urlscan.io logo urlscan.io
SecurityTrails logo

harmoniaassurance.destinationvaldor.com Open in urlscan Pro
104.197.199.139  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.harmoniaassurance.destinationvaldor.com/
Effective URL: https://harmoniaassurance.destinationvaldor.com/
Submission: On February 07 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 11 domains to perform 46 HTTP transactions. The main IP is 104.197.199.139, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is harmoniaassurance.destinationvaldor.com.
TLS certificate: Issued by R3 on December 26th 2022. Valid for: 3 months.
This is the only time harmoniaassurance.destinationvaldor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

18    104.197.199.139 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 139.199.197.104.bc.googleusercontent.com
www.harmoniaassurance.destinationvaldor.com
harmoniaassurance.destinationvaldor.com
harmoniaassurance.destinationamos.com
gnak.ca
1    2a00:1450:400d:802::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:400d:803::200a (Ireland)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
8    2a00:1450:400d:802::200e (Ireland)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.gstatic.com
2    2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:400d:807::2006 (Ireland)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:400d:806::200a (Ireland)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:400d:807::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:400d:808::2001 (Ireland)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:400d:807::2016 (Ireland)

ASN15169 (GOOGLE, US)
i.ytimg.com
Apex Domain
Subdomains		 Transfer
10 destinationamos.com
harmoniaassurance.destinationamos.com
131 KB
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 76
832 KB
7 destinationvaldor.com
www.harmoniaassurance.destinationvaldor.com
harmoniaassurance.destinationvaldor.com
132 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
ajax.googleapis.com — Cisco Umbrella Rank: 295
jnn-pa.googleapis.com — Cisco Umbrella Rank: 189
65 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
65 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 29
static.doubleclick.net — Cisco Umbrella Rank: 214
1 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 87
18 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 229
2 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
14 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 21
20 KB
1 gnak.ca
gnak.ca
26 KB
46 11
Domain Requested by
10 harmoniaassurance.destinationamos.com harmoniaassurance.destinationvaldor.com
harmoniaassurance.destinationamos.com
ajax.googleapis.com
8 www.youtube.com harmoniaassurance.destinationvaldor.com
www.youtube.com
6 harmoniaassurance.destinationvaldor.com harmoniaassurance.destinationvaldor.com
4 jnn-pa.googleapis.com www.youtube.com
3 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 www.google-analytics.com harmoniaassurance.destinationvaldor.com
1 gnak.ca harmoniaassurance.destinationvaldor.com
1 ajax.googleapis.com harmoniaassurance.destinationvaldor.com
1 fonts.googleapis.com harmoniaassurance.destinationvaldor.com
1 www.harmoniaassurance.destinationvaldor.com 1 redirects
46 16

This site contains links to these domains. Also see Links.

Domain
zonevaldor.com
zoneamos.ca
zonerouynnorandacom
gnak.ca
harmoniaassurance.destinationamos.com
Subject Issuer Validity Valid
harmoniaassurance.destinationvaldor.com
R3		 2022-12-26 -
2023-03-26		 3 months crt.sh
harmoniaassurance.destinationamos.com
R3		 2023-02-02 -
2023-05-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
gnak.ca
R3		 2023-01-31 -
2023-05-01		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://harmoniaassurance.destinationvaldor.com/
Frame ID: C7A3BC29CF0C5F8DFA48E84544A641C8
Requests: 25 HTTP requests in this frame

Frame: https://www.youtube.com/embed/NSCkXWUMJ4I
Frame ID: 34D94611FEE2B8F8260A6A4B18C47CC0
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Harmonia Assurance • Harmonia Assurance

Page URL History Show full URLs

  1. https://www.harmoniaassurance.destinationvaldor.com/ HTTP 303
    https://harmoniaassurance.destinationvaldor.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • lodash.*\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

46
Requests

89 %
HTTPS

92 %
IPv6

11
Domains

16
Subdomains

13
IPs

2
Countries

1306 kB
Transfer

4535 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.harmoniaassurance.destinationvaldor.com/ HTTP 303
    https://harmoniaassurance.destinationvaldor.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
harmoniaassurance.destinationvaldor.com/
Redirect Chain
  • https://www.harmoniaassurance.destinationvaldor.com/
  • https://harmoniaassurance.destinationvaldor.com/
9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://harmoniaassurance.destinationvaldor.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.199.139 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.199.197.104.bc.googleusercontent.com
Software
/
Resource Hash
e3b4d7482bff94f0a8eea30640435d4101fc1a5804d3840b137c6e3e356d3ae7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-length
1812
content-type
text/html; charset=utf-8
date
Tue, 07 Feb 2023 18:55:44 GMT

Redirect headers

content-length
48
date
Tue, 07 Feb 2023 18:55:43 GMT
location
https://harmoniaassurance.destinationvaldor.com/
theme
harmoniaassurance.destinationamos.com/fr/ 		2 KB
529 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://harmoniaassurance.destinationamos.com/fr/theme?style=pace
Requested by
Host: harmoniaassurance.destinationvaldor.com
URL: https://harmoniaassurance.destinationvaldor.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.199.139 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.199.197.104.bc.googleusercontent.com
Software
/
Resource Hash
cc55037cc62c5e8192cf4b8a61c44f22e921cb203cd474834ba56f8519213917

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harmoniaassurance.destinationvaldor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 18:55:45 GMT
cache-control
private, max-age=864000
content-encoding
br
last-modified
Wed Nov 14 2018 21:44:20 GMT+0000 (Coordinated Universal Time)
content-length
418
content-type
text/css
pace.min.js
harmoniaassurance.destinationvaldor.com/static/scripts/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harmoniaassurance.destinationvaldor.com/static/scripts/pace.min.js
Requested by
Host: harmoniaassurance.destinationvaldor.com
URL: https://harmoniaassurance.destinationvaldor.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.199.139 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.199.197.104.bc.googleusercontent.com
Software
/
Resource Hash
579a10a2485055e988338be054f866cbe713c8510442130cbda0ce11ced6c49f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harmoniaassurance.destinationvaldor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 18:55:44 GMT
cache-control
no-cache
content-encoding
br
last-modified
Tue Aug 13 2019 09:26:24 GMT+0000 (Coordinated Universal Time)
content-length
3801
content-type
application/javascript
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: harmoniaassurance.destinationvaldor.com
URL: https://harmoniaassurance.destinationvaldor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harmoniaassurance.destinationvaldor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Feb 2023 18:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 18:48:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Feb 2023 18:55:45 GMT
1000539
harmoniaassurance.destinationamos.com/fr/theme/ 		184 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://harmoniaassurance.destinationamos.com/fr/theme/1000539?style=gnak&columns=12&hash=aa8a350a3b029d9f52a285ccd0d552ed523c72c9
Requested by
Host: harmoniaassurance.destinationvaldor.com
URL: https://harmoniaassurance.destinationvaldor.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.199.139 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.199.197.104.bc.googleusercontent.com
Software
/
Resource Hash
eb92964336d19a44553a7ffa6fe8b54f3f33b8c26fa08580ca36b31b80e9da01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harmoniaassurance.destinationvaldor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 18:55:45 GMT
cache-control
private, max-age=864000
content-encoding
br
last-modified
Wed Nov 14 2018 21:44:20 GMT+0000 (Coordinated Universal Time)
content-length
26361
content-type
text/css
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: harmoniaassurance.destinationvaldor.com
URL: https://harmoniaassurance.destinationvaldor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harmoniaassurance.destinationvaldor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 08:21:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124457
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Feb 2024 08:21:27 GMT
animate.min.css
harmoniaassurance.destinationamos.com/static/stylesheets/ 		52 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://harmoniaassurance.destinationamos.com/static/stylesheets/animate.min.css
Requested by
Host: harmoniaassurance.destinationvaldor.com
URL: https://harmoniaassurance.destinationvaldor.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.199.139 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.199.197.104.bc.googleusercontent.com
Software
/
Resource Hash
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harmoniaassurance.destinationvaldor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 18:55:45 GMT
cache-control
no-cache
content-encoding
br
last-modified
Tue Aug 13 2019 09:26:24 GMT+0000 (Coordinated Universal Time)
content-length
3279
content-type
text/css
swipebox.min.css
harmoniaassurance.destinationamos.com/static/stylesheets/ 		4 KB
1011 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://harmoniaassurance.destinationamos.com/static/stylesheets/swipebox.min.css
Requested by
Host: harmoniaassurance.destinationvaldor.com
URL: https://harmoniaassurance.destinationvaldor.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.199.139 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.199.197.104.bc.googleusercontent.com
Software
/
Resource Hash
d2d8b342a2d4bb6a97e6e2cdfaff59d08a0699e540583e28eab420b15bf70162

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harmoniaassurance.destinationvaldor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 18:55:45 GMT
cache-control
no-cache
content-encoding
br
last-modified
Tue Aug 13 2019 09:26:24 GMT+0000 (Coordinated Universal Time)
content-length
972
content-type
text/css
application.js
harmoniaassurance.destinationvaldor.com/static/scripts/ 		25 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harmoniaassurance.destinationvaldor.com/static/scripts/application.js
Requested by
Host: harmoniaassurance.destinationvaldor.com
URL: https://harmoniaassurance.destinationvaldor.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.199.139 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.199.197.104.bc.googleusercontent.com
Software
/
Resource Hash
05cadf52d3f7bed0d58db5921ccb97dd1ee302f5f239868164d6bac34f1a2249

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harmoniaassurance.destinationvaldor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 18:55:44 GMT
cache-control
no-cache
content-encoding
br
last-modified
Wed Aug 24 2022 13:57:31 GMT+0000 (Coordinated Universal Time)
content-length
4819
content-type
application/javascript
1160247
harmoniaassurance.destinationamos.com/fr/image/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harmoniaassurance.destinationamos.com/fr/image/1160247
Requested by
Host: harmoniaassurance.destinationvaldor.com
URL: https://harmoniaassurance.destinationvaldor.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.199.139 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.199.197.104.bc.googleusercontent.com
Software
/
Resource Hash
48ed8177f3190530ec24d4e86cbfb3e1662ac6282af32b3729a3bdc6c10de3f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harmoniaassurance.destinationvaldor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 18:55:46 GMT
cache-control
private, max-age=86400
last-modified
Wed Jan 22 2020 18:35:06 GMT+0000 (Coordinated Universal Time)
content-length
41382
content-type
image/jpeg
1160248
harmoniaassurance.destinationamos.com/fr/image/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harmoniaassurance.destinationamos.com/fr/image/1160248
Requested by
Host: harmoniaassurance.destinationvaldor.com
URL: https://harmoniaassurance.destinationvaldor.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.199.139 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.199.197.104.bc.googleusercontent.com
Software
/
Resource Hash
e87f2685f9cc22ee0bd4e4bbfd99f92e371a7e177a9825a04f0c09cbb8e98190

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harmoniaassurance.destinationvaldor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 18:55:46 GMT
cache-control
private, max-age=86400
last-modified
Wed Jan 22 2020 18:35:07 GMT+0000 (Coordinated Universal Time)
content-length
33304
content-type
image/jpeg
1163682
gnak.ca/image/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gnak.ca/image/1163682
Requested by
Host: harmoniaassurance.destinationvaldor.com
URL: https://harmoniaassurance.destinationvaldor.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.199.139 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.199.197.104.bc.googleusercontent.com
Software
/
Resource Hash
9d74381acede12fc8de7a4a4b1e0d1f250b46d8094299158f0f5756457cd5479

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harmoniaassurance.destinationvaldor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 18:55:46 GMT
cache-control
private, max-age=86400
last-modified
Thu Mar 12 2020 20:21:03 GMT+0000 (Coordinated Universal Time)
content-length
26219
content-type
image/png
bootstrap-3.3.7.min.js
harmoniaassurance.destinationvaldor.com/static/scripts/ 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harmoniaassurance.destinationvaldor.com/static/scripts/bootstrap-3.3.7.min.js
Requested by
Host: harmoniaassurance.destinationvaldor.com
URL: https://harmoniaassurance.destinationvaldor.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.199.139 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.199.197.104.bc.googleusercontent.com
Software
/
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harmoniaassurance.destinationvaldor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 18:55:46 GMT
cache-control
no-cache
content-encoding
br
last-modified
Tue Aug 13 2019 09:26:24 GMT+0000 (Coordinated Universal Time)
content-length
8722
content-type
application/javascript
imagesloaded.pkgd.min.js
harmoniaassurance.destinationvaldor.com/static/scripts/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harmoniaassurance.destinationvaldor.com/static/scripts/imagesloaded.pkgd.min.js
Requested by
Host: harmoniaassurance.destinationvaldor.com
URL: https://harmoniaassurance.destinationvaldor.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.199.139 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.199.197.104.bc.googleusercontent.com
Software
/
Resource Hash
96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harmoniaassurance.destinationvaldor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 18:55:46 GMT
cache-control
no-cache
content-encoding
br
last-modified
Tue Aug 13 2019 09:26:24 GMT+0000 (Coordinated Universal Time)
content-length
1606
content-type
application/javascript
jquery.swipebox.min.js
harmoniaassurance.destinationamos.com/static/scripts/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harmoniaassurance.destinationamos.com/static/scripts/jquery.swipebox.min.js
Requested by
Host: harmoniaassurance.destinationvaldor.com
URL: https://harmoniaassurance.destinationvaldor.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.199.139 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.199.197.104.bc.googleusercontent.com
Software
/
Resource Hash
35f8273132e0c7684fe51ff26ed4d18140931eb40adc78978ff4873ce5b99b75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harmoniaassurance.destinationvaldor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 18:55:46 GMT
cache-control
no-cache
content-encoding
br
last-modified
Tue Aug 13 2019 09:26:24 GMT+0000 (Coordinated Universal Time)
content-length
3569
content-type
application/javascript
pushy.js
harmoniaassurance.destinationamos.com/static/scripts/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harmoniaassurance.destinationamos.com/static/scripts/pushy.js
Requested by
Host: harmoniaassurance.destinationvaldor.com
URL: https://harmoniaassurance.destinationvaldor.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.199.139 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.199.197.104.bc.googleusercontent.com
Software
/
Resource Hash
a3e36847a0d6270dd8ef0970d296b947935c30dc0ee7b50c79772fdf329ef648

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harmoniaassurance.destinationvaldor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 18:55:46 GMT
cache-control
no-cache
content-encoding
br
last-modified
Tue Aug 13 2019 09:26:24 GMT+0000 (Coordinated Universal Time)
content-length
1362
content-type
application/javascript
jquery.matchheight-min.js
harmoniaassurance.destinationamos.com/static/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harmoniaassurance.destinationamos.com/static/scripts/jquery.matchheight-min.js
Requested by
Host: harmoniaassurance.destinationvaldor.com
URL: https://harmoniaassurance.destinationvaldor.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.199.139 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.199.197.104.bc.googleusercontent.com
Software
/
Resource Hash
9e37fc992e4b37984702e4e271c5e965731eec7f88acbd4459c4e8e1c443b909

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harmoniaassurance.destinationvaldor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 18:55:46 GMT
cache-control
no-cache
content-encoding
br
last-modified
Tue Aug 13 2019 09:26:24 GMT+0000 (Coordinated Universal Time)
content-length
1222
content-type
application/javascript
lodash.js
harmoniaassurance.destinationamos.com/static/scripts/ 		70 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harmoniaassurance.destinationamos.com/static/scripts/lodash.js
Requested by
Host: harmoniaassurance.destinationvaldor.com
URL: https://harmoniaassurance.destinationvaldor.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.199.139 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.199.197.104.bc.googleusercontent.com
Software
/
Resource Hash
da4142e734273e0b2aab6ab06233069d9ce1f25f2d209964ce615453a94ef69e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harmoniaassurance.destinationvaldor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 18:55:46 GMT
cache-control
no-cache
content-encoding
br
last-modified
Tue Aug 13 2019 09:26:24 GMT+0000 (Coordinated Universal Time)
content-length
21157
content-type
application/javascript
gnak.min.js
harmoniaassurance.destinationvaldor.com/static/scripts/ 		567 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harmoniaassurance.destinationvaldor.com/static/scripts/gnak.min.js
Requested by
Host: harmoniaassurance.destinationvaldor.com
URL: https://harmoniaassurance.destinationvaldor.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.197.199.139 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.199.197.104.bc.googleusercontent.com
Software
/
Resource Hash
c787f9e90871416fdc069919f80132ca807b0564013634c27f42bcad71e797f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harmoniaassurance.destinationvaldor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 18:55:46 GMT
cache-control
no-cache
content-encoding
br
last-modified
Tue Feb 08 2022 23:39:47 GMT+0000 (Coordinated Universal Time)
content-length
113256
content-type
application/javascript
NSCkXWUMJ4I
www.youtube.com/embed/ Frame 34D9 		66 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/NSCkXWUMJ4I
Requested by
Host: harmoniaassurance.destinationvaldor.com
URL: https://harmoniaassurance.destinationvaldor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
831a462ddc550c5d5048f45cec21f2b6ee489ded7755e3b3dfd4d28a1febfd48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://harmoniaassurance.destinationvaldor.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 18:55:46 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: harmoniaassurance.destinationvaldor.com
URL: https://harmoniaassurance.destinationvaldor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harmoniaassurance.destinationvaldor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 07 Feb 2023 17:12:08 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6218
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Tue, 07 Feb 2023 19:12:08 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://harmoniaassurance.destinationvaldor.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:09:36 GMT
x-content-type-options
nosniff
age
200770
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16740
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:14:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 05 Feb 2024 11:09:36 GMT
fontawesome-webfont.woff2
harmoniaassurance.destinationamos.com/static/fonts/ 		0
0
www-player.css
www.youtube.com/s/player/97ea7458/ Frame 34D9 		360 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/97ea7458/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NSCkXWUMJ4I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b95164237b524353d235fd03cdc0ddf54a489315c59ee4e744cf120657a1ee33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NSCkXWUMJ4I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 18:29:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
1550
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49954
x-xss-protection
0
last-modified
Wed, 01 Feb 2023 01:21:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 07 Feb 2024 18:29:56 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 34D9 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NSCkXWUMJ4I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 15:47:12 GMT
x-content-type-options
nosniff
age
270514
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Feb 2024 15:47:12 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 34D9 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NSCkXWUMJ4I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 22:33:49 GMT
x-content-type-options
nosniff
age
332517
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Feb 2024 22:33:49 GMT
www-embed-player.js
www.youtube.com/s/player/97ea7458/www-embed-player.vflset/ Frame 34D9 		344 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/97ea7458/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NSCkXWUMJ4I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aedf6cfea0cab0b1f40f53ec29e95bd9f6fa480a13050e877e2a29bc3875ded
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NSCkXWUMJ4I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 10:22:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
117214
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110070
x-xss-protection
0
last-modified
Wed, 01 Feb 2023 01:21:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 06 Feb 2024 10:22:12 GMT
base.js
www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/ Frame 34D9 		2 MB
600 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NSCkXWUMJ4I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b169400c72045d965aac2010ff973d4184849800eac9e3ced121b38cabf8317
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NSCkXWUMJ4I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 20:17:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
340677
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
613648
x-xss-protection
0
last-modified
Wed, 01 Feb 2023 01:21:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 03 Feb 2024 20:17:49 GMT
fetch-polyfill.js
www.youtube.com/s/player/97ea7458/fetch-polyfill.vflset/ Frame 34D9 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/97ea7458/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NSCkXWUMJ4I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NSCkXWUMJ4I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 20:13:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
254564
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2786
x-xss-protection
0
last-modified
Wed, 01 Feb 2023 01:21:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 04 Feb 2024 20:13:02 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 34D9
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NSCkXWUMJ4I
Protocol
H2
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
08ea3ab2cf07ddca60cf777ab3dddc13aa8cd295145c37c7f53851f69b342e0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 18:55:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 07 Feb 2023 18:55:46 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 34D9 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 18:48:50 GMT
x-content-type-options
nosniff
age
416
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 07 Feb 2023 19:03:50 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 07 Feb 2023 18:55:46 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 34D9 		66 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d084084b66fdec8e0493a71feedb4dd448dba28b91974493c91cf1a2d144ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 07 Feb 2023 18:55:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31024
x-xss-protection
0
remote.js
www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/ Frame 34D9 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67a19947df4e23cd523fd968a39ea92bf2c2409b11696a6fc07b3bac77ab57a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NSCkXWUMJ4I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 10:36:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
289154
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37293
x-xss-protection
0
last-modified
Wed, 01 Feb 2023 01:21:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 04 Feb 2024 10:36:32 GMT
wBNXk7Q6V2dkHawik5TUb6id0fydDqlxfrWFyJdQ6Xw.js
www.google.com/js/th/ Frame 34D9 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/wBNXk7Q6V2dkHawik5TUb6id0fydDqlxfrWFyJdQ6Xw.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0135793b43a5767641dac229394d46fa89dd1fc9d0ea9717eb585c89750e97c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 07:44:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
40256
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14173
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 15:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Feb 2024 07:44:50 GMT
embed.js
www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/ Frame 34D9 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29cc91344fa42a2ddf205c2d26b851ae379f940eb5c0e321cc274d32bc629ced
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NSCkXWUMJ4I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 22:58:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
331061
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8403
x-xss-protection
0
last-modified
Wed, 01 Feb 2023 01:21:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 03 Feb 2024 22:58:05 GMT
truncated
/ Frame 34D9 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
AL5GRJXGlms2Y0Wc3_XpOusQ7DDuC-gVStcvmJ7Y2259=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 34D9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AL5GRJXGlms2Y0Wc3_XpOusQ7DDuC-gVStcvmJ7Y2259=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NSCkXWUMJ4I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a489eefc5230e29659fc7de4111303432d964ccffcbca292f0920ed37d0a0c50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 18:55:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v8"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2212
x-xss-protection
0
expires
Wed, 08 Feb 2023 18:55:47 GMT
sddefault.webp
i.ytimg.com/vi_webp/NSCkXWUMJ4I/ Frame 34D9 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/NSCkXWUMJ4I/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NSCkXWUMJ4I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2016 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41a06323ad80fc79d61f81bb4dc529bdd13369059c097fea1572db189c7bf90b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 18:55:46 GMT
x-content-type-options
nosniff
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18266
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 07 Feb 2023 20:55:46 GMT
fontawesome-webfont.woff
harmoniaassurance.destinationamos.com/static/fonts/ 		0
0
header
harmoniaassurance.destinationamos.com/fr/navigation/ 		0
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 34D9 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 18:55:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 07 Feb 2023 18:55:46 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 34D9 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fa8a6692664951c1c744e10e89fcc9a02a38230d2af1d7a37a09f441b146f58f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 07 Feb 2023 18:55:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 07 Feb 2023 18:55:46 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
fontawesome-webfont.ttf
harmoniaassurance.destinationamos.com/static/fonts/ 		0
0
cast_sender.js
www.gstatic.com/eureka/clank/109/ Frame 34D9 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/109/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 18:51:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
285
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14851
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 15:07:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 08 Feb 2023 18:51:01 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 34D9 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
X-Goog-Request-Time
1675796149236
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/NSCkXWUMJ4I
X-YouTube-Client-Version
1.20230131.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtubHozSjhFYk8wUSiyvYqfBg%3D%3D
X-YouTube-Ad-Signals
dt=1675796146400&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C555%2C300&vis=1&wgl=true&ca_type=image

Response headers

date
Tue, 07 Feb 2023 18:55:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Tue, 07 Feb 2023 18:55:49 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
harmoniaassurance.destinationamos.com
URL
https://harmoniaassurance.destinationamos.com/static/fonts/fontawesome-webfont.woff2
Domain
harmoniaassurance.destinationamos.com
URL
https://harmoniaassurance.destinationamos.com/static/fonts/fontawesome-webfont.woff
Domain
harmoniaassurance.destinationamos.com
URL
https://harmoniaassurance.destinationamos.com/fr/navigation/header?url=https%3A%2F%2Fharmoniaassurance.destinationvaldor.com%2F&width=1600&height=1200
Domain
harmoniaassurance.destinationamos.com
URL
https://harmoniaassurance.destinationamos.com/static/fonts/fontawesome-webfont.ttf

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange object| Pace function| $ function| jQuery object| gnak function| modalActionRequested function| modalPopRequested function| formInline function| onChangeSubmit function| actionClicked function| handleToggleChange function| onCheckboxChanged function| onRadioChanged object| timeOuts function| refreshButtonClicked function| maskRefreshableFields function| fieldChanged function| onTextFieldChanged function| saveNext function| performScroll function| onSubmitOnce function| initializeNavigation string| GoogleAnalyticsObject function| ga object| jQuery112406627433580364124 function| EvEmitter function| imagesLoaded object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| _ object| regeneratorRuntime

4 Cookies

Domain/Path Name / Value
harmoniaassurance.destinationvaldor.com/ Name: gnak
Value: cf2c9eae83e844a4e0e158fa5cc3e4e02e877248
.youtube.com/ Name: YSC
Value: y8y6PFlTO1Y
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: nlz3J8EbO0Q
.youtube.com/ Name: DEVICE_INFO
Value: ChxOekU1TnpRNE9UWTBNell6TlRVeU56RTVNZz09ELK9ip8GGLK9ip8G

8 Console Messages

Source Level URL
Text
javascript error URL: https://harmoniaassurance.destinationvaldor.com/(Line 27)
Message:
Access to font at 'https://harmoniaassurance.destinationamos.com/static/fonts/fontawesome-webfont.woff2' from origin 'https://harmoniaassurance.destinationvaldor.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://harmoniaassurance.destinationamos.com/static/fonts/fontawesome-webfont.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://harmoniaassurance.destinationvaldor.com/
Message:
Access to font at 'https://harmoniaassurance.destinationamos.com/static/fonts/fontawesome-webfont.woff' from origin 'https://harmoniaassurance.destinationvaldor.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://harmoniaassurance.destinationamos.com/static/fonts/fontawesome-webfont.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://harmoniaassurance.destinationvaldor.com/
Message:
Access to XMLHttpRequest at 'https://harmoniaassurance.destinationamos.com/fr/navigation/header?url=https%3A%2F%2Fharmoniaassurance.destinationvaldor.com%2F&width=1600&height=1200' from origin 'https://harmoniaassurance.destinationvaldor.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://harmoniaassurance.destinationamos.com/fr/navigation/header?url=https%3A%2F%2Fharmoniaassurance.destinationvaldor.com%2F&width=1600&height=1200
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://harmoniaassurance.destinationvaldor.com/
Message:
Access to font at 'https://harmoniaassurance.destinationamos.com/static/fonts/fontawesome-webfont.ttf' from origin 'https://harmoniaassurance.destinationvaldor.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://harmoniaassurance.destinationamos.com/static/fonts/fontawesome-webfont.ttf
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
gnak.ca
googleads.g.doubleclick.net
harmoniaassurance.destinationamos.com
harmoniaassurance.destinationvaldor.com
i.ytimg.com
jnn-pa.googleapis.com
static.doubleclick.net
www.google-analytics.com
www.google.com
www.gstatic.com
www.harmoniaassurance.destinationvaldor.com
www.youtube.com
yt3.ggpht.com
harmoniaassurance.destinationamos.com
104.197.199.139
2a00:1450:400d:802::200a
2a00:1450:400d:802::200e
2a00:1450:400d:803::200a
2a00:1450:400d:803::200e
2a00:1450:400d:806::200a
2a00:1450:400d:807::2004
2a00:1450:400d:807::2006
2a00:1450:400d:807::2016
2a00:1450:400d:808::2001
2a00:1450:400d:80a::2003
2a00:1450:400d:80c::2002
05cadf52d3f7bed0d58db5921ccb97dd1ee302f5f239868164d6bac34f1a2249
08ea3ab2cf07ddca60cf777ab3dddc13aa8cd295145c37c7f53851f69b342e0f
29cc91344fa42a2ddf205c2d26b851ae379f940eb5c0e321cc274d32bc629ced
35f8273132e0c7684fe51ff26ed4d18140931eb40adc78978ff4873ce5b99b75
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41a06323ad80fc79d61f81bb4dc529bdd13369059c097fea1572db189c7bf90b
48ed8177f3190530ec24d4e86cbfb3e1662ac6282af32b3729a3bdc6c10de3f6
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
579a10a2485055e988338be054f866cbe713c8510442130cbda0ce11ced6c49f
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b169400c72045d965aac2010ff973d4184849800eac9e3ced121b38cabf8317
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67a19947df4e23cd523fd968a39ea92bf2c2409b11696a6fc07b3bac77ab57a4
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
831a462ddc550c5d5048f45cec21f2b6ee489ded7755e3b3dfd4d28a1febfd48
8aedf6cfea0cab0b1f40f53ec29e95bd9f6fa480a13050e877e2a29bc3875ded
8d084084b66fdec8e0493a71feedb4dd448dba28b91974493c91cf1a2d144ee1
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44
9d74381acede12fc8de7a4a4b1e0d1f250b46d8094299158f0f5756457cd5479
9e37fc992e4b37984702e4e271c5e965731eec7f88acbd4459c4e8e1c443b909
a3e36847a0d6270dd8ef0970d296b947935c30dc0ee7b50c79772fdf329ef648
a489eefc5230e29659fc7de4111303432d964ccffcbca292f0920ed37d0a0c50
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b95164237b524353d235fd03cdc0ddf54a489315c59ee4e744cf120657a1ee33
c0135793b43a5767641dac229394d46fa89dd1fc9d0ea9717eb585c89750e97c
c787f9e90871416fdc069919f80132ca807b0564013634c27f42bcad71e797f6
cc55037cc62c5e8192cf4b8a61c44f22e921cb203cd474834ba56f8519213917
d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b
d2d8b342a2d4bb6a97e6e2cdfaff59d08a0699e540583e28eab420b15bf70162
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
da4142e734273e0b2aab6ab06233069d9ce1f25f2d209964ce615453a94ef69e
e3b4d7482bff94f0a8eea30640435d4101fc1a5804d3840b137c6e3e356d3ae7
e87f2685f9cc22ee0bd4e4bbfd99f92e371a7e177a9825a04f0c09cbb8e98190
eb92964336d19a44553a7ffa6fe8b54f3f33b8c26fa08580ca36b31b80e9da01
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
fa8a6692664951c1c744e10e89fcc9a02a38230d2af1d7a37a09f441b146f58f