ww.metrolagu.ru Open in urlscan Pro
51.15.23.79 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B...
Submission: On August 22 via manual (August 22nd 2023, 8:42:44 pm UTC) from IL — Scanned from FR

Summary HTTP 85 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 34 IPs in 7 countries across 29 domains to perform 85 HTTP transactions. The main IP is 51.15.23.79, located in France and belongs to Online SAS, FR. The main domain is ww.metrolagu.ru.

This is the only time ww.metrolagu.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	51.15.23.79 51.15.23.79	12876 (Online SAS) (Online SAS)
4	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	173.233.137.52 173.233.137.52	7979 (SERVERS-COM) (SERVERS-COM)
1 2	2a00:1178:1:4... 2a00:1178:1:4b::19	35415 (WEBZILLA) (WEBZILLA)
1	2606:4700:303... 2606:4700:3037::6815:5b3f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	173.233.137.60 173.233.137.60	7979 (SERVERS-COM) (SERVERS-COM)
2	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	139.45.197.245 139.45.197.245	9002 (RETN-AS) (RETN-AS)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	67.216.91.5 67.216.91.5	35415 (WEBZILLA) (WEBZILLA)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
2	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2016	15169 (GOOGLE) (GOOGLE)
7	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::6815:46e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6814:51d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	149.56.240.129 149.56.240.129	16276 (OVH) (OVH)
3	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
2	2606:4700:20:... 2606:4700:20::681a:378	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.197.236 139.45.197.236	9002 (RETN-AS) (RETN-AS)
1	2606:4700:e2:... 2606:4700:e2::ac40:8402	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
85	34

14 51.15.23.79 (France)

ASN12876 (Online SAS, FR)
PTR: 51-15-23-79.rev.poneytelecom.eu

ww.metrolagu.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.233.137.52 (United States)

ASN7979 (SERVERS-COM, US)

pl19247398.highrevenuegate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1178:1:4b::19 (Netherlands) 1 redirects

ASN35415 (WEBZILLA, NL)

scentedindication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:5b3f (United States)

ASN13335 (CLOUDFLARENET, US)

inklinkor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.233.137.60 (United States)

ASN7979 (SERVERS-COM, US)

www.profitabledisplaynetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.245 (United Kingdom)

ASN9002 (RETN-AS, GB)

vasteeds.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.216.91.5 (United States)

ASN35415 (WEBZILLA, NL)

www.absolute-honey.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

lagu.ytconvert.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:46e8 (United States)

ASN13335 (CLOUDFLARENET, US)

mp4api.ytjar.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:51d (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.240.129 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534297.ip-149-56-240.net

s4i.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)

gloaphoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:378 (United States)

ASN13335 (CLOUDFLARENET, US)

dl--master--cdn.ytapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.236 (United Kingdom)

ASN9002 (RETN-AS, GB)

cdn.itskiddien.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:8402 (United States)

ASN13335 (CLOUDFLARENET, US)

tzegilo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)

fleraprt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	metrolagu.ru ww.metrolagu.ru	29 KB
13	youtube.com img.youtube.com — Cisco Umbrella Rank: 3581 www.youtube.com — Cisco Umbrella Rank: 87	988 KB
7	ytconvert.me lagu.ytconvert.me	109 KB
5	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 122 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 static.doubleclick.net — Cisco Umbrella Rank: 347	2 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	55 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 285	31 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	295 KB
3	gloaphoo.net gloaphoo.net — Cisco Umbrella Rank: 133625	35 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2706 www.google.com — Cisco Umbrella Rank: 3	15 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 62	42 KB
2	ytapis.com dl--master--cdn.ytapis.com — Cisco Umbrella Rank: 302328	10 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 11601 s4i.histats.com — Cisco Umbrella Rank: 92399	6 KB
2	absolute-honey.pro www.absolute-honey.pro	53 KB
2	google.fr www.google.fr — Cisco Umbrella Rank: 15053	515 B
2	vasteeds.net vasteeds.net	2 KB
2	profitabledisplaynetwork.com www.profitabledisplaynetwork.com — Cisco Umbrella Rank: 75070
2	scentedindication.com 1 redirects scentedindication.com	14 KB
1	fleraprt.com fleraprt.com — Cisco Umbrella Rank: 14963	484 B
1	tzegilo.com tzegilo.com — Cisco Umbrella Rank: 16005	7 KB
1	itskiddien.club cdn.itskiddien.club — Cisco Umbrella Rank: 35487	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 277	8 KB
1	ytjar.info mp4api.ytjar.info
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 234	4 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 118	7 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 9422	544 B
1	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 11064	5 KB
1	inklinkor.com inklinkor.com — Cisco Umbrella Rank: 75731	27 KB
1	highrevenuegate.com pl19247398.highrevenuegate.com
0	alexametrics.com Failed certify-js.alexametrics.com Failed
85	29

	Domain	Requested by
14	ww.metrolagu.ru	ww.metrolagu.ru
8	www.youtube.com	ww.metrolagu.ru www.youtube.com
7	lagu.ytconvert.me	ww.metrolagu.ru lagu.ytconvert.me
5	img.youtube.com	ww.metrolagu.ru
4	jnn-pa.googleapis.com	www.youtube.com
4	fonts.gstatic.com	www.youtube.com
4	www.googletagmanager.com	ww.metrolagu.ru www.googletagmanager.com lagu.ytconvert.me
3	gloaphoo.net	ww.metrolagu.ru gloaphoo.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	dl--master--cdn.ytapis.com	lagu.ytconvert.me
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	www.google.com	ww.metrolagu.ru www.youtube.com
2	www.absolute-honey.pro	scentedindication.com
2	www.google.fr	ww.metrolagu.ru
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	vasteeds.net	inklinkor.com
2	www.profitabledisplaynetwork.com	ww.metrolagu.ru
2	scentedindication.com	1 redirects ww.metrolagu.ru
1	fleraprt.com	tzegilo.com
1	tzegilo.com	gloaphoo.net
1	cdn.itskiddien.club	gloaphoo.net
1	s4i.histats.com	ww.metrolagu.ru
1	cdnjs.cloudflare.com	lagu.ytconvert.me
1	www.gstatic.com	www.youtube.com
1	s10.histats.com	ww.metrolagu.ru
1	mp4api.ytjar.info	ww.metrolagu.ru
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	my.rtmark.net	inklinkor.com
1	region1.analytics.google.com	www.googletagmanager.com
1	1.bp.blogspot.com	ww.metrolagu.ru
1	inklinkor.com	ww.metrolagu.ru
1	pl19247398.highrevenuegate.com	ww.metrolagu.ru
0	certify-js.alexametrics.com Failed	ww.metrolagu.ru
85	35

This site contains links to these domains. Also see Links.

Domain
youtube.com
goo.gl
woovoree.net
intorterraon.com
www.highrevenuegate.com
www.facebook.com
twitter.com
plus.google.com
betzapdoson.com
scratchy-trick.com
whulsaux.com
on.metrolagu.ru
mordoops.com
www.histats.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
inklinkor.com GTS CA 1P5	`2023-06-27` - `2023-09-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
vasteeds.net R3	`2023-08-16` - `2023-11-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.absolute-honey.pro R3	`2023-08-21` - `2023-11-19`	3 months	crt.sh
rtmark.net R3	`2023-07-25` - `2023-10-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
ytconvert.me E1	`2023-08-04` - `2023-11-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
histats.com R3	`2023-06-06` - `2023-09-04`	3 months	crt.sh
gloaphoo.net R3	`2023-07-26` - `2023-10-24`	3 months	crt.sh
ytapis.com GTS CA 1P5	`2023-07-03` - `2023-10-01`	3 months	crt.sh
itskiddien.club R3	`2023-06-09` - `2023-09-07`	3 months	crt.sh
tzegilo.com GTS CA 1P5	`2023-08-07` - `2023-11-05`	3 months	crt.sh
fleraprt.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-09` - `2024-01-14`	a year	crt.sh

This page contains 4 frames:

Primary Page: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
Frame ID: CB29BD013FD0FFECF6631A570F715C5B
Requests: 48 HTTP requests in this frame

Frame: https://www.youtube.com/embed/57QGeiwMP_g?modestbranding=1
Frame ID: 465517D41B217B6EE981B3D2FF74F6EC
Requests: 21 HTTP requests in this frame

Frame: https://lagu.ytconvert.me/api/single/mp4?url=https://www.youtube.com/watch?v=57QGeiwMP_g
Frame ID: 476F8693E6A4A9B96D3832D45204392B
Requests: 12 HTTP requests in this frame

Frame: http://mp4api.ytjar.info/?id=57QGeiwMP_g&c=FF0000&b=EEEEEE&t&h=40px&cb=FFFFFF&cc=FF0000&br=FF0000
Frame ID: 346E57D5E55103A879FD21B2518908F3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

masha babko content telegram @jasontrader9 masha babko маша бабко maşa babko #MashaBabko Download Video 3gp Mp4 dan mp3 convert - Music Video Tv Radio Zone

Detected technologies

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

85
Requests

66 %
HTTPS

70 %
IPv6

29
Domains

35
Subdomains

34
IPs

7
Countries

1746 kB
Transfer

5245 kB
Size

20
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: http://youtube.com/masha%20babko%20lover
Title: masha babko lover

Search URL Search Domain Scan URL

URL: https://goo.gl/E2c4so
Title: go to this link

Search URL Search Domain Scan URL

URL: https://woovoree.net/4/5394184

Search URL Search Domain Scan URL

URL: https://intorterraon.com/4/3292443
Title: DOWNLOAD AD

Search URL Search Domain Scan URL

URL: https://www.highrevenuegate.com/dfd2htuqf?key=19d81f33740539fa2b60b45c5162abcd

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/tweet?source=fahrulysf&text=masha%20babko%20content%20telegram%20@jasontrader9%20%20%20%20masha%20babko%20%D0%BC%D0%B0%D1%88%D0%B0%20%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE%20ma%C5%9Fa%20babko%20#MashaBabko&url=http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml

Search URL Search Domain Scan URL

URL: http://betzapdoson.com/4/5394184
Title: [ Server 1]

Search URL Search Domain Scan URL

URL: https://scratchy-trick.com/b/3.Vm0gPe3/puvXblmJVXJyZdDs0R0/NDz/AxyTNWTnYKxlLVTOQ-3/M/DCIR1wN/jUIq
Title: Download MP3

Search URL Search Domain Scan URL

URL: https://whulsaux.com/4/3292443
Title: Download Now Full HD 2

Search URL Search Domain Scan URL

URL: http://on.metrolagu.ru/convertmp3.php?v=57QGeiwMP_g
Title: Download MP3

Search URL Search Domain Scan URL

URL: https://mordoops.com/4/3292443
Title: View

Search URL Search Domain Scan URL

URL: http://www.histats.com/
Title: try {Histats.startgif(1,4425006,4,10049,""); Histats.track_hits();} catch(err){};

Search URL Search Domain Scan URL

URL: https://www.histats.com/viewstats/?SID=4425006&f=2

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

http://img.youtube.com/vi/57QGeiwMP_g/1.jpg HTTP 307
https://img.youtube.com/vi/57QGeiwMP_g/1.jpg

Request Chain 10

http://img.youtube.com/vi/57QGeiwMP_g/2.jpg HTTP 307
https://img.youtube.com/vi/57QGeiwMP_g/2.jpg

Request Chain 11

http://img.youtube.com/vi/57QGeiwMP_g/3.jpg HTTP 307
https://img.youtube.com/vi/57QGeiwMP_g/3.jpg

Request Chain 18

http://img.youtube.com/vi/57QGeiwMP_g/default.jpg HTTP 307
https://img.youtube.com/vi/57QGeiwMP_g/default.jpg

Request Chain 19

http://img.youtube.com/vi/WENfG-FvhxM/default.jpg HTTP 307
https://img.youtube.com/vi/WENfG-FvhxM/default.jpg

Request Chain 21

http://scentedindication.com/bSX.VLs/drGrlG0UYxWlcC/Zeimy9Pu/Z/U_lUkkPpTFQO2_M/jEU/yVMDzxQYtINKDbYVyFNATXIMzpNyQT HTTP 301
https://scentedindication.com/bSX.VLs/drGrlG0UYxWlcC/Zeimy9Pu/Z/U_lUkkPpTFQO2_M/jEU/yVMDzxQYtINKDbYVyFNATXIMzpNyQT

Request Chain 23

http://www.youtube.com/embed/57QGeiwMP_g?modestbranding=1 HTTP 307
https://www.youtube.com/embed/57QGeiwMP_g?modestbranding=1

Request Chain 46

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

85 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml Show response
ww.metrolagu.ru/video/57QGeiwMP_g/ 20 KB
7 KB 758ms
496ms Document
text/html 51.15.23.79
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
Protocol: HTTP/1.1
Server: 51.15.23.79 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 51-15-23-79.rev.poneytelecom.eu
Software: nginx /
Resource Hash: 248956408add670ec8728148c7b28a85565ea7b6c4afb252635e0ed41ed252dd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 6687
Content-Type: text/html; charset=UTF-8
Date: Tue, 22 Aug 2023 20:42:38 GMT
Server: nginx
Vary: Accept-Encoding

GET
H/1.1 200
OK style.css
ww.metrolagu.ru/ 10 KB
3 KB 21ms
21ms Stylesheet
text/css 51.15.23.79
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww.metrolagu.ru/style.css
Requested by: Host: ww.metrolagu.ru
URL: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
Protocol: HTTP/1.1
Server: 51.15.23.79 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 51-15-23-79.rev.poneytelecom.eu
Software: nginx /
Resource Hash: 4727a219fbf801136a0be838059b42088ea5223283cd881fc20396e59e7dddcf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 20:42:38 GMT
Content-Encoding: gzip
Last-Modified: Sun, 18 Sep 2022 00:40:16 GMT
Server: nginx
ETag: W/"632668f0-2724"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
65 KB 100ms
39ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-123365797-1

Requested by

Host: ww.metrolagu.ru
URL: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5ecf15774de82180d83c5b46a920dece3ac98976c0f333778c357b083d7ecc06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:42:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66538
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 22 Aug 2023 20:42:38 GMT

GET
H/1.1 200
OK logo_small.png
ww.metrolagu.ru/ 1 KB
1 KB 21ms
21ms Image
image/png 51.15.23.79
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww.metrolagu.ru/logo_small.png
Requested by: Host: ww.metrolagu.ru
URL: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
Protocol: HTTP/1.1
Server: 51.15.23.79 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 51-15-23-79.rev.poneytelecom.eu
Software: nginx /
Resource Hash: c860b591de8205341eb4c4ab65b938b1841932532756ad83f3f6b1f824ca752e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 20:42:38 GMT
Last-Modified: Tue, 10 May 2022 07:40:06 GMT
Server: nginx
ETag: "627a16d6-425"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1061
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK home.png
ww.metrolagu.ru/ 2 KB
2 KB 23ms
21ms Image
image/png 51.15.23.79
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww.metrolagu.ru/home.png
Requested by: Host: ww.metrolagu.ru
URL: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
Protocol: HTTP/1.1
Server: 51.15.23.79 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 51-15-23-79.rev.poneytelecom.eu
Software: nginx /
Resource Hash: 58b4d0c710b37c68f3af0579a9ad4ba30c0557ee85c55f47df9641963441097c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 20:42:38 GMT
Last-Modified: Tue, 10 May 2022 07:39:40 GMT
Server: nginx
ETag: "627a16bc-6ca"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1738
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK music-2-48.png
ww.metrolagu.ru/fd-content/ 1 KB
1 KB 25ms
21ms Image
image/png 51.15.23.79
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww.metrolagu.ru/fd-content/music-2-48.png
Requested by: Host: ww.metrolagu.ru
URL: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
Protocol: HTTP/1.1
Server: 51.15.23.79 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 51-15-23-79.rev.poneytelecom.eu
Software: nginx /
Resource Hash: 8915ac224e07f09201f559da6f7e2b52b9c12cd33cfe84dbeee6c11438737272

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 20:42:38 GMT
Last-Modified: Tue, 10 May 2022 07:34:08 GMT
Server: nginx
ETag: "627a1570-427"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1063
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK videoico.png
ww.metrolagu.ru/img/ 288 B
593 B 42ms
21ms Image
image/png 51.15.23.79
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww.metrolagu.ru/img/videoico.png
Requested by: Host: ww.metrolagu.ru
URL: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
Protocol: HTTP/1.1
Server: 51.15.23.79 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 51-15-23-79.rev.poneytelecom.eu
Software: nginx /
Resource Hash: 31ccab4b11916fc768fe4dc99684c011e6b74282b16330b58c2738c5c9b516b0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 20:42:38 GMT
Last-Modified: Tue, 10 May 2022 07:35:22 GMT
Server: nginx
ETag: "627a15ba-120"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 288
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK tv.png
ww.metrolagu.ru/img/ 2 KB
2 KB 43ms
21ms Image
image/png 51.15.23.79
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww.metrolagu.ru/img/tv.png
Requested by: Host: ww.metrolagu.ru
URL: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
Protocol: HTTP/1.1
Server: 51.15.23.79 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 51-15-23-79.rev.poneytelecom.eu
Software: nginx /
Resource Hash: d13ca313fe3f3567eda3376d45362ebae8e6ed205b2e7f760476828cd3e82be1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 20:42:38 GMT
Last-Modified: Tue, 10 May 2022 07:35:18 GMT
Server: nginx
ETag: "627a15b6-8a5"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2213
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK radio.png
ww.metrolagu.ru/img/ 567 B
872 B 44ms
21ms Image
image/png 51.15.23.79
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww.metrolagu.ru/img/radio.png
Requested by: Host: ww.metrolagu.ru
URL: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
Protocol: HTTP/1.1
Server: 51.15.23.79 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 51-15-23-79.rev.poneytelecom.eu
Software: nginx /
Resource Hash: 1fd1a24e5a43289b615899885ae10dde5dadd37dd15bcf232a9d4ad0409e62d1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 20:42:38 GMT
Last-Modified: Tue, 10 May 2022 07:35:12 GMT
Server: nginx
ETag: "627a15b0-237"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 567
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jadwal.png
ww.metrolagu.ru/img/ 347 B
652 B 41ms
21ms Image
image/png 51.15.23.79
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww.metrolagu.ru/img/jadwal.png
Requested by: Host: ww.metrolagu.ru
URL: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
Protocol: HTTP/1.1
Server: 51.15.23.79 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 51-15-23-79.rev.poneytelecom.eu
Software: nginx /
Resource Hash: 5efc4411ec40802cf7650ec6294f8b7d54f94acf17ccd0c768b47061f7057b12

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 20:42:38 GMT
Last-Modified: Tue, 10 May 2022 07:35:02 GMT
Server: nginx
ETag: "627a15a6-15b"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 347
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

1.jpg
img.youtube.com/vi/57QGeiwMP_g/
Redirect Chain

http://img.youtube.com/vi/57QGeiwMP_g/1.jpg
https://img.youtube.com/vi/57QGeiwMP_g/1.jpg

2 KB
3 KB

145ms
41ms

Image
image/jpeg

2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/57QGeiwMP_g/1.jpg

Requested by

Protocol

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21035f87fcbcc099c55791086fec7a5bb90592e0c2ffdcbf09f6b2779b2e0f7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:42:38 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2527
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 22 Aug 2023 22:42:38 GMT

Redirect headers

Location: https://img.youtube.com/vi/57QGeiwMP_g/1.jpg
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

2.jpg
img.youtube.com/vi/57QGeiwMP_g/
Redirect Chain

http://img.youtube.com/vi/57QGeiwMP_g/2.jpg
https://img.youtube.com/vi/57QGeiwMP_g/2.jpg

3 KB
3 KB

150ms
46ms

Image
image/jpeg

2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/57QGeiwMP_g/2.jpg

Requested by

Protocol

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b234b27281da0e026d42febdae0181938713d4fa5b7412de5a167af157356db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:42:38 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2707
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 22 Aug 2023 22:42:38 GMT

Redirect headers

Location: https://img.youtube.com/vi/57QGeiwMP_g/2.jpg
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

3.jpg
img.youtube.com/vi/57QGeiwMP_g/
Redirect Chain

http://img.youtube.com/vi/57QGeiwMP_g/3.jpg
https://img.youtube.com/vi/57QGeiwMP_g/3.jpg

3 KB
3 KB

148ms
44ms

Image
image/jpeg

2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/57QGeiwMP_g/3.jpg

Requested by

Protocol

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9025ccd21fb918e01419cfdfab6e9fa47fdb29484bab53c222662671c522b90e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:42:38 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3208
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 22 Aug 2023 22:42:38 GMT

Redirect headers

Location: https://img.youtube.com/vi/57QGeiwMP_g/3.jpg
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK video-play-16.png
ww.metrolagu.ru/ 290 B
595 B 22ms
21ms Image
image/png 51.15.23.79
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww.metrolagu.ru/video-play-16.png
Requested by: Host: ww.metrolagu.ru
URL: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
Protocol: HTTP/1.1
Server: 51.15.23.79 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 51-15-23-79.rev.poneytelecom.eu
Software: nginx /
Resource Hash: 4a9e22acbd3d2bb22b4f58909b7ca1dfce9bcc5a39a0044f5974d7b8be0c2999

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 20:42:38 GMT
Last-Modified: Tue, 10 May 2022 07:40:44 GMT
Server: nginx
ETag: "627a16fc-122"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 290
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK icon_facebook_share_01.png
ww.metrolagu.ru/fd-image/icon/ 2 KB
3 KB 21ms
21ms Image
image/png 51.15.23.79
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww.metrolagu.ru/fd-image/icon/icon_facebook_share_01.png
Requested by: Host: ww.metrolagu.ru
URL: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
Protocol: HTTP/1.1
Server: 51.15.23.79 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 51-15-23-79.rev.poneytelecom.eu
Software: nginx /
Resource Hash: 12f7a6712cf28de02e7ea58fe9bafeed67756a26aad8c9df4ba210e1deaee46c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 20:42:38 GMT
Last-Modified: Tue, 10 May 2022 07:34:18 GMT
Server: nginx
ETag: "627a157a-952"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2386
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK icon_twitter_tweet_01.png
ww.metrolagu.ru/fd-image/icon/ 2 KB
3 KB 21ms
21ms Image
image/png 51.15.23.79
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww.metrolagu.ru/fd-image/icon/icon_twitter_tweet_01.png
Requested by: Host: ww.metrolagu.ru
URL: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
Protocol: HTTP/1.1
Server: 51.15.23.79 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 51-15-23-79.rev.poneytelecom.eu
Software: nginx /
Resource Hash: b7a6988f98d2ab553fdfa89ee7b437eb994c37caa28ea7e1b4e54a7b3d0d8a6c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 20:42:38 GMT
Last-Modified: Tue, 10 May 2022 07:34:20 GMT
Server: nginx
ETag: "627a157c-90e"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2318
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK icon_gplus_share_01.png
ww.metrolagu.ru/fd-image/icon/ 3 KB
3 KB 21ms
21ms Image
image/png 51.15.23.79
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww.metrolagu.ru/fd-image/icon/icon_gplus_share_01.png
Requested by: Host: ww.metrolagu.ru
URL: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
Protocol: HTTP/1.1
Server: 51.15.23.79 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 51-15-23-79.rev.poneytelecom.eu
Software: nginx /
Resource Hash: cee8e9443d711cd3a6019b10ed544e452836e20daf6d66d07ab75776aa07583b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 20:42:38 GMT
Last-Modified: Tue, 10 May 2022 07:34:20 GMT
Server: nginx
ETag: "627a157c-ba4"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2980
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK info-32.png
ww.metrolagu.ru/ 644 B
949 B 21ms
21ms Image
image/png 51.15.23.79
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww.metrolagu.ru/info-32.png
Requested by: Host: ww.metrolagu.ru
URL: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
Protocol: HTTP/1.1
Server: 51.15.23.79 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 51-15-23-79.rev.poneytelecom.eu
Software: nginx /
Resource Hash: 3864c0cb84e26bceb906be1bb09d90a789eefc080ee9ba8c57d6bbd69bbb7ccd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 20:42:38 GMT
Last-Modified: Tue, 10 May 2022 07:39:46 GMT
Server: nginx
ETag: "627a16c2-284"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 644
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 403
Forbidden invoke.js
pl19247398.highrevenuegate.com/7285bde723ee3d3841ff23bfd549efab/ 0
0 484ms
109ms Script
application/javascript 173.233.137.52
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: http://pl19247398.highrevenuegate.com/7285bde723ee3d3841ff23bfd549efab/invoke.js
Requested by: Host: ww.metrolagu.ru
URL: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
Protocol: HTTP/1.1
Server: 173.233.137.52 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 20:42:38 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2

200

default.jpg
img.youtube.com/vi/57QGeiwMP_g/
Redirect Chain

http://img.youtube.com/vi/57QGeiwMP_g/default.jpg
https://img.youtube.com/vi/57QGeiwMP_g/default.jpg

2 KB
2 KB

172ms
68ms

Image
image/jpeg

2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/57QGeiwMP_g/default.jpg

Requested by

Protocol

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

938c3f6d4695646a014a3e2a19aaaf41efa782386e2d4647f73c3bde74dc2e21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:42:38 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1679
x-xss-protection: 0
server: sffe
etag: "1692403693"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 22 Aug 2023 22:42:38 GMT

Redirect headers

Location: https://img.youtube.com/vi/57QGeiwMP_g/default.jpg
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

default.jpg
img.youtube.com/vi/WENfG-FvhxM/
Redirect Chain

http://img.youtube.com/vi/WENfG-FvhxM/default.jpg
https://img.youtube.com/vi/WENfG-FvhxM/default.jpg

4 KB
4 KB

146ms
43ms

Image
image/jpeg

2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/WENfG-FvhxM/default.jpg

Requested by

Protocol

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61f0eeb16e1d0ce9d920bca2f7b0f37cb77d1d437375958e88c0bb21957fcbe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:42:38 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3677
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 22 Aug 2023 20:47:38 GMT

Redirect headers

Location: https://img.youtube.com/vi/WENfG-FvhxM/default.jpg
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET atrk.js
certify-js.alexametrics.com/ 0
0

GET
H2

200

yVMDzxQYtINKDbYVyFNATXIMzpNyQT Show response
scentedindication.com/bSX.VLs/drGrlG0UYxWlcC/Zeimy9Pu/Z/U_lUkkPpTFQO2_M/jEU/
Redirect Chain

http://scentedindication.com/bSX.VLs/drGrlG0UYxWlcC/Zeimy9Pu/Z/U_lUkkPpTFQO2_M/jEU/yVMDzxQYtINKDbYVyFNATXIMzpNyQT
https://scentedindication.com/bSX.VLs/drGrlG0UYxWlcC/Zeimy9Pu/Z/U_lUkkPpTFQO2_M/jEU/yVMDzxQYtINKDbYVyFNATXIMzpNyQT

39 KB
13 KB

123ms
78ms

Script
application/javascript

2a00:1178:1:4b::19
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://scentedindication.com/bSX.VLs/drGrlG0UYxWlcC/Zeimy9Pu/Z/U_lUkkPpTFQO2_M/jEU/yVMDzxQYtINKDbYVyFNATXIMzpNyQT

Requested by

Protocol

Server

2a00:1178:1:4b::19 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

b6e5266b3c52b59b3cdfbc08d2a9da9931279b0f8eb028f6406db397b68f63ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 20:42:38 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 22 Aug 2023 20:42:38 GMT
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: http://ww.metrolagu.ru
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
expires: Mon, 26 Jul 2011 05:00:00 GMT

Redirect headers

Date: Tue, 22 Aug 2023 20:42:38 GMT
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: text/html
Location: https://scentedindication.com/bSX.VLs/drGrlG0UYxWlcC/Zeimy9Pu/Z/U_lUkkPpTFQO2_M/jEU/yVMDzxQYtINKDbYVyFNATXIMzpNyQT
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 162
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tag.min.js Show response
inklinkor.com/ 77 KB
27 KB 97ms
29ms Script
text/javascript 2606:4700:3037::6815:5b3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://inklinkor.com/tag.min.js
Requested by: Host: ww.metrolagu.ru
URL: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5b3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b074cc47b43da43b16d514a5597600d9efb37b0c2dff7ba2abbb54a972bc725

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:42:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7124
alt-svc: h3=":443"; ma=86400
x-trace-id: e8de87f43018e0415a2ba35cc854e67f
pragma: no-cache
last-modified: Tue, 22 Aug 2023 10:21:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c1fJFVpBw875OU3dy%2FMDYM2qRwx6Mog3OkTQ0aDLNQtJEHrk176vW%2Fq%2B%2BShnlxLDwkJ9HecAHGLbGbh34FLRRVdWSI8l5TGbuwIJR%2BoYWgZEcu8BUYMVpeu11yrtCWO9S%2FvaGfFPk08IKUuF"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 7fadf184bec6f8c9-CDG
expires: Wed, 23 Aug 2023 18:43:54 GMT

GET
H2

200

57QGeiwMP_g Show response
www.youtube.com/embed/ Frame 4655
Redirect Chain

http://www.youtube.com/embed/57QGeiwMP_g?modestbranding=1
https://www.youtube.com/embed/57QGeiwMP_g?modestbranding=1

78 KB
33 KB

150ms
89ms

Document
text/html

2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/57QGeiwMP_g?modestbranding=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

184b3f2e0d6b73a05ea288836135ecc33e714064fba79e0421200c8cc3703513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ww.metrolagu.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 20:42:38 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=fr for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://www.youtube.com/embed/57QGeiwMP_g?modestbranding=1
Non-Authoritative-Reason: HSTS

GET
H/1.1 403
Forbidden invoke.js
www.profitabledisplaynetwork.com/960e0e86dee16f1c7f3e1067e074611b/ 0
0 356ms
98ms Script
application/javascript 173.233.137.60
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: http://www.profitabledisplaynetwork.com/960e0e86dee16f1c7f3e1067e074611b/invoke.js
Requested by: Host: ww.metrolagu.ru
URL: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
Protocol: HTTP/1.1
Server: 173.233.137.60 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer: http://ww.metrolagu.ru/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 22 Aug 2023 20:42:38 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK pattern.png
1.bp.blogspot.com/-vRO3Ys-KSHg/VcOhIASrnlI/AAAAAAAACh8/tI1ilmDJUmY/s1600/ 5 KB
5 KB 66ms
26ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-vRO3Ys-KSHg/VcOhIASrnlI/AAAAAAAACh8/tI1ilmDJUmY/s1600/pattern.png

Requested by

Host: ww.metrolagu.ru
URL: http://ww.metrolagu.ru/style.css

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0f2a2544bfb1bcb837b9514a5d73e23e7ac1f0c8e9004914d7d34c884dbbbb0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 18:40:47 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 7311
ETag: "va20"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="pattern.png"
Timing-Allow-Origin: *
Content-Length: 5125
X-XSS-Protection: 0
Expires: Wed, 23 Aug 2023 18:40:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
78 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D163B3Y1DN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-123365797-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

30a0c077c02ccecf123518c06c2fc31fc51ea9dbc25025f77231daf9f87dc05d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:42:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79482
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 22 Aug 2023 20:42:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 88ms
27ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-123365797-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 22 Aug 2023 19:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3175
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 22 Aug 2023 21:49:43 GMT

GET
H2 200 / Show response
vasteeds.net/5/5398850/ 3 KB
2 KB 78ms
23ms XHR
application/json 139.45.197.245
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vasteeds.net/5/5398850/?oo=1&js_build=iclick-v1.591.0
Requested by: Host: inklinkor.com
URL: https://inklinkor.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 719004d28ad75b5d917b8552731f207e20ee8b98ef85ad2df1ff1d18d6080e05

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:42:38 GMT
content-encoding: gzip
x-trace-id: fd0bbbaf90f2f1d2ba23bcaa1cb59688
pragma: no-cache, no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: http://ww.metrolagu.ru
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://me9qgidaa.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/21812a9c/ Frame 4655 382 KB
48 KB 26ms
26ms Stylesheet
text/css 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/21812a9c/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/57QGeiwMP_g?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f48e45dd89a5138727a572b7efb9fbb7b5df9a4b6ea391195bcfefdd4590683

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/57QGeiwMP_g?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 01:51:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67851
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49229
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 01:51:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 21 Aug 2024 01:51:47 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4655 15 KB
16 KB 95ms
27ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/57QGeiwMP_g?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 08:35:58 GMT
x-content-type-options: nosniff
age: 302800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 08:35:58 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4655 15 KB
15 KB 103ms
35ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/57QGeiwMP_g?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 17:41:40 GMT
x-content-type-options: nosniff
age: 10858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Aug 2024 17:41:40 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/21812a9c/www-embed-player.vflset/ Frame 4655 318 KB
95 KB 31ms
28ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/21812a9c/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/57QGeiwMP_g?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6233a8b35f606d90bf854ea80a17edeecc49e5a9c1cb7a5d0cb0172fd5c73c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/57QGeiwMP_g?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:50:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6751
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97237
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 01:51:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 21 Aug 2024 18:50:07 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/21812a9c/player_ias.vflset/fr_FR/ Frame 4655 2 MB
750 KB 59ms
57ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/21812a9c/player_ias.vflset/fr_FR/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/57QGeiwMP_g?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

034ebc7c4dc0496d1b48a08a8122a9d28ed0ea123c94962b69bf2692d6b38932

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/57QGeiwMP_g?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 07:22:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134434
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 766985
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 01:51:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 20 Aug 2024 07:22:04 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 69ms
24ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-D163B3Y1DN&gtm=45je38l0&_p=286592280&_gaz=1&cid=544004297.1692736958&ul=en-us&sr=1600x1200&_eu=AAAI&_s=1&sid=1692736958&sct=1&seg=0&dl=http%3A%2F%2Fww.metrolagu.ru%2Fvideo%2F57QGeiwMP_g%2Fmasha-babko-content-telegram-%40jasontrader9-masha-babko-%25D0%25BC%25D0%25B0%25D1%2588%25D0%25B0-%25D0%25B1%25D0%25B0%25D0%25B1%25D0%25BA%25D0%25BE-ma%25C5%259Fa-babko-mashababko.shtml&dt=masha%20babko%20content%20telegram%20%40jasontrader9%20masha%20babko%20%D0%BC%D0%B0%D1%88%D0%B0%20%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE%20ma%C5%9Fa%20babko%20%23MashaBabko%20Download%20Video%203gp%20Mp4%20dan%20mp3%20convert%20-%20Music%20Video%20Tv%20Radio%20Zone&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D163B3Y1DN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 20:42:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://ww.metrolagu.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 76ms
24ms Ping
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-D163B3Y1DN&cid=544004297.1692736958&gtm=45je38l0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D163B3Y1DN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 20:42:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://ww.metrolagu.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fr/ads/ 42 B
408 B 127ms
63ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-D163B3Y1DN&cid=544004297.1692736958&gtm=45je38l0&aip=1&z=689452592

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 20:42:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 7c69b7fd5fe8.js Show response
www.absolute-honey.pro/dea777/ 69 KB
26 KB 145ms
40ms XHR
application/javascript 67.216.91.5
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.absolute-honey.pro/dea777/7c69b7fd5fe8.js
Requested by: Host: scentedindication.com
URL: http://scentedindication.com/bSX.VLs/drGrlG0UYxWlcC/Zeimy9Pu/Z/U_lUkkPpTFQO2_M/jEU/yVMDzxQYtINKDbYVyFNATXIMzpNyQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.216.91.5 , United States, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: ucdn/1.24.0 /
Resource Hash: 6796bebbc427c5a913e976a97f4dadd2d941abbef7c907f67ef2d3ceb1c4c8d0

Request headers

Referer: http://ww.metrolagu.ru/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type: text/plain

Response headers

date: Tue, 22 Aug 2023 20:42:38 GMT
content-encoding: br
server: ucdn/1.24.0
x-ureq-id: RfqXW6R1yFN2XhNuvdXgAtP/ULvYjCEeFe/CmfT77oXS76PXHVPjYArwjZATc0Lbl2gt7OBpn6Egk6/67wqfsNkvHsYVOdjknf22rnC5R8s=
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-vhostid: 104, 21711
cache-control: max-age=315231389, public
access-control-allow-credentials: true
x-served-from: l1
access-control-allow-headers: Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7c69b7fd5fe8.js Show response
www.absolute-honey.pro/dea777/ 69 KB
26 KB 128ms
35ms Script
application/javascript 67.216.91.5
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.absolute-honey.pro/dea777/7c69b7fd5fe8.js
Requested by: Host: scentedindication.com
URL: http://scentedindication.com/bSX.VLs/drGrlG0UYxWlcC/Zeimy9Pu/Z/U_lUkkPpTFQO2_M/jEU/yVMDzxQYtINKDbYVyFNATXIMzpNyQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.216.91.5 , United States, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: ucdn/1.24.0 /
Resource Hash: 6796bebbc427c5a913e976a97f4dadd2d941abbef7c907f67ef2d3ceb1c4c8d0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:42:38 GMT
content-encoding: br
server: ucdn/1.24.0
x-ureq-id: RfqXW6R1yFN2XhNuvdXgAtP/ULvYjCEeFe/CmfT77oXS76PXHVPjYArwjZATc0Lbl2gt7OBpn6Egk6/67wqfsNkvHsYVOdjknf22rnC5R8s=
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-vhostid: 104, 21721
cache-control: max-age=315231389, public
access-control-allow-credentials: true
x-served-from: l1
access-control-allow-headers: Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
544 B 73ms
20ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=d06ac338d8544d98899f031a3bca2517

Requested by

Host: inklinkor.com
URL: https://inklinkor.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

f5ef88fe5e7796476ab3f9efdafcc6f6fd1dd62a6f6eff7260a35abcfaee5084

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:42:38 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: http://ww.metrolagu.ru
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 33ms
32ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=286592280&t=pageview&_s=1&dl=http%3A%2F%2Fww.metrolagu.ru%2Fvideo%2F57QGeiwMP_g%2Fmasha-babko-content-telegram-%40jasontrader9-masha-babko-%25D0%25BC%25D0%25B0%25D1%2588%25D0%25B0-%25D0%25B1%25D0%25B0%25D0%25B1%25D0%25BA%25D0%25BE-ma%25C5%259Fa-babko-mashababko.shtml&ul=en-us&de=UTF-8&dt=masha%20babko%20content%20telegram%20%40jasontrader9%20masha%20babko%20%D0%BC%D0%B0%D1%88%D0%B0%20%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE%20ma%C5%9Fa%20babko%20%23MashaBabko%20Download%20Video%203gp%20Mp4%20dan%20mp3%20convert%20-%20Music%20Video%20Tv%20Radio%20Zone&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1353320548&gjid=1917794344&cid=544004297.1692736958&tid=UA-123365797-1&_gid=1056515793.1692736958&_r=1&gtm=457e38l0&jsscut=1&z=1736435301

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://ww.metrolagu.ru/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 20:42:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://ww.metrolagu.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content /
vasteeds.net/ 0
0 43ms
22ms Fetch
text/plain 139.45.197.245
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://vasteeds.net/?rb=gK-4jNoWb5biF5lPDhUAV7SV0AYKqtyK5bySFZnTu6jB6J3PzdQ9ukMHIMEMtrewatCD9BxEHvN9vxZDe1dv9SNtxhnzQEdKzlPit7lEFTAWrSGKKMzcOlIkY5UsUpdsCSFEGmymXqM0jtlaIk4JvtuvwjUQmGssvHYFoXwGsfJVyju3p_HiYOmnk4sRauGcuV2Lo_TyAT1iKEbXq9GDOGFDt_e-v6cFv1XKoXXTkJdWooZUexiEri2wZ_bwFuQD2BZwYjBS1zyGKjJQx-xtSY1eeH0%3D&request_ab2=0&zoneid=5398850&js_build=iclick-v1.591.0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=1&pl=http%3A%2F%2Fww.metrolagu.ru%2Fvideo%2F57QGeiwMP_g%2Fmasha-babko-content-telegram-%40jasontrader9-masha-babko-%25D0%25BC%25D0%25B0%25D1%2588%25D0%25B0-%25D0%25B1%25D0%25B0%25D0%25B1%25D0%25BA%25D0%25BE-ma%25C5%259Fa-babko-mashababko.shtml&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.591.0&bs=b3470d75-c89f-4b9c-a6dc-5cec95c492e0&userId=d06ac338d8544d98899f031a3bca2517&m=link

Requested by

Host: inklinkor.com
URL: https://inklinkor.com/tag.min.js

Protocol

HTTP/1.1

Server

139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 20:42:38 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Connection: keep-alive
Pragma: no-cache
Server: nginx
Accept-Ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: http://ww.metrolagu.ru
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
Expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 24ms
24ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-123365797-1&cid=544004297.1692736958&jid=1353320548&gjid=1917794344&_gid=1056515793.1692736958&_u=YADAAUAAAAAAACAAI~&z=837554382

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://ww.metrolagu.ru/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 22 Aug 2023 20:42:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://ww.metrolagu.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 403
Forbidden invoke.js
www.profitabledisplaynetwork.com/960e0e86dee16f1c7f3e1067e074611b/ 0
0 106ms
105ms Script
application/javascript 173.233.137.60
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: http://www.profitabledisplaynetwork.com/960e0e86dee16f1c7f3e1067e074611b/invoke.js
Requested by: Host: ww.metrolagu.ru
URL: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
Protocol: HTTP/1.1
Server: 173.233.137.60 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer: http://ww.metrolagu.ru/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 22 Aug 2023 20:42:38 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 126ms
65ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-123365797-1&cid=544004297.1692736958&jid=1353320548&_u=YADAAUAAAAAAACAAI~&z=1885752935

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 20:42:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fr/ads/ 42 B
107 B 66ms
65ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-123365797-1&cid=544004297.1692736958&jid=1353320548&_u=YADAAUAAAAAAACAAI~&z=1885752935

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 20:42:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 4655
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

38ms
35ms

XHR
application/json

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/57QGeiwMP_g?modestbranding=1

Protocol

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f0da9142ae463df6d6360afd06b6225575b993b513bfc34cc124524d08ffd8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:42:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 22 Aug 2023 20:42:38 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 4655 29 B
495 B 107ms
28ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/21812a9c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:29:24 GMT
x-content-type-options: nosniff
age: 794
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 20:44:24 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 116ms
33ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 22 Aug 2023 20:42:38 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4655 68 KB
31 KB 54ms
51ms XHR
application/json+protobuf 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/21812a9c/player_ias.vflset/fr_FR/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

08bbfb5fa39cbaad962e4b901b082c7ccab8aaea4b1b782052c5d2971ac2ee75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 22 Aug 2023 20:42:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31862
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/21812a9c/player_ias.vflset/fr_FR/ Frame 4655 116 KB
33 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/21812a9c/player_ias.vflset/fr_FR/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/21812a9c/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b52b0acbfeaab0ee30297495babaf3e60977e718796a42d3df43e5cb1dcd4e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/57QGeiwMP_g?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 07:46:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33702
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 01:51:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 20 Aug 2024 07:46:11 GMT

GET
H2 200 iesEQ4xzziy5Hu9xj5MD97OdpJqf23Z9Gv4ZCReYTnU.js Show response
www.google.com/js/th/ Frame 4655 37 KB
15 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/iesEQ4xzziy5Hu9xj5MD97OdpJqf23Z9Gv4ZCReYTnU.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/21812a9c/player_ias.vflset/fr_FR/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89eb04438c73ce2cb91eef718f9303f7b39da49a9fdb767d1afe190917984e75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 05:08:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 574438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14690
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Aug 2024 05:08:40 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/57QGeiwMP_g/ Frame 4655 7 KB
7 KB 100ms
38ms Image
image/webp 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/57QGeiwMP_g/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/57QGeiwMP_g?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf60f280787f7774adb4917952d1cb849d1b99eba548938a92d92098f887980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:42:38 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6896
x-xss-protection: 0
server: sffe
etag: "1692403693"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 22 Aug 2023 22:42:38 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/21812a9c/player_ias.vflset/fr_FR/ Frame 4655 48 KB
15 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/21812a9c/player_ias.vflset/fr_FR/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/21812a9c/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f7f0a7f51c410e5f3842d3d49d04d652356a1ea78f367a7e8044915eeed52c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/57QGeiwMP_g?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 07:22:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134433
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15230
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 01:51:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 20 Aug 2024 07:22:05 GMT

GET
DATA 200
OK truncated
/ Frame 4655 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 S01mlgUrYrUXM308uQUptyaiJwKMw5ht34fVHiJrstkagm5Eu-LnoyBSOUVjBn_NZil17nXXzA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 4655 3 KB
4 KB 111ms
42ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/S01mlgUrYrUXM308uQUptyaiJwKMw5ht34fVHiJrstkagm5Eu-LnoyBSOUVjBn_NZil17nXXzA=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/57QGeiwMP_g?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9f5194a0304d928bc2a6073b5fa39ec87846788e751d41f6002ece2ede8dde5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:42:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="channels4_profile.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3384
x-xss-protection: 0
expires: Wed, 23 Aug 2023 20:42:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4655 10 KB
10 KB 33ms
29ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/57QGeiwMP_g?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 23:08:51 GMT
x-content-type-options: nosniff
age: 336827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9832
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 23:08:51 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4655 12 KB
12 KB 34ms
31ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/57QGeiwMP_g?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 22:13:13 GMT
x-content-type-options: nosniff
age: 599365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11936
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Aug 2024 22:13:13 GMT

GET
H2 200 mp4 Show response
lagu.ytconvert.me/api/single/ Frame 476F 3 KB
2 KB 186ms
101ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lagu.ytconvert.me/api/single/mp4?url=https://www.youtube.com/watch?v=57QGeiwMP_g
Requested by: Host: ww.metrolagu.ru
URL: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68f87f3faa16a00ff62c514b970b928c6f915bb6161c21028e04a2f5c54933dc

Request headers

Referer: http://ww.metrolagu.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fadf188886202bb-CDG
content-encoding: br
content-type: text/html
date: Tue, 22 Aug 2023 20:42:38 GMT
last-modified: Mon, 03 Jul 2023 17:43:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pTpbkAqvMjhMiN7STwSoMpeyn7WYNJkWwsx9xlUZtpNDDmVk63cmeF3%2FqSjRrV0iZXgS0uzYL6%2Fq5SRGCDzZNqdEDZF4kyOnrPakZknzH0GB783%2FqMA2OkqfduR7ml3qXWXtscTrQ9M8sBOEPudREA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 403
Forbidden /
mp4api.ytjar.info/ Frame 346E 0
0 82ms
30ms Document
text/html 2606:4700:3030::6815:46e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://mp4api.ytjar.info/?id=57QGeiwMP_g&c=FF0000&b=EEEEEE&t&h=40px&cb=FFFFFF&cc=FF0000&br=FF0000

Requested by

Protocol

HTTP/1.1

Server

2606:4700:3030::6815:46e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://ww.metrolagu.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

CF-RAY: 7fadf1885df92a2c-CDG
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Date: Tue, 22 Aug 2023 20:42:38 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwYNK8teYYiN2MM6Hgr8N3M%2FS9yvkJgho9K8hXkuF6gci%2F5%2BaTA8cpY8hjcIkt0ngTE8iteVDynwJ33mGb7CXZuuRb5J4Gu76chqTgbVoqWEUEUZDwr%2FpFhUTWV291X8FHYC4wb3YR5ot0TAMvZf5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
alt-svc: h3=":443"; ma=86400
cf-mitigated: challenge

GET
H/1.1 200
OK js15_gif.js Show response
s10.histats.com/ 11 KB
5 KB 97ms
43ms Script
text/javascript 2606:4700:10::6814:51d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://s10.histats.com/js15_gif.js
Requested by: Host: ww.metrolagu.ru
URL: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
Protocol: HTTP/1.1
Server: 2606:4700:10::6814:51d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a839b2f2ad6018fa651b97d44da7fa3f1b9f8b006965ae6fda6d38fe7d24778

Request headers

Referer: http://ww.metrolagu.ru/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 22 Aug 2023 20:42:38 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 16 Apr 2020 10:44:17 GMT
Server: cloudflare
Age: 40742
ETag: "1458891563"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=28800
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7fadf1885f523cec-CDG
Content-Length: 4422

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 34ms
33ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 22 Aug 2023 20:42:38 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4655 90 B
134 B 38ms
37ms XHR
application/json+protobuf 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/21812a9c/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

02191cb02ac8215aa7a2982c74c3267a864419fa62542c465ed3f27a85a89b3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 22 Aug 2023 20:42:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 4655 4 KB
2 KB 96ms
35ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/21812a9c/player_ias.vflset/fr_FR/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:42:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 22 Aug 2023 20:42:39 GMT

GET
H2 200 iframeResizer.contentWindow.js Show response
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.3.2/ Frame 476F 34 KB
8 KB 68ms
26ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.3.2/iframeResizer.contentWindow.js

Requested by

Host: lagu.ytconvert.me
URL: https://lagu.ytconvert.me/api/single/mp4?url=https://www.youtube.com/watch?v=57QGeiwMP_g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e46eaa80aa6e63f6fb38ba409fcd7b536195da87816a7b84e32302a892b618bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://lagu.ytconvert.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:42:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1310855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7519
last-modified: Thu, 22 Jun 2023 11:05:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942ae5-1d5f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFF%2FabtATqFqmZhJxgsWy67LHwKt%2Fis3whGaO8ulZaAvS7FObE67%2BxXUNjTp5iCc4fzSBsqG6swM%2Fg0tSPPPE3youAJ48%2BWVU3uoH8W5kQuu%2BJYVed0N%2FPwHsN%2Fu%2Bk0bh548fRtfqzKi5UXPY9wegOCp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fadf189ce09f0ab-CDG
expires: Sun, 11 Aug 2024 20:42:39 GMT

GET
H2 200 0d1e4ba.js Show response
lagu.ytconvert.me/_nuxt/ Frame 476F 3 KB
2 KB 29ms
27ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lagu.ytconvert.me/_nuxt/0d1e4ba.js
Requested by: Host: lagu.ytconvert.me
URL: https://lagu.ytconvert.me/api/single/mp4?url=https://www.youtube.com/watch?v=57QGeiwMP_g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63ae6e3b15f80471b6937b4b1bde3c2eaa223152abccfab808160f064d58b256

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://lagu.ytconvert.me/api/single/mp4?url=https://www.youtube.com/watch?v=57QGeiwMP_g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:42:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Jul 2023 17:36:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3846
etag: W/"a10-5ff989ca732a3-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VU9PMIxLmzUK3dBYbCesx5Jlq0tJxX4BVSwJfYtWzpZKX4r2eaXcQpq8hhFhgzbOUiv3G7ka8%2Fjc%2Boe%2B4lEI1Ob4407jzuZBTI5cjHRORfpTRdeRwgrh%2Fb%2FrUE7qO3IDBlZi7Ln1GFj5%2FxZ%2F5qQw2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7fadf189895902bb-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 c339941.js Show response
lagu.ytconvert.me/_nuxt/ Frame 476F 217 KB
76 KB 34ms
33ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lagu.ytconvert.me/_nuxt/c339941.js
Requested by: Host: lagu.ytconvert.me
URL: https://lagu.ytconvert.me/api/single/mp4?url=https://www.youtube.com/watch?v=57QGeiwMP_g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d0fe000e9b73e7ace1a05372077ed7d445fcbdb26467979ec4ea5d373a310e7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://lagu.ytconvert.me/api/single/mp4?url=https://www.youtube.com/watch?v=57QGeiwMP_g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:42:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Jul 2023 17:36:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3846
etag: W/"36434-5ff989ca72303-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZ41g7LHmzBWuNNZIkrmabo2Vvv6BZYQMzo3nnZKiahhZB7ez4pbWuepImwfsXgkd%2FTmjwwegKLkOWNJJUHRtuuqwkLALuYzpQXbHNEwZuX4nKwZIEUm%2F8o9%2FNykHnMP%2BakAADjDgE6DSmWxmXP5uA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7fadf189895b02bb-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 9384192.js Show response
lagu.ytconvert.me/_nuxt/ Frame 476F 60 KB
18 KB 33ms
32ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lagu.ytconvert.me/_nuxt/9384192.js
Requested by: Host: lagu.ytconvert.me
URL: https://lagu.ytconvert.me/api/single/mp4?url=https://www.youtube.com/watch?v=57QGeiwMP_g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f7aaaff2815f9679450bb06a81a8e0cfb922685b920698d5b5d75656794a1bf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://lagu.ytconvert.me/api/single/mp4?url=https://www.youtube.com/watch?v=57QGeiwMP_g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:42:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Jul 2023 17:36:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2404
etag: W/"ef60-5ff989ca72303-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQs0s8Js4Xya7YFZ4Te7GHQt92D0yBwfb8zXLOWINfhTESuSSq6Tnk33XGevvn4rEAM4gsLEQfuvGW3mcOvNzowC1ww4pauvTW7SP7iC0ggxK7e92k8OkZGaS012WVkHP3gPsDseAEjbRB40kGqVQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7fadf189895c02bb-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 6c7c682.js Show response
lagu.ytconvert.me/_nuxt/ Frame 476F 40 KB
9 KB 31ms
30ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lagu.ytconvert.me/_nuxt/6c7c682.js
Requested by: Host: lagu.ytconvert.me
URL: https://lagu.ytconvert.me/api/single/mp4?url=https://www.youtube.com/watch?v=57QGeiwMP_g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8e6e80cd80d1ebb1c5176017eb54b9d86e9cfa24fa8c984e5e56342bad7ec4a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://lagu.ytconvert.me/api/single/mp4?url=https://www.youtube.com/watch?v=57QGeiwMP_g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:42:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Jul 2023 17:36:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4560
etag: W/"9eee-5ff989ca732a3-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2B%2Bj6TUKN%2F2H6N7qkisSnSRdVGtxqjejUnqGl7%2BsHpINhwnl2Il5a5Vxitaeso0PAZ%2BsE91Av8%2BWa58vbY9pQ2jElI7GUjyPQvDAGuGBDq5UT2GhWNwnySvLCa0iEMSDYVnRCZVuV9VVrbscOosDuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7fadf189895d02bb-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 476F 179 KB
65 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-126821028-1

Requested by

Host: lagu.ytconvert.me
URL: https://lagu.ytconvert.me/api/single/mp4?url=https://www.youtube.com/watch?v=57QGeiwMP_g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5ada3970845b39762022cbfc3ca01c62d72c634aa9379fcd66dd4c6943fbde54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://lagu.ytconvert.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:42:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 66567
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 22 Aug 2023 20:42:39 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 4655 0
10 B 26ms
25ms Image
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?zLmzxA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/57QGeiwMP_g?modestbranding=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/57QGeiwMP_g?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:42:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK 4425006.gif
s4i.histats.com/stats/i/ 1 KB
2 KB 338ms
91ms Image
image/png 149.56.240.129
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4i.histats.com/stats/i/4425006.gif?4425006&@f16&@g1&@h1&@i1&@j1692736959041&@k0&@l1&@mmasha%20babko%20content%20telegram%20%40jasontrader9%20masha%20babko%20%D0%BC%D0%B0%D1%88%D0%B0%20%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE%20ma%C5%9Fa%20babko%20%23MashaBabko%20Download%20Video%203gp%20Mp4%20dan%20mp3%20convert%20-%20Music%20Video%20Tv%20Radio%20Zone&@n0&@o1000&@q0&@r0&@s10049&@ten-US&@u1600&@b1:-9859622&@b3:1692736959&@b4:js15_gif.js&@b5:120&@a-_0.2.1&@vhttp%3A%2F%2Fww.metrolagu.ru%2Fvideo%2F57QGeiwMP_g%2Fmasha-babko-content-telegram-%40jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml&@w
Requested by: Host: ww.metrolagu.ru
URL: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.129 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534297.ip-149-56-240.net
Software: /
Resource Hash: f62bc693c29d7e89dcec1e56f866ff435bc676e26a1a31c85605563fc495b4fd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 20:42:39 GMT
Connection: close
ETag: -426359030
Content-Length: 1533
Content-Type: image/png

GET
H2 200 5398930 Show response
gloaphoo.net/401/ 88 KB
34 KB 97ms
47ms Script
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gloaphoo.net/401/5398930

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

a3ee3bc485c874c95d3fe849cc1067ae35aebd4e8f6baade5be7dc905681b7f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:42:39 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: c70d44fe31679db15fb648d6568e8033
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 c1420cd.js Show response
lagu.ytconvert.me/_nuxt/ Frame 476F 4 KB
2 KB 33ms
33ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lagu.ytconvert.me/_nuxt/c1420cd.js
Requested by: Host: lagu.ytconvert.me
URL: https://lagu.ytconvert.me/_nuxt/0d1e4ba.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7c6d5822f52106a0bb00fb8bfd4b49e0a440323f7947b45c4b867fc052f7901

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://lagu.ytconvert.me/api/single/mp4?url=https://www.youtube.com/watch?v=57QGeiwMP_g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:42:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Jul 2023 17:36:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5443
etag: W/"e55-5ff989ca72303-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C3Yk3be3zLKfEW%2B3%2BUUEOQTuW4bH3Tdd7zo09L3domxgoQ2mU2WSlMVfSMZ9jMq0Tl3H%2Bd1MQam%2FbnQ2olKYUS0ExRZZmlkPNYFz07naWQi2lNBnRV58tDf3rvTBETAaWEI3H7d9c7BTSztgO0TPhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7fadf18a4c12d2f1-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 476F 260 KB
87 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JVRFN9EHKQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-126821028-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b68ee8a0d0e39d3c610d9d086c0a7cbbf6312dd6910569269742ef0a3f4c448f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://lagu.ytconvert.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:42:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89001
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 22 Aug 2023 20:42:39 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 476F 52 KB
21 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-126821028-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://lagu.ytconvert.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 22 Aug 2023 19:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3176
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 22 Aug 2023 21:49:43 GMT

POST
H2 200 json Show response
dl--master--cdn.ytapis.com/api/ Frame 476F 13 KB
10 KB 631ms
631ms XHR
application/json 2606:4700:20::681a:378
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dl--master--cdn.ytapis.com/api/json
Requested by: Host: lagu.ytconvert.me
URL: https://lagu.ytconvert.me/_nuxt/c339941.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:378 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6242dc2cd3ac081a34ab497c91c9904422658be633eb1ac28596a2b1afefa55

Request headers

Accept: application/json, text/plain, */*
Referer: https://lagu.ytconvert.me/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 22 Aug 2023 20:42:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c8ROz2LFf5tY8PUf0Zo%2BA96ei2ZcvdH4M%2FyoIQcWFYZTO0VOFzzZvGPlbvznrnLXeyDTDvl3yVAQworGMkUseE1wmlyzvtIJdDvpao5qrUSORDFqIWSTgge5HYYrzfDnuJWlGL784NUZP1rraFFBDb9y9GdooB9z"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
cf-ray: 7fadf18b8fb43c92-CDG

OPTIONS
H2 204 json
dl--master--cdn.ytapis.com/api/ Frame 0
0 156ms
96ms Preflight 2606:4700:20::681a:378
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dl--master--cdn.ytapis.com/api/json
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:378 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://lagu.ytconvert.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 0
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7fadf18aff3d3c92-CDG
date: Tue, 22 Aug 2023 20:42:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HGhua35ZWxlvO8Qskydbd7TnshsLUyEhAgVxy6peZDCrWPguwdYWCjysG56Akr7WDPUUc0ckSOEFfUkduaydh6mjzI5AR3qIcPMpCjmY8mgVCvLLjeUaMJ6PU4hVgHcn6HaEHQMUQvyxUy1ktFGmM%2BODB%2BqxhY3H"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Access-Control-Request-Method,Access-Control-Request-Headers

GET
H2 200 apu.php Show response
cdn.itskiddien.club/ 968 B
2 KB 81ms
26ms Script
application/javascript 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.itskiddien.club/apu.php?zoneid=6049442

Requested by

Host: gloaphoo.net
URL: https://gloaphoo.net/401/5398930

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

6c6ecc8f87d942499db542e2e575026fdbe32a134b6291effcf83a9f5ed0e50f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:42:39 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-length: 968
x-trace-id: be9e7cf454c1cb036a501a3ee75b9ab2
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 stattag.js Show response
tzegilo.com/ 17 KB
7 KB 91ms
36ms Script
application/javascript 2606:4700:e2::ac40:8402
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tzegilo.com/stattag.js
Requested by: Host: gloaphoo.net
URL: https://gloaphoo.net/401/5398930
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63f957dde1ae04a83eaff7e442e693725562c4aa1062bc072b7509640ec4f663

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://ww.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:42:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 May 2023 08:43:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 838
etag: W/"646736cf-4447"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDBLU%2BZMZzZUODdhLfPVXSJf03NNG719eqnVFjxU7xsHj1zFLPcynMGRxewFkUwzbywnIYq33e4w%2Bq5jQL1RILuErMGzBZldAq35fw19ctgcskAxhPSsAIUJDAGBzQXoc5LUAambwkHv%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7fadf18b59077753-LHR
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
alt-svc: h3=":443"; ma=86400

POST
H/1.1 200
OK add Show response
fleraprt.com/log/ 12 B
484 B 75ms
23ms XHR
application/json 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by: Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer: http://ww.metrolagu.ru/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 22 Aug 2023 20:43:38 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://ww.metrolagu.ru
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 12

GET
H2 204 5398930 Show response
gloaphoo.net/500/ 0
583 B 23ms
23ms XHR
text/plain 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gloaphoo.net/500/5398930?excludes=&oaid=d06ac338d8544d98899f031a3bca2517&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&pl=http%3A%2F%2Fww.metrolagu.ru%2Fvideo%2F57QGeiwMP_g%2Fmasha-babko-content-telegram-%40jasontrader9-masha-babko-%25D0%25BC%25D0%25B0%25D1%2588%25D0%25B0-%25D0%25B1%25D0%25B0%25D0%25B1%25D0%25BA%25D0%25BE-ma%25C5%259Fa-babko-mashababko.shtml&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=3

Requested by

Host: gloaphoo.net
URL: https://gloaphoo.net/401/5398930

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://ww.metrolagu.ru/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 7b099d384e87167a0ddd756e36b94071
pragma: no-cache
date: Tue, 22 Aug 2023 20:42:39 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary: Origin
access-control-allow-origin: http://ww.metrolagu.ru
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 5398930
gloaphoo.net/500/ Frame 0
0 63ms
21ms Preflight 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://ww.metrolagu.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://ww.metrolagu.ru
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Tue, 22 Aug 2023 20:42:39 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H3 200 pop.js Show response
lagu.ytconvert.me/ Frame 476F 368 B
677 B 28ms
28ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lagu.ytconvert.me/pop.js
Requested by: Host: lagu.ytconvert.me
URL: https://lagu.ytconvert.me/_nuxt/c339941.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd13d554388b4b5ed4aecb808ff15a552721bfcd6a5c24f3d716e978fd3ac60

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://lagu.ytconvert.me/api/single/mp4?url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3D57QGeiwMP_g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:42:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Jul 2023 17:37:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5441
etag: W/"170-5ff989dffe265-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MBFA3kpckmYgVviqxKV5GSK2GmTpvqPXk3FbLPVXMHbwBIZd3LrJ4XQGQ2LvcHwMMwCeRclihWpUJtBcIxYbnBP8RTfXQzN5%2BBDyXQECngANBgXZzQv9P0Xus%2BeYz9w%2FqU051oAaXgo8SbIBaSlfmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7fadf18f9ee4d2f1-CDG
alt-svc: h3=":443"; ma=86400

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 4655 28 B
54 B 42ms
41ms XHR
application/json 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/21812a9c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
X-Goog-Request-Time: 1692736961032
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/57QGeiwMP_g?modestbranding=1
X-YouTube-Client-Version: 1.20230820.00.00
X-YouTube-Time-Zone: Europe/Paris
X-Goog-Visitor-Id: CgtFMkVXTXVodzFHVSi-u5SnBjIGCgJGUhIA
X-YouTube-Ad-Signals: dt=1692736958382&flash=0&frm=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1507%2C150&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 22 Aug 2023 20:42:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Tue, 22 Aug 2023 20:42:41 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: certify-js.alexametrics.com
URL: https://certify-js.alexametrics.com/atrk.js

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: PMYDOQPpTFM
.youtube.com/	1970-01-20 18:31:28	Name: VISITOR_INFO1_LIVE Value: E2EWMuhw1GU
.metrolagu.ru/	1970-01-20 23:48:16	Name: _ga_D163B3Y1DN Value: GS1.1.1692736958.1.0.1692736958.60.0.0
vasteeds.net/	1970-01-20 22:57:52	Name: OAID Value: d06ac338d8544d98899f031a3bca2517
vasteeds.net/	1970-01-20 22:57:52	Name: oaidts Value: 1692736958
.metrolagu.ru/	1970-01-20 23:48:16	Name: _ga Value: GA1.2.544004297.1692736958
.metrolagu.ru/	1970-01-20 14:13:43	Name: _gid Value: GA1.2.1056515793.1692736958
.metrolagu.ru/	1970-01-20 14:12:17	Name: _gat_gtag_UA_123365797_1 Value: 1
my.rtmark.net/	1970-01-20 22:57:52	Name: ID Value: d06ac338d8544d98899f031a3bca2517
ww.metrolagu.ru/	1970-01-20 14:12:17	Name: prefetchAd_5398850 Value: true
ww.metrolagu.ru/	1970-01-20 22:57:52	Name: HstCfa4425006 Value: 1692736959041
ww.metrolagu.ru/	1970-01-20 22:57:52	Name: HstCla4425006 Value: 1692736959041
ww.metrolagu.ru/	1970-01-20 22:57:52	Name: HstCmu4425006 Value: 1692736959041
ww.metrolagu.ru/	1970-01-20 22:57:52	Name: HstPn4425006 Value: 1
ww.metrolagu.ru/	1970-01-20 22:57:52	Name: HstPt4425006 Value: 1
ww.metrolagu.ru/	1970-01-20 22:57:52	Name: HstCnv4425006 Value: 1
ww.metrolagu.ru/	1970-01-20 22:57:52	Name: HstCns4425006 Value: 1
cdn.itskiddien.club/	1970-01-20 22:57:52	Name: OAID Value: 6f992dbbc9724f6bb476c786d57c03be
cdn.itskiddien.club/	1970-01-20 22:57:52	Name: oaidts Value: 1692736959
gloaphoo.net/	1970-01-20 22:57:52	Name: OAID Value: d06ac338d8544d98899f031a3bca2517

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml(Line 692) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.profitabledisplaynetwork.com/960e0e86dee16f1c7f3e1067e074611b/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml(Line 692) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.profitabledisplaynetwork.com/960e0e86dee16f1c7f3e1067e074611b/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://certify-js.alexametrics.com/atrk.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
network	error	URL: http://www.profitabledisplaynetwork.com/960e0e86dee16f1c7f3e1067e074611b/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml(Line 711) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.profitabledisplaynetwork.com/960e0e86dee16f1c7f3e1067e074611b/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml(Line 711) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.profitabledisplaynetwork.com/960e0e86dee16f1c7f3e1067e074611b/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://www.profitabledisplaynetwork.com/960e0e86dee16f1c7f3e1067e074611b/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://pl19247398.highrevenuegate.com/7285bde723ee3d3841ff23bfd549efab/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml(Line 742) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://s10.histats.com/js15_gif.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://ww.metrolagu.ru/video/57QGeiwMP_g/masha-babko-content-telegram-@jasontrader9-masha-babko-%D0%BC%D0%B0%D1%88%D0%B0-%D0%B1%D0%B0%D0%B1%D0%BA%D0%BE-ma%C5%9Fa-babko-mashababko.shtml(Line 742) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://s10.histats.com/js15_gif.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: chrome-error://chromewebdata/ Message: Failed to load resource: the server responded with a status of 403 ()
other	error	URL: chrome-error://chromewebdata/ Message: The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'http://mp4api.ytjar.info/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
javascript	warning	URL: https://tzegilo.com/stattag.js Message: getGamepad will now require Secure Context. Please update your application accordingly. For more information see https://github.com/w3c/gamepad/pull/120

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
cdn.itskiddien.club
cdnjs.cloudflare.com
certify-js.alexametrics.com
dl--master--cdn.ytapis.com
fleraprt.com
fonts.gstatic.com
gloaphoo.net
googleads.g.doubleclick.net
i.ytimg.com
img.youtube.com
inklinkor.com
jnn-pa.googleapis.com
lagu.ytconvert.me
mp4api.ytjar.info
my.rtmark.net
pl19247398.highrevenuegate.com
region1.analytics.google.com
s10.histats.com
s4i.histats.com
scentedindication.com
static.doubleclick.net
stats.g.doubleclick.net
tzegilo.com
vasteeds.net
ww.metrolagu.ru
www.absolute-honey.pro
www.google-analytics.com
www.google.com
www.google.fr
www.googletagmanager.com
www.gstatic.com
www.profitabledisplaynetwork.com
www.youtube.com
yt3.ggpht.com
certify-js.alexametrics.com
139.45.195.254
139.45.195.8
139.45.197.236
139.45.197.239
139.45.197.245
149.56.240.129
173.233.137.52
173.233.137.60
2001:4860:4802:32::36
2606:4700:10::6814:51d
2606:4700:20::681a:378
2606:4700:3030::6815:46e8
2606:4700:3037::6815:5b3f
2606:4700::6811:190e
2606:4700:e2::ac40:8402
2a00:1178:1:4b::19
2a00:1450:4001:802::2003
2a00:1450:4001:803::2008
2a00:1450:4001:806::2004
2a00:1450:4001:809::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:811::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2006
2a00:1450:4001:829::2016
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:830::200e
2a00:1450:400c:c0c::9b
2a06:98c1:3120::3
51.15.23.79
67.216.91.5
02191cb02ac8215aa7a2982c74c3267a864419fa62542c465ed3f27a85a89b3a
034ebc7c4dc0496d1b48a08a8122a9d28ed0ea123c94962b69bf2692d6b38932
08bbfb5fa39cbaad962e4b901b082c7ccab8aaea4b1b782052c5d2971ac2ee75
0f2a2544bfb1bcb837b9514a5d73e23e7ac1f0c8e9004914d7d34c884dbbbb0b
0f7f0a7f51c410e5f3842d3d49d04d652356a1ea78f367a7e8044915eeed52c7
12f7a6712cf28de02e7ea58fe9bafeed67756a26aad8c9df4ba210e1deaee46c
184b3f2e0d6b73a05ea288836135ecc33e714064fba79e0421200c8cc3703513
1fd1a24e5a43289b615899885ae10dde5dadd37dd15bcf232a9d4ad0409e62d1
21035f87fcbcc099c55791086fec7a5bb90592e0c2ffdcbf09f6b2779b2e0f7f
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
248956408add670ec8728148c7b28a85565ea7b6c4afb252635e0ed41ed252dd
2b52b0acbfeaab0ee30297495babaf3e60977e718796a42d3df43e5cb1dcd4e2
2f48e45dd89a5138727a572b7efb9fbb7b5df9a4b6ea391195bcfefdd4590683
30a0c077c02ccecf123518c06c2fc31fc51ea9dbc25025f77231daf9f87dc05d
31ccab4b11916fc768fe4dc99684c011e6b74282b16330b58c2738c5c9b516b0
3864c0cb84e26bceb906be1bb09d90a789eefc080ee9ba8c57d6bbd69bbb7ccd
3d0fe000e9b73e7ace1a05372077ed7d445fcbdb26467979ec4ea5d373a310e7
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4727a219fbf801136a0be838059b42088ea5223283cd881fc20396e59e7dddcf
4a9e22acbd3d2bb22b4f58909b7ca1dfce9bcc5a39a0044f5974d7b8be0c2999
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
58b4d0c710b37c68f3af0579a9ad4ba30c0557ee85c55f47df9641963441097c
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ada3970845b39762022cbfc3ca01c62d72c634aa9379fcd66dd4c6943fbde54
5b074cc47b43da43b16d514a5597600d9efb37b0c2dff7ba2abbb54a972bc725
5ecf15774de82180d83c5b46a920dece3ac98976c0f333778c357b083d7ecc06
5efc4411ec40802cf7650ec6294f8b7d54f94acf17ccd0c768b47061f7057b12
5f7aaaff2815f9679450bb06a81a8e0cfb922685b920698d5b5d75656794a1bf
61f0eeb16e1d0ce9d920bca2f7b0f37cb77d1d437375958e88c0bb21957fcbe8
63ae6e3b15f80471b6937b4b1bde3c2eaa223152abccfab808160f064d58b256
63f957dde1ae04a83eaff7e442e693725562c4aa1062bc072b7509640ec4f663
6796bebbc427c5a913e976a97f4dadd2d941abbef7c907f67ef2d3ceb1c4c8d0
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68f87f3faa16a00ff62c514b970b928c6f915bb6161c21028e04a2f5c54933dc
6bf60f280787f7774adb4917952d1cb849d1b99eba548938a92d92098f887980
6c6ecc8f87d942499db542e2e575026fdbe32a134b6291effcf83a9f5ed0e50f
719004d28ad75b5d917b8552731f207e20ee8b98ef85ad2df1ff1d18d6080e05
7b234b27281da0e026d42febdae0181938713d4fa5b7412de5a167af157356db
8915ac224e07f09201f559da6f7e2b52b9c12cd33cfe84dbeee6c11438737272
89eb04438c73ce2cb91eef718f9303f7b39da49a9fdb767d1afe190917984e75
8f0da9142ae463df6d6360afd06b6225575b993b513bfc34cc124524d08ffd8c
9025ccd21fb918e01419cfdfab6e9fa47fdb29484bab53c222662671c522b90e
938c3f6d4695646a014a3e2a19aaaf41efa782386e2d4647f73c3bde74dc2e21
9a839b2f2ad6018fa651b97d44da7fa3f1b9f8b006965ae6fda6d38fe7d24778
9f5194a0304d928bc2a6073b5fa39ec87846788e751d41f6002ece2ede8dde5b
a3ee3bc485c874c95d3fe849cc1067ae35aebd4e8f6baade5be7dc905681b7f4
b6233a8b35f606d90bf854ea80a17edeecc49e5a9c1cb7a5d0cb0172fd5c73c2
b68ee8a0d0e39d3c610d9d086c0a7cbbf6312dd6910569269742ef0a3f4c448f
b6e5266b3c52b59b3cdfbc08d2a9da9931279b0f8eb028f6406db397b68f63ec
b7a6988f98d2ab553fdfa89ee7b437eb994c37caa28ea7e1b4e54a7b3d0d8a6c
b8e6e80cd80d1ebb1c5176017eb54b9d86e9cfa24fa8c984e5e56342bad7ec4a
c6242dc2cd3ac081a34ab497c91c9904422658be633eb1ac28596a2b1afefa55
c860b591de8205341eb4c4ab65b938b1841932532756ad83f3f6b1f824ca752e
cee8e9443d711cd3a6019b10ed544e452836e20daf6d66d07ab75776aa07583b
d13ca313fe3f3567eda3376d45362ebae8e6ed205b2e7f760476828cd3e82be1
d7c6d5822f52106a0bb00fb8bfd4b49e0a440323f7947b45c4b867fc052f7901
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
dcd13d554388b4b5ed4aecb808ff15a552721bfcd6a5c24f3d716e978fd3ac60
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eaa80aa6e63f6fb38ba409fcd7b536195da87816a7b84e32302a892b618bc
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ef88fe5e7796476ab3f9efdafcc6f6fd1dd62a6f6eff7260a35abcfaee5084
f62bc693c29d7e89dcec1e56f866ff435bc676e26a1a31c85605563fc495b4fd

ww.metrolagu.ru Open in urlscan Pro 51.15.23.79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

85 Requests

66 %HTTPS

70 %IPv6

29 Domains

35 Subdomains

34 IPs

7 Countries

1746 kBTransfer

5245 kBSize

20 Cookies

15 Outgoing links

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

ww.metrolagu.ru Open in urlscan Pro
51.15.23.79 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

66 %
HTTPS

70 %
IPv6

29
Domains

35
Subdomains

34
IPs

7
Countries

1746 kB
Transfer

5245 kB
Size

20
Cookies

85 HTTP transactions
1 data transactions