d506
e33b591af912f64d961d43fab98fc380ae166ed666045769d318d8560cd0ab8f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e243914e668142f45c1490d75fbf0ac1ba4767957dc487040708b2dab54d4f
e927516f91a10aa4218e2667cb9ca355e8b358aa3a0010ee24466547324eca7d
f5ff59c6c92d8858ea3cc930af4b5af27e17829398255fc4519774e5b5eea60f
fb87b198456171c713437e7e440cbd94d72f263ad190f12cd9720a06fc540d0c

www.youtube.com Open in urlscan Pro 2607:f8b0:4006:81e::200e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

40 Requests

73 %HTTPS

42 %IPv6

19 Domains

22 Subdomains

16 IPs

2 Countries

224 kBTransfer

1103 kBSize

26 Cookies

0 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.youtube.com Open in urlscan Pro
2607:f8b0:4006:81e::200e Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

73 %
HTTPS

42 %
IPv6

19
Domains

22
Subdomains

16
IPs

2
Countries

224 kB
Transfer

1103 kB
Size

26
Cookies

40 HTTP transactions
1 data transactions