www.westernunion.com Open in urlscan Pro
184.31.84.98 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://em.westernunion.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlTQGl3l8uHabs3azgyzcum4AYT21NRFzdN2fOHDyktaB661eYzefWe9AvnzdyFcyz...
Effective URL:
https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_E...
Submission Tags: phishing malicious Search All
Submission: On February 18 via api (February 18th 2021, 9:19:53 pm UTC) from US

Summary HTTP 254 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 34 IPs in 4 countries across 21 domains to perform 254 HTTP transactions. The main IP is 184.31.84.98, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.westernunion.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on September 29th 2020. Valid for: 10 months.

This is the only time www.westernunion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	12.130.158.40 12.130.158.40	4263 (CERNET-AS...) (CERNET-ASN-BLOCK)
28	184.31.84.98 184.31.84.98	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1	2001:4860:480... 2001:4860:4802:32::15	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:710... 2a02:26f0:7100:199::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
55	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2 3	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
2 8	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::15	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:64:... 2a02:26f0:64:699::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
44	2606:2800:233... 2606:2800:233:8173:898f:63b3:95c3:79d2	15133 (EDGECAST) (EDGECAST)
41	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
4	2606:2800:233... 2606:2800:233:7ee2:97c:ab4c:6c70:be36	15133 (EDGECAST) (EDGECAST)
6	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.23.178 65.9.23.178	16509 (AMAZON-02) (AMAZON-02)
6	2a02:26f0:710... 2a02:26f0:7100:491::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	65.9.20.74 65.9.20.74	16509 (AMAZON-02) (AMAZON-02)
1	13.226.159.53 13.226.159.53	16509 (AMAZON-02) (AMAZON-02)
2 4	34.255.145.192 34.255.145.192	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2.16.186.73 2.16.186.73	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba22	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba13	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
5	65.9.20.107 65.9.20.107	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:218... 2600:9000:2182:fe00:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.218.96.104 34.218.96.104	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:218... 2600:9000:2182:1600:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.212.209.68 52.212.209.68	16509 (AMAZON-02) (AMAZON-02)
1	15.237.76.117 15.237.76.117	16509 (AMAZON-02) (AMAZON-02)
1 1	34.255.166.243 34.255.166.243	16509 (AMAZON-02) (AMAZON-02)
2	13.224.193.86 13.224.193.86	16509 (AMAZON-02) (AMAZON-02)
254	34

1 12.130.158.40 (United States) 1 redirects

ASN4263 (CERNET-ASN-BLOCK, US)
PTR: em.westernunion.com

em.westernunion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 184.31.84.98 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-31-84-98.deploy.static.akamaitechnologies.com

www.westernunion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE, US)

content.zeronaught.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:7100:199::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
686eb704.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.200 (United States) 2 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::15 (United States)

ASN15169 (GOOGLE, US)

wu-api.zeronaught.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:64:699::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2606:2800:233:8173:898f:63b3:95c3:79d2 (United States)

ASN15133 (EDGECAST, US)

abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:233:7ee2:97c:ab4c:6c70:be36 (United States)

ASN15133 (EDGECAST, US)

ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.23.178 (Orlando, United States)

ASN16509 (AMAZON-02, US)

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:7100:491::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.20.74 (Orlando, United States)

ASN16509 (AMAZON-02, US)

ws.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-53.dus51.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.255.145.192 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-145-192.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.186.73 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-73.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yjrwsyyccc5esybo3hua-p2a70y-6786203f2-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba22 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba13 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

fiaqj6absjkbikqce3ygyaaaabqc5wpi-p2a70y-e5c59a9be-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 65.9.20.107 (Orlando, United States)

ASN16509 (AMAZON-02, US)

wsv3cdn.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:fe00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.218.96.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-218-96-104.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2182:1600:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.209.68 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-209-68.eu-west-1.compute.amazonaws.com

westernunion.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.237.76.117 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

smetrics.westernunion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.166.243 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-166-243.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.193.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-86.fra2.r.cloudfront.net

analytics.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
91	twimg.com cdn.syndication.twimg.com abs.twimg.com pbs.twimg.com ton.twimg.com	1 MB
55	youtube.com www.youtube.com	4 MB
30	westernunion.com 1 redirects em.westernunion.com www.westernunion.com smetrics.westernunion.com	740 KB
14	doubleclick.net 2 redirects googleads.g.doubleclick.net static.doubleclick.net	4 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	75 KB
12	twitter.com 2 redirects platform.twitter.com syndication.twitter.com	226 KB
8	audioeye.com ws.audioeye.com wsv3cdn.audioeye.com analytics.audioeye.com	220 KB
6	adobedtm.com assets.adobedtm.com	130 KB
6	cookielaw.org cdn.cookielaw.org	112 KB
6	google.com www.google.com	45 KB
5	demdex.net 2 redirects dpm.demdex.net westernunion.demdex.net	7 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net yjrwsyyccc5esybo3hua-p2a70y-6786203f2-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net fiaqj6absjkbikqce3ygyaaaabqc5wpi-p2a70y-e5c59a9be-clienttons-s.akamaihd.net	1 KB
3	branch.io cdn.branch.io api2.branch.io	25 KB
3	amplitude.com cdn.amplitude.com api.amplitude.com	26 KB
2	go-mpulse.net s.go-mpulse.net c.go-mpulse.net	52 KB
2	zeronaught.com content.zeronaught.com wu-api.zeronaught.com	17 KB
1	everesttech.net 1 redirects cm.everesttech.net	517 B
1	app.link app.link	741 B
1	akstat.io 686eb704.akstat.io	206 B
1	googletagmanager.com www.googletagmanager.com	39 KB
1	onetrust.com geolocation.onetrust.com	551 B
254	21

	Domain	Requested by
55	www.youtube.com	www.westernunion.com www.youtube.com
44	abs.twimg.com	www.westernunion.com platform.twitter.com
41	pbs.twimg.com	www.westernunion.com platform.twitter.com
28	www.westernunion.com	www.westernunion.com
9	platform.twitter.com	www.westernunion.com platform.twitter.com
8	googleads.g.doubleclick.net	2 redirects www.youtube.com
6	assets.adobedtm.com	www.westernunion.com assets.adobedtm.com
6	cdn.cookielaw.org	www.westernunion.com cdn.cookielaw.org
6	www.gstatic.com	www.youtube.com
6	www.google.com	www.youtube.com
6	static.doubleclick.net	www.youtube.com
6	fonts.gstatic.com	www.youtube.com
5	wsv3cdn.audioeye.com	ws.audioeye.com wsv3cdn.audioeye.com
4	dpm.demdex.net	2 redirects
4	ton.twimg.com	platform.twitter.com ton.twimg.com
3	syndication.twitter.com	2 redirects platform.twitter.com
2	analytics.audioeye.com	wsv3cdn.audioeye.com
2	api2.branch.io	www.westernunion.com
2	api.amplitude.com	www.westernunion.com
2	cdn.syndication.twimg.com	platform.twitter.com
1	cm.everesttech.net	1 redirects
1	smetrics.westernunion.com	www.westernunion.com
1	westernunion.demdex.net	assets.adobedtm.com
1	app.link	cdn.branch.io
1	686eb704.akstat.io	s.go-mpulse.net
1	www.googletagmanager.com	www.westernunion.com
1	fiaqj6absjkbikqce3ygyaaaabqc5wpi-p2a70y-e5c59a9be-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	yjrwsyyccc5esybo3hua-p2a70y-6786203f2-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	geolocation.onetrust.com	cdn.cookielaw.org
1	cdn.branch.io	www.westernunion.com
1	ws.audioeye.com	www.westernunion.com
1	cdn.amplitude.com	www.westernunion.com
1	c.go-mpulse.net	s.go-mpulse.net
1	wu-api.zeronaught.com	www.westernunion.com
1	s.go-mpulse.net	www.westernunion.com
1	content.zeronaught.com	www.westernunion.com
1	em.westernunion.com	1 redirects
254	39

This site contains links to these domains. Also see Links.

Domain
fraudquiz.westernunion.com
facebook.com
twitter.com
www.youtube.com
corporate.westernunion.com
wucare.westernunion.com
ir.westernunion.com
foundation.westernunion.com
agentportal.westernunion.com
business.westernunion.com
www.dhs.gov
smart.link
www.facebook.com
www.instagram.com
bugcrowd.com
cookiepedia.co.uk
onetrust.com

Subject Issuer	Validity	Valid
www.westernunion.com GeoTrust RSA CA 2018	`2020-09-29` - `2021-07-21`	10 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
content.zeronaught.com GTS CA 1D2	`2021-02-18` - `2021-05-19`	3 months	crt.sh
akstat.io DigiCert Secure Site ECC CA-1	`2020-05-06` - `2021-08-05`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-30` - `2021-11-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
wu-api.zeronaught.com GTS CA 1D2	`2021-01-18` - `2021-04-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
cdn.amplitude.com Amazon	`2020-11-18` - `2021-12-17`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-08` - `2021-09-30`	9 months	crt.sh
wsv3.audioeye.com Amazon	`2020-12-22` - `2022-01-20`	a year	crt.sh
*.branch.io DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-25`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.audioeye.com DigiCert SHA2 Secure Server CA	`2019-04-29` - `2021-05-21`	2 years	crt.sh
appipv4.link Amazon	`2020-07-22` - `2021-08-22`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2020-02-18` - `2022-02-13`	2 years	crt.sh
smetrics.westernunion.com DigiCert SHA2 High Assurance Server CA	`2020-01-20` - `2021-04-22`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
Frame ID: 6A7EADF3B549F1974D1C6B8287F45646
Requests: 69 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/T8GD4-PXVWR-9MW97-GAT7V-FQG35
Frame ID: 2EE891A2B47E34851761FA56C369C55D
Requests: 4 HTTP requests in this frame

Frame: https://www.youtube.com/embed/o6ylvF8FWy0?rel=0
Frame ID: 3199B7FA1598264FA2FA50E73AB5DF55
Requests: 14 HTTP requests in this frame

Frame: https://www.youtube.com/embed/MVhhy_E1184?rel=0
Frame ID: 94374268C7903C81884F1A661738E15B
Requests: 14 HTTP requests in this frame

Frame: https://www.youtube.com/embed/uHLjBoc_yvo?rel=0
Frame ID: E3885298A303FF93F4DEDDA824B2C6D4
Requests: 14 HTTP requests in this frame

Frame: https://www.youtube.com/embed/s6UuKPGflO0?rel=0
Frame ID: E5F2B1E0BD03726E3DC74522B7D55F5C
Requests: 14 HTTP requests in this frame

Frame: https://www.youtube.com/embed/LkYm2EWIPWg?rel=0
Frame ID: EDF79C12EABF2D970F4987EE60CF7E6D
Requests: 14 HTTP requests in this frame

Frame: https://www.youtube.com/embed/WlitwKWbOFc?rel=0
Frame ID: C99B99CDB188C7C2AECBA2A160C8803A
Requests: 14 HTTP requests in this frame

Frame: https://www.youtube.com/watch?v=LUiJOAEDwww
Frame ID: 880A9A1DF435F3151904706BC083C006
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html?origin=https%3A%2F%2Fwww.westernunion.com
Frame ID: B501DA115A3A97074BB700E9484F4CA8
Requests: 2 HTTP requests in this frame

Frame: https://abs.twimg.com/emoji/v2/72x72/1f50b.png
Frame ID: 2DACEB4E14F9513E44DE8ECF5FDA0BC2
Requests: 44 HTTP requests in this frame

Frame: https://abs.twimg.com/emoji/v2/72x72/1f50b.png
Frame ID: 625A48E736B437D56FAFA278288DEE17
Requests: 53 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 9D82EEB4C4DEEEEFF77791287EEE8324
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 12591AA2D392FD35FC4C050B435E9EB4
Requests: 1 HTTP requests in this frame

Frame: https://westernunion.demdex.net/dest5.html?d_nsid=0
Frame ID: 20AFA75E08CC253400DF8D9838948DDD
Requests: 1 HTTP requests in this frame

Frame: https://wsv3cdn.audioeye.com/frame/cookieStorage.html?build=prod&pscb=54caa5ed1c78fa726e6264825207a8bc
Frame ID: 7ECFCED2B0921D23DFFBF08A5F780FB2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://em.westernunion.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlTQGl3l8uHabs3azgyzcum4AYT21NRFzdN2fOHDyktaB6... HTTP 302
https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFrie... Page URL

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

Amazon S3 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

Page Statistics

254
Requests

100 %
HTTPS

61 %
IPv6

21
Domains

39
Subdomains

34
IPs

4
Countries

7106 kB
Transfer

20434 kB
Size

21
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://fraudquiz.westernunion.com/
Title: Take our fraud quiz

Search URL Search Domain Scan URL

URL: https://facebook.com/WesternUnion
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/WUStopFraud
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/playlist?list=PLvwNZJWQePMXP94BkX8NZbYsYWSoeUFbL
Title:

Search URL Search Domain Scan URL

URL: http://corporate.westernunion.com/index.html
Title: About us

Search URL Search Domain Scan URL

URL: https://wucare.westernunion.com/s/customer-care-home?language=en_US
Title: FAQ

Search URL Search Domain Scan URL

URL: http://corporate.westernunion.com/careers.html
Title: Careers

Search URL Search Domain Scan URL

URL: http://ir.westernunion.com/investor-relations/default.aspx
Title: Investor relationships

Search URL Search Domain Scan URL

URL: http://foundation.westernunion.com/
Title: WU Foundation

Search URL Search Domain Scan URL

URL: https://agentportal.westernunion.com/ap/agentregister.do?pid=usFtBecomeAgent
Title: Become an agent

Search URL Search Domain Scan URL

URL: https://business.westernunion.com/en-US
Title: WU Business Solutions

Search URL Search Domain Scan URL

URL: http://www.dhs.gov/end-human-trafficking
Title: Western Union joins effort to fight human trafficking

Search URL Search Domain Scan URL

URL: https://smart.link/5acbed12c0841
Title:

Search URL Search Domain Scan URL

URL: https://smart.link/5acb915645e76
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/westernunion
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/westernunion
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/westernunion
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/WesternUnion
Title:

Search URL Search Domain Scan URL

URL: https://bugcrowd.com/westernunion
Title: Report a security bug

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: Plus d’informations

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://em.westernunion.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlTQGl3l8uHabs3azgyzcum4AYT21NRFzdN2fOHDyktaB661eYzefWe9AvnzdyFcyzcCzfXJe8jJzf7YVXtpKX%3DSABBYDBCT&_ei_=EvRtIvGb5yZCktEmvLX9wOl8LGMgS74Za-28G1R5Jb0GBegSRExA3hxRRVbyEV1vwPm-7qaleTO1Fr9An8iVFI08QR2DgR_Sr0_6b2q-BZTw3zzOhlsECbVeOnfEr9eT-ng.&_di_=vknq71nh75c6ujk40frh97gg8nnkbt38aro9iekuljlofri59120 HTTP 302
https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 66

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 213

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 214

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 223

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AACD3BC75245B4940A490D4D%40AdobeOrg&d_nsid=0&ts=1613683176108 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AACD3BC75245B4940A490D4D%40AdobeOrg&d_nsid=0&ts=1613683176108

Request Chain 230

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p2a70y9wf HTTP 302
https://yjrwsyyccc5esybo3hua-p2a70y-6786203f2-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 231

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p2a70y9wf HTTP 302
https://fiaqj6absjkbikqce3ygyaaaabqc5wpi-p2a70y-e5c59a9be-clienttons-s.akamaihd.net/eum/results.txt

Request Chain 246

https://cm.everesttech.net/cm/dd?d_uuid=17756740288073763982252106156309755606 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YC7Z6QAAAI7mXDtJ HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YC7Z6QAAAI7mXDtJ

254 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request fraud-home.html Show response
www.westernunion.com/us/en/fraudawareness/
Redirect Chain

https://em.westernunion.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlTQGl3l8uHabs3azgyzcum4AYT21NRFzdN2fOHDyktaB661eYzefWe9AvnzdyFcyzcCzfXJe8jJzf7YVXtpKX%3DSABBYDBCT&_ei_=EvRtIvGb5yZCktEmvLX9wOl8LGMgS74Za-2...
https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA...

423 KB
44 KB

1117ms
710ms

Document
text/html

184.31.84.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-31-84-98.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9463317b23e582336c95dfda2b34d75cb13fbaed0e81f3650eeb6271746953c1

Request headers

:method: GET
:authority: www.westernunion.com
:scheme: https
:path: /us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html
last-modified: Fri, 12 Feb 2021 20:40:16 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
etag: "c2bad8110292bab5cedbc935c666793e"
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: BDxe9d_lydb2tLB7KOpwYcHgnMjjJV2Vs6WAANij3NSLoV4F4P1K7A==
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 446
x-akamai-transformed: 9 425101 0 pmb=mNONE,2mRUM,2
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=86400
expires: Fri, 19 Feb 2021 21:19:31 GMT
date: Thu, 18 Feb 2021 21:19:31 GMT
content-length: 42910
set-cookie: resolution_height=800; path=/; domain=.www.westernunion.com; resolution_width=1280; path=/; domain=.www.westernunion.com; is_tablet=false; path=/; domain=.www.westernunion.com; is_mobile=false; path=/; domain=.www.westernunion.com; AKCountry=PL; expires=Wed, 19-May-2021 21:19:31 GMT; path=/; domain=westernunion.com AKZip=; expires=Wed, 19-May-2021 21:19:31 GMT; path=/; domain=westernunion.com AKRegioncode=; expires=Wed, 19-May-2021 21:19:31 GMT; path=/; domain=westernunion.com AKCity=WARSAW; expires=Wed, 19-May-2021 21:19:31 GMT; path=/; domain=westernunion.com AKAreacode=; expires=Wed, 19-May-2021 21:19:31 GMT; path=/; domain=westernunion.com AKCounty=; expires=Wed, 19-May-2021 21:19:31 GMT; path=/; domain=westernunion.com WUCountryCookie_=US; expires=Wed, 19-May-2021 21:19:31 GMT; path=/; domain=westernunion.com WULanguageCookie_=en; expires=Wed, 19-May-2021 21:19:31 GMT; path=/; domain=westernunion.com AK_TLS_Version=tls1.2; path=/; domain=.westernunion.com AKA_A2=A; expires=Thu, 18-Feb-2021 22:19:31 GMT; path=/; domain=westernunion.com; secure; HttpOnly resolution_height=800; path=/; domain=.www.westernunion.com; resolution_width=1280; path=/; domain=.www.westernunion.com; is_tablet=false; path=/; domain=.www.westernunion.com; is_mobile=false; path=/; domain=.www.westernunion.com;
server-timing: cdn-cache; desc=MISS edge; dur=26 origin; dur=446
x-akam-sw-version: 0.5.0
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *

Redirect headers

Date: Thu, 18 Feb 2021 21:19:30 GMT
Server: Apache
P3P: policyref="http://policy2.responsys.net/w3c/response.xml", CP="NON DSP COR IVAi IVDi OTRi IND ONL"
Pragma: no-cache
Cache-Control: no-store, no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
Connection: close
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8

GET
H2 200 euclidwu-light-webfont.woff2
www.westernunion.com/staticassets/fonts/EN/ 20 KB
22 KB 223ms
222ms Font
binary/octet-stream 184.31.84.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernunion.com/staticassets/fonts/EN/euclidwu-light-webfont.woff2

Requested by

Host: www.westernunion.com
URL: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.84.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-31-84-98.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

c9707e2bc994d97dce15ce405ea8a24d207249546130a84a51ecf68278925e59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.westernunion.com
Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 178
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
etag: "dc2cc0e5d138d9b1ab95686a310cd96c-gzip"
x-amz-cf-pop: IAD66-C2
x-edgeconnect-midmile-rtt: 0
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=9
vary: Accept-Encoding
content-length: 20930
x-xss-protection: 1; mode=block
last-modified: Fri, 12 Feb 2021 20:40:05 GMT
server: AmazonS3
date: Thu, 18 Feb 2021 21:19:32 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: NN19Fqf4nNZ-IK5-orANe2X76EEVQLudzoc5JE_PutdIFgpqHzQx1g==
expires: Sat, 20 Mar 2021 21:19:32 GMT

GET
H2 200 euclidwu-regular-webfont.woff2
www.westernunion.com/staticassets/fonts/EN/ 20 KB
22 KB 234ms
232ms Font
binary/octet-stream 184.31.84.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernunion.com/staticassets/fonts/EN/euclidwu-regular-webfont.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.84.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-31-84-98.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

eb18c5e28a8ed1af4b52b3ba0bbc26b18044ea4b3c4a3f1e85893c31654b2307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.westernunion.com
Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 180
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
etag: "4409df0a93dc31057bf747bbf66b9660-gzip"
x-amz-cf-pop: IAD66-C2
x-edgeconnect-midmile-rtt: 0
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=10
vary: Accept-Encoding
content-length: 20987
x-xss-protection: 1; mode=block
last-modified: Fri, 12 Feb 2021 20:40:05 GMT
server: AmazonS3
date: Thu, 18 Feb 2021 21:19:32 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: MvwqgrhPoh-Qg5GWTq-vR_-NxmludP0d7BSy_pl3B5VJ-v-braXIAQ==
expires: Sat, 20 Mar 2021 21:19:32 GMT

GET
H2 200 euclidwu-medium-webfont.woff2
www.westernunion.com/staticassets/fonts/EN/ 20 KB
22 KB 251ms
249ms Font
binary/octet-stream 184.31.84.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernunion.com/staticassets/fonts/EN/euclidwu-medium-webfont.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.84.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-31-84-98.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

9eb3c3bb2c26612057f694e17d3dd5dd7636f71a766ef7a23abeb83c814444b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.westernunion.com
Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 181
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
etag: "fea32b825ca60d61e45899a992caa551-gzip"
x-amz-cf-pop: IAD66-C2
x-edgeconnect-midmile-rtt: 0
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=11
vary: Accept-Encoding
content-length: 21005
x-xss-protection: 1; mode=block
last-modified: Fri, 12 Feb 2021 20:40:05 GMT
server: AmazonS3
date: Thu, 18 Feb 2021 21:19:32 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: qlgKQkNKUJP0C6_Eg7xj4fzbqoOeWO2bOeo3A7jfJUNMlVcYP_F-Yw==
expires: Sat, 20 Mar 2021 21:19:32 GMT

GET
H2 200 euclidwu-bold-webfont.woff2
www.westernunion.com/staticassets/fonts/EN/ 75 KB
77 KB 263ms
261ms Font
binary/octet-stream 184.31.84.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernunion.com/staticassets/fonts/EN/euclidwu-bold-webfont.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.84.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-31-84-98.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

a86fc3163d8dd4baaadbb64ed8d3f9e9e2e65a6a50bd7900d1ea32b5e7a9e07a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.westernunion.com
Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 174
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
etag: "1c3177bc915144afa20c806d6b9d92e0-gzip"
x-amz-cf-pop: IAD66-C2
x-edgeconnect-midmile-rtt: 0
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=10
vary: Accept-Encoding
content-length: 77251
x-xss-protection: 1; mode=block
last-modified: Fri, 12 Feb 2021 20:40:05 GMT
server: AmazonS3
date: Thu, 18 Feb 2021 21:19:32 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: ciSFhsqqJevaSEnR4x1OOhu61wkYIoQDfBEuqWGv5I3ZiHYofWt0Aw==
expires: Sat, 20 Mar 2021 21:19:32 GMT

GET
H2 200 webpack-runtime-5b9d9dc211eef16412bf.js Show response
www.westernunion.com/staticassets/ 4 KB
3 KB 329ms
326ms Script
application/javascript 184.31.84.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernunion.com/staticassets/webpack-runtime-5b9d9dc211eef16412bf.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.84.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-31-84-98.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

d088058fb9e21d559def1816da8c4f41fabb59c9429ceae7263a8cca6f248730

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 58, 58, 58
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: br
etag: "e115bb3690b022876ea680a66061833a-gzip"
x-amz-cf-pop: IAD66-C2
x-edgeconnect-midmile-rtt: 0, 1, 1
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=13
content-length: 1456
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Feb 2021 06:43:17 GMT
server: Akamai Resource Optimizer
date: Thu, 18 Feb 2021 21:19:32 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 4tXf9t-abmNpd5Wx2MLH3anAuSOPQTdwNz6nSXH_yGVoJ5xzwPk_tQ==
expires: Sat, 20 Mar 2021 21:19:32 GMT

GET
H2 200 framework-abffd082c9fdc4d614b0.js Show response
www.westernunion.com/staticassets/ 21 KB
8 KB 351ms
349ms Script
application/javascript 184.31.84.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernunion.com/staticassets/framework-abffd082c9fdc4d614b0.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.84.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-31-84-98.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

cc78fb461d0ed75d1822dc62d9783ef7b88764257c3eb8b9616f0bab9331fd2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 257
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: br
etag: "8b458914bcbe3dcd717c2cd66701886f-gzip"
x-amz-cf-pop: DFW50-C1
x-edgeconnect-midmile-rtt: 193
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=14
content-length: 7326
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Feb 2021 06:05:54 GMT
server: Akamai Resource Optimizer
date: Thu, 18 Feb 2021 21:19:32 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: boMzc4GYHykvxwqL7N0BOOeyZDX__hoJyGsq7X1rjSDJJm_7jNsEgw==
expires: Sat, 20 Mar 2021 21:19:32 GMT

GET
H2 200 app-92c81ae1310686248988.js Show response
www.westernunion.com/staticassets/ 87 KB
24 KB 352ms
350ms Script
application/javascript 184.31.84.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernunion.com/staticassets/app-92c81ae1310686248988.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.84.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-31-84-98.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

12b8044a0fd2b23063e8c64bd5ec876faea9a6cba7bebf9a780dd8ec6bd91358

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 414, 414
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: br
etag: "f7ebb30afda1d0453835ff2b4a778b7d-gzip"
x-amz-cf-pop: DFW50-C1
x-edgeconnect-midmile-rtt: 160, 165
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=14
content-length: 23808
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Feb 2021 06:50:25 GMT
server: Akamai Resource Optimizer
date: Thu, 18 Feb 2021 21:19:32 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 7Mpi6Y_W1ZIvdPAOjGrcJM17MjEQrIJOj3UDs0AXWrH33Q8a1B0YBg==
expires: Sat, 20 Mar 2021 21:19:32 GMT

GET
H2 200 7effccaf7664082656f52d4858d1fc7f2e04b929-0d5b833024413c3374de.js Show response
www.westernunion.com/staticassets/ 21 KB
8 KB 370ms
368ms Script
application/javascript 184.31.84.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernunion.com/staticassets/7effccaf7664082656f52d4858d1fc7f2e04b929-0d5b833024413c3374de.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.84.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-31-84-98.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

0e541ae911731a219311f486f9de977a95434c090d4d8285cb193287a2de4349

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 73, 73, 73
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: br
etag: "37c9d107c32a2ea2251f1251ab6220e7-gzip"
x-amz-cf-pop: IAD66-C2
x-edgeconnect-midmile-rtt: 0, 0, 0
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=14
content-length: 6750
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Feb 2021 06:43:55 GMT
server: Akamai Resource Optimizer
date: Thu, 18 Feb 2021 21:19:32 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: BE456ISEJHfP0fw1V6T0pjifC65l8Pm8yJQWyzV316OdRavkdah2Iw==
expires: Sat, 20 Mar 2021 21:19:32 GMT

GET
H2 200 component---src-templates-page-js-7b3d6d798ca9793d5eb6.js Show response
www.westernunion.com/staticassets/ 19 KB
7 KB 370ms
368ms Script
application/javascript 184.31.84.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernunion.com/staticassets/component---src-templates-page-js-7b3d6d798ca9793d5eb6.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.84.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-31-84-98.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

6adcc1d95863cb1dbe604ba93fcf5f1a23bb3b17f6152871f5ee57c398823822

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 139, 139
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: br
etag: "fb499fa1e3488e19003687bd109ede2d-gzip"
x-amz-cf-pop: IAD66-C2
x-edgeconnect-midmile-rtt: 160, 176
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=17
content-length: 6425
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Feb 2021 06:49:31 GMT
server: Akamai Resource Optimizer
date: Thu, 18 Feb 2021 21:19:32 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: JF4JWOeCLofdI0pDmCWkX9wKAmJBTVwN7ZLZkGi8aAyl-PiRee2nrw==
expires: Sat, 20 Mar 2021 21:19:32 GMT

GET
H2 200 page-data.json
www.westernunion.com/staticassets/page-data/us/en/fraudawareness/fraud-home.html/ 476 KB
45 KB 1825ms
1823ms Other
application/json 184.31.84.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernunion.com/staticassets/page-data/us/en/fraudawareness/fraud-home.html/page-data.json

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.84.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-31-84-98.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

6241f1c87413383f1c3f85c4413bf787a66f69491171bf489bd429689f1448c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.westernunion.com
Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 417
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
etag: "22c1ccd28d90ed786c9a86f21f5de9e0-gzip"
x-amz-cf-pop: DFW50-C1
x-edgeconnect-midmile-rtt: 0
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=MISS, edge; dur=796, origin; dur=417
vary: Accept-Encoding
content-length: 44820
x-xss-protection: 1; mode=block
last-modified: Fri, 12 Feb 2021 20:40:06 GMT
server: AmazonS3
date: Thu, 18 Feb 2021 21:19:33 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: tPgttgdHSIHO6pCYI2wNaC0dJoyy1wXwKKHHIf2zKjZsnZkIQmFD4w==
expires: Sat, 20 Mar 2021 21:19:33 GMT

GET
H2 200 app-data.json
www.westernunion.com/staticassets/page-data/ 50 B
1 KB 371ms
370ms Other
application/json 184.31.84.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernunion.com/staticassets/page-data/app-data.json

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.84.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-31-84-98.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

0bb6e7b0635beec7e4a62b47af72f70fffc07db9ad83716b5bfc14ba94c65fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.westernunion.com
Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 175
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
etag: "d54ec5e295f52370e011298affcaedcc-gzip"
x-amz-cf-pop: IAD66-C2
x-edgeconnect-midmile-rtt: 5
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=11
vary: Accept-Encoding
content-length: 76
x-xss-protection: 1; mode=block
last-modified: Fri, 12 Feb 2021 20:40:05 GMT
server: AmazonS3
date: Thu, 18 Feb 2021 21:19:32 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: yBr7B50Ul7XNcTx5Zm1OZgKssZciZ0YXHn_t4CpRtm4ZuDihYlySIQ==
expires: Sat, 20 Mar 2021 21:19:32 GMT

GET
H2 200 wu_common.js Show response
www.westernunion.com/etc/clientlibs/westernunion/ 3 KB
2 KB 525ms
524ms Script
application/javascript 184.31.84.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.westernunion.com/etc/clientlibs/westernunion/wu_common.js
Requested by: Host: www.westernunion.com
URL: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-31-84-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 35a48d8af12a27b7fdaab5b44d9c16050ab84381d4315503bf6219128ffc640c

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 10
date: Thu, 18 Feb 2021 21:19:32 GMT
content-encoding: gzip
vary: Accept-Encoding
x-edgeconnect-midmile-rtt: 79
x-ion-hop: 1
server-timing: cdn-cache; desc=MISS, edge; dur=197, origin; dur=10
content-length: 1293
pragma: no-cache
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
access-control-allow-headers: *
expires: Thu, 18 Feb 2021 21:19:32 GMT

GET
H2 200 wu_common.js Show response
www.westernunion.com/etc/clientlibs/westernunion/ 222 KB
134 KB 458ms
458ms Script
application/javascript 184.31.84.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.westernunion.com/etc/clientlibs/westernunion/wu_common.js?async
Requested by: Host: www.westernunion.com
URL: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-31-84-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b817964b237b97cd80071cae1194d0afc9778184fb5d4a0cfb0707d07d3a8902

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 12
date: Thu, 18 Feb 2021 21:19:32 GMT
content-encoding: gzip
vary: Accept-Encoding
x-edgeconnect-midmile-rtt: 79
x-ion-hop: 1
server-timing: cdn-cache; desc=MISS, edge; dur=206, origin; dur=12
content-length: 135822
pragma: no-cache
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
access-control-allow-headers: *
expires: Thu, 18 Feb 2021 21:19:32 GMT

GET
H2 200 logo_horizontal-1.svg
www.westernunion.com/staticassets/static/92339338d2502a99b5f1d762337c03dc/ 11 KB
5 KB 242ms
240ms Image
image/svg+xml 184.31.84.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernunion.com/staticassets/static/92339338d2502a99b5f1d762337c03dc/logo_horizontal-1.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.84.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-31-84-98.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

908ea214fcb01c7ec0092d17d313560a44c6340da2a5d4e837f7e6e85c871435

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 388
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
etag: "92339338d2502a99b5f1d762337c03dc-gzip"
x-amz-cf-pop: IAD66-C2
x-edgeconnect-midmile-rtt: 5
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=16
vary: Accept-Encoding
content-length: 4148
x-xss-protection: 1; mode=block
last-modified: Fri, 12 Feb 2021 20:40:10 GMT
server: AmazonS3
date: Thu, 18 Feb 2021 21:19:32 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: NumGqY_qGyv-PIkA5kUq_EBhYR3iqeyTtM5llCTVjeA2UE1XsvwVeg==
expires: Sat, 20 Mar 2021 21:19:32 GMT

GET
H2 200 logo_symbol-1.svg
www.westernunion.com/staticassets/static/09399305fea0095df3aac81cb31d6054/ 4 KB
2 KB 243ms
241ms Image
image/svg+xml 184.31.84.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernunion.com/staticassets/static/09399305fea0095df3aac81cb31d6054/logo_symbol-1.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.84.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-31-84-98.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

f7ba29a7ff93a6951e58701d2e224de26c2c60bdbe5e4db9de00a8db67c2c761

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 172
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
etag: "09399305fea0095df3aac81cb31d6054-gzip"
x-amz-cf-pop: IAD66-C2
x-edgeconnect-midmile-rtt: 6
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=10
vary: Accept-Encoding
content-length: 1242
x-xss-protection: 1; mode=block
last-modified: Fri, 12 Feb 2021 20:40:07 GMT
server: AmazonS3
date: Thu, 18 Feb 2021 21:19:32 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 4X3Z6y3E8h-mzYITYf8DLiAaSv8F7MQQm3gmB26-Jc2x1yRHC6DKHQ==
expires: Sat, 20 Mar 2021 21:19:32 GMT

GET
H2 200 Zebra-img.jpg
www.westernunion.com/staticassets/static/fe6db7fe42bd1d9972d2c04637734467/ 216 KB
216 KB 243ms
242ms Image
image/jpeg 184.31.84.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernunion.com/staticassets/static/fe6db7fe42bd1d9972d2c04637734467/Zebra-img.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.84.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-31-84-98.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

79229c97c8f09b889426b3e814029c2fc082d3e0b9e058353751300e5cfefff2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 379
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
etag: "fe6db7fe42bd1d9972d2c04637734467-gzip"
x-amz-cf-pop: IAD66-C2
x-edgeconnect-midmile-rtt: 10
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=10
vary: Accept-Encoding
content-length: 220226
x-xss-protection: 1; mode=block
last-modified: Fri, 12 Feb 2021 20:40:16 GMT
server: AmazonS3
date: Thu, 18 Feb 2021 21:19:32 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: YOaTHJRQdxV9vk5J6h_k_vJeqHY9bN4BkvcFtdHIZPtXAoPWH95Cng==
expires: Sat, 20 Mar 2021 21:19:32 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 55ms
12ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.westernunion.com
URL: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC4) /
Resource Hash: c34f5c51cea0ee9e05108c79c404086a24b73fbecb0999654fc9116b4c4b755e

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Feb 2021 21:19:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Feb 2021 21:21:01 GMT
Server: ECS (amb/6BC4)
Age: 1388
Etag: "11a0c75a945561958f0b924da0e67334+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28744

GET
H2 200 main.js Show response
www.westernunion.com/staticassets/scripts/ 44 KB
10 KB 283ms
282ms Script
application/javascript 184.31.84.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernunion.com/staticassets/scripts/main.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.84.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-31-84-98.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

3995b75680b6c37d4afe866603b8ebb3920256947b56cd0beede880dffe82101

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 164, 164
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: br
etag: "4d869a3641605dbc05fc7b9c699aaaf1-gzip"
x-amz-cf-pop: IAD66-C2
x-edgeconnect-midmile-rtt: 124, 124
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=15
content-length: 9052
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Feb 2021 06:29:08 GMT
server: Akamai Resource Optimizer
date: Thu, 18 Feb 2021 21:19:32 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: jflipe9uLMNKJZcZiV3hj_L7ovFVZELvfiJcA_HCn5n5TxrvGFYe7w==
expires: Sat, 20 Mar 2021 21:19:32 GMT

GET
H2 200 jquery-3.1.1.min.js Show response
www.westernunion.com/staticassets/scripts/vendors/ 85 KB
28 KB 284ms
283ms Script
application/javascript 184.31.84.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernunion.com/staticassets/scripts/vendors/jquery-3.1.1.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.84.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-31-84-98.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 421, 421
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: br
etag: "e071abda8fe61194711cfc2ab99fe104-gzip"
x-amz-cf-pop: DFW50-C1
x-edgeconnect-midmile-rtt: 159, 162
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=6
content-length: 27189
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Feb 2021 06:51:49 GMT
server: Akamai Resource Optimizer
date: Thu, 18 Feb 2021 21:19:32 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 0mm_x0RXB4iK137ey7iYnZ_qV8A2gkYtBSwY5Nvj9ODf2B130pzq9Q==
expires: Sat, 20 Mar 2021 21:19:32 GMT

GET
H2 200 westernunion.js Show response
content.zeronaught.com/js/ 31 KB
16 KB 250ms
227ms Script
application/javascript 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://content.zeronaught.com/js/westernunion.js
Requested by: Host: www.westernunion.com
URL: https://www.westernunion.com/etc/clientlibs/westernunion/wu_common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.19.6 /
Resource Hash: b7482d38f8c22ab8d28afa4f61d19c2882a67c9391736fb4ccee6669bed09daf

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:32 GMT
content-encoding: gzip
last-modified: Tue, 29 Sep 2020 20:50:20 GMT
server: nginx/1.19.6
etag: W/"5f739e0c-7aad"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 google
cache-control: max-age=3600
expires: Thu, 18 Feb 2021 22:19:32 GMT

GET
H2 200 T8GD4-PXVWR-9MW97-GAT7V-FQG35 Show response
s.go-mpulse.net/boomerang/ Frame 2EE8 202 KB
51 KB 29ms
7ms Script
application/javascript 2a02:26f0:7100:199::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/T8GD4-PXVWR-9MW97-GAT7V-FQG35
Requested by: Host: www.westernunion.com
URL: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:7100:199::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:32 GMT
content-encoding: br
last-modified: Fri, 25 Dec 2020 19:09:05 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 51580

GET
H2 200 o6ylvF8FWy0 Show response
www.youtube.com/embed/ Frame 3199 51 KB
22 KB 90ms
68ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/o6ylvF8FWy0?rel=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3472b01e522031bfc8d5b90050caae55bd05b34a26ec7d382e46aba5e0f95d84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/o6ylvF8FWy0?rel=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Feb 2021 21:19:32 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=dL9IhFZfO8s; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=MWLRTKbwqtE; Domain=.youtube.com; Expires=Tue, 17-Aug-2021 21:19:32 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+537; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 MVhhy_E1184 Show response
www.youtube.com/embed/ Frame 9437 51 KB
22 KB 88ms
69ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/MVhhy_E1184?rel=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e20cb26a57a8db23fb1d3f8b48452ee3921b0abd4e04a3222a07c3a2037e042

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/MVhhy_E1184?rel=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Feb 2021 21:19:32 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=sDcjem-iOP0; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=DQ4e6kJNedc; Domain=.youtube.com; Expires=Tue, 17-Aug-2021 21:19:32 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+657; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 uHLjBoc_yvo Show response
www.youtube.com/embed/ Frame E388 51 KB
22 KB 82ms
64ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/uHLjBoc_yvo?rel=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9f1ab04fc35dd8f538b131e7ecfa3ba6b61d959cde86f33f70de80c5e6471233

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/uHLjBoc_yvo?rel=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Feb 2021 21:19:32 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=1yX-FjND2Bk; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=NcJ__deVjOA; Domain=.youtube.com; Expires=Tue, 17-Aug-2021 21:19:32 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+614; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 s6UuKPGflO0 Show response
www.youtube.com/embed/ Frame E5F2 51 KB
22 KB 75ms
59ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/s6UuKPGflO0?rel=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5794d89af4a07cb2202b21149e577d50fefd4a8dc25e0a2d1d9ed71bfe75e831

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/s6UuKPGflO0?rel=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Feb 2021 21:19:32 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=ciB7VPxCvS4; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=hx_DBbvaEM8; Domain=.youtube.com; Expires=Tue, 17-Aug-2021 21:19:32 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+858; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 LkYm2EWIPWg Show response
www.youtube.com/embed/ Frame EDF7 52 KB
22 KB 76ms
60ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/LkYm2EWIPWg?rel=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e6d76dfbbc0b00bb795388dc695e602f883426e99b36eb2ec5f6f37fd7f249fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/LkYm2EWIPWg?rel=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Feb 2021 21:19:32 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=pxues3CIVHI; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=s7xVIpVqtT0; Domain=.youtube.com; Expires=Tue, 17-Aug-2021 21:19:32 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+164; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 WlitwKWbOFc Show response
www.youtube.com/embed/ Frame C99B 51 KB
22 KB 81ms
67ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/WlitwKWbOFc?rel=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2dee95e2b830683d9ee917426b24cdf4a6e06dbd90c4884801aa42fece6f4a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/WlitwKWbOFc?rel=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Feb 2021 21:19:32 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=rwcpYO1T0bk; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=fJ_qEe_L0E4; Domain=.youtube.com; Expires=Tue, 17-Aug-2021 21:19:32 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+111; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 watch
www.youtube.com/ Frame 880A 0
0 60ms
47ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/watch?v=LUiJOAEDwww

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /watch?v=LUiJOAEDwww
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Feb 2021 21:19:32 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: GPS=1; Domain=.youtube.com; Expires=Thu, 18-Feb-2021 21:49:32 GMT; Path=/; Secure; HttpOnly YSC=D8LJh7e2F3E; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=uHgCLUy8Elk; Domain=.youtube.com; Expires=Tue, 17-Aug-2021 21:19:32 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+313; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 us.svg
www.westernunion.com/staticassets/static/e7f3ce108d45fe67c67d514a9943ac69/src/assets/images/flags/1x1/ 4 KB
1 KB 257ms
256ms Image
image/svg+xml 184.31.84.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernunion.com/staticassets/static/e7f3ce108d45fe67c67d514a9943ac69/src/assets/images/flags/1x1/us.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.84.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-31-84-98.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

c4ffd0455cf50bc1683646dc77e7263d81cffad51f36d3c39b85a9848fb5a196

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
etag: "8ec583188aba7e9426580350312d97a5-gzip"
x-amz-cf-pop: ORD53-C2
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=28
vary: Accept-Encoding
content-length: 458
x-xss-protection: 1; mode=block
last-modified: Fri, 12 Feb 2021 20:40:12 GMT
server: AmazonS3
date: Thu, 18 Feb 2021 21:19:32 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: LffafE73SDDu1Py9rctsKlvaX4SR75rzvHolvh0t0FZOSn3xX0JXyw==
expires: Sat, 20 Mar 2021 21:19:32 GMT

GET
H2 200 WUAnalyticEventCapture.js Show response
www.westernunion.com/staticassets/scripts/vendors/ 101 KB
13 KB 228ms
227ms Script
application/javascript 184.31.84.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernunion.com/staticassets/scripts/vendors/WUAnalyticEventCapture.js

Requested by

Host: www.westernunion.com
URL: https://www.westernunion.com/staticassets/app-92c81ae1310686248988.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.84.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-31-84-98.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

222a0741a8874f51bfeeaadd24eeec14ab7da8d53e06c491f448eaa14248aab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 309, 309, 309, 309
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: br
etag: "038953e5494ed042c3ea7a8dbfef80e4-gzip"
x-amz-cf-pop: IAD66-C2
x-edgeconnect-midmile-rtt: 155, 155, 274, 156
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 12139
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Feb 2021 06:48:33 GMT
server: Akamai Resource Optimizer
date: Thu, 18 Feb 2021 21:19:32 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: kx_tF-B4s0yEWkshCb5IA4jIS03obIHM6VEaQ7POFXobkiKEoXOsXA==
expires: Sat, 20 Mar 2021 21:19:32 GMT

GET
H/1.1 200
OK widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html Show response
platform.twitter.com/widgets/ Frame B501 320 KB
104 KB 13ms
13ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html?origin=https%3A%2F%2Fwww.westernunion.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB7) /
Resource Hash: 99adb384fd992660be76df488633e76fe86ed9bba2a7cdf143a97e03fc3ee94d

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 778398
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 18 Feb 2021 21:19:32 GMT
Etag: "d9fdaa7a36dc36e57ad53c2039f52486+gzip"
Last-Modified: Mon, 08 Feb 2021 21:19:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BB7)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105677

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/6eebf7aa/ Frame E5F2 340 KB
51 KB 83ms
65ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/s6UuKPGflO0?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0651e9a718a6ce3d030e0086532dad8caf7571b961e311fda509a47d0ba4bd56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/s6UuKPGflO0?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 07:51:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 48510
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52099
x-xss-protection: 0
expires: Fri, 18 Feb 2022 07:51:02 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/ Frame E5F2 157 KB
57 KB 82ms
64ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/s6UuKPGflO0?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f003001a164fc40eb7a767dcb8f36dce6ba51e3f6852f38f9400322dfa59f252

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/s6UuKPGflO0?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 00:47:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 73952
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58426
x-xss-protection: 0
expires: Fri, 18 Feb 2022 00:47:00 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/ Frame E5F2 1 MB
492 KB 64ms
47ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/s6UuKPGflO0?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37555d2a8631f6c69e94303caf2b0f844327688c004f02e7549f15834558c263

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/s6UuKPGflO0?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 09:26:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 42788
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 504129
x-xss-protection: 0
expires: Fri, 18 Feb 2022 09:26:24 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/6eebf7aa/fetch-polyfill.vflset/ Frame E5F2 8 KB
3 KB 35ms
19ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/s6UuKPGflO0?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/s6UuKPGflO0?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 11:43:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 34541
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Fri, 18 Feb 2022 11:43:51 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E5F2 10 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/s6UuKPGflO0?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/embed/s6UuKPGflO0?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 04:25:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
age: 579234
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10748
x-xss-protection: 0
expires: Sat, 12 Feb 2022 04:25:38 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/6eebf7aa/ Frame EDF7 340 KB
51 KB 59ms
46ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/LkYm2EWIPWg?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0651e9a718a6ce3d030e0086532dad8caf7571b961e311fda509a47d0ba4bd56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/LkYm2EWIPWg?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 07:51:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 48510
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52099
x-xss-protection: 0
expires: Fri, 18 Feb 2022 07:51:02 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/ Frame EDF7 157 KB
57 KB 78ms
64ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/LkYm2EWIPWg?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f003001a164fc40eb7a767dcb8f36dce6ba51e3f6852f38f9400322dfa59f252

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/LkYm2EWIPWg?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 00:47:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 73952
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58426
x-xss-protection: 0
expires: Fri, 18 Feb 2022 00:47:00 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/ Frame EDF7 1 MB
492 KB 78ms
65ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/LkYm2EWIPWg?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37555d2a8631f6c69e94303caf2b0f844327688c004f02e7549f15834558c263

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/LkYm2EWIPWg?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 09:26:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 42788
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 504129
x-xss-protection: 0
expires: Fri, 18 Feb 2022 09:26:24 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/6eebf7aa/fetch-polyfill.vflset/ Frame EDF7 8 KB
3 KB 60ms
48ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/LkYm2EWIPWg?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/LkYm2EWIPWg?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 11:43:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 34541
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Fri, 18 Feb 2022 11:43:51 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EDF7 10 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/LkYm2EWIPWg?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/embed/LkYm2EWIPWg?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 04:25:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
age: 579234
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10748
x-xss-protection: 0
expires: Sat, 12 Feb 2022 04:25:38 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/6eebf7aa/ Frame E388 340 KB
51 KB 56ms
47ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uHLjBoc_yvo?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0651e9a718a6ce3d030e0086532dad8caf7571b961e311fda509a47d0ba4bd56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/uHLjBoc_yvo?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 07:51:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 48510
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52099
x-xss-protection: 0
expires: Fri, 18 Feb 2022 07:51:02 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/ Frame E388 157 KB
57 KB 57ms
48ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uHLjBoc_yvo?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f003001a164fc40eb7a767dcb8f36dce6ba51e3f6852f38f9400322dfa59f252

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/uHLjBoc_yvo?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 00:47:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 73952
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58426
x-xss-protection: 0
expires: Fri, 18 Feb 2022 00:47:00 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/ Frame E388 1 MB
492 KB 57ms
47ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uHLjBoc_yvo?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37555d2a8631f6c69e94303caf2b0f844327688c004f02e7549f15834558c263

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/uHLjBoc_yvo?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 09:26:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 42788
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 504129
x-xss-protection: 0
expires: Fri, 18 Feb 2022 09:26:24 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/6eebf7aa/fetch-polyfill.vflset/ Frame E388 8 KB
3 KB 75ms
65ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uHLjBoc_yvo?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/uHLjBoc_yvo?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 11:43:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 34541
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Fri, 18 Feb 2022 11:43:51 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E388 10 KB
11 KB 56ms
42ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uHLjBoc_yvo?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/embed/uHLjBoc_yvo?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 04:25:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
age: 579234
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10748
x-xss-protection: 0
expires: Sat, 12 Feb 2022 04:25:38 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/6eebf7aa/ Frame C99B 340 KB
51 KB 67ms
59ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/WlitwKWbOFc?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0651e9a718a6ce3d030e0086532dad8caf7571b961e311fda509a47d0ba4bd56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/WlitwKWbOFc?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 07:51:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 48510
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52099
x-xss-protection: 0
expires: Fri, 18 Feb 2022 07:51:02 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/ Frame C99B 157 KB
57 KB 54ms
47ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/WlitwKWbOFc?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f003001a164fc40eb7a767dcb8f36dce6ba51e3f6852f38f9400322dfa59f252

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/WlitwKWbOFc?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 00:47:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 73952
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58426
x-xss-protection: 0
expires: Fri, 18 Feb 2022 00:47:00 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/ Frame C99B 1 MB
492 KB 54ms
47ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/WlitwKWbOFc?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37555d2a8631f6c69e94303caf2b0f844327688c004f02e7549f15834558c263

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/WlitwKWbOFc?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 09:26:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 42788
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 504129
x-xss-protection: 0
expires: Fri, 18 Feb 2022 09:26:24 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/6eebf7aa/fetch-polyfill.vflset/ Frame C99B 8 KB
3 KB 50ms
44ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/WlitwKWbOFc?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/WlitwKWbOFc?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 11:43:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 34541
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Fri, 18 Feb 2022 11:43:51 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C99B 10 KB
11 KB 50ms
43ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/WlitwKWbOFc?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/embed/WlitwKWbOFc?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 04:25:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
age: 579234
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10748
x-xss-protection: 0
expires: Sat, 12 Feb 2022 04:25:38 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/6eebf7aa/ Frame 3199 340 KB
51 KB 67ms
63ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/o6ylvF8FWy0?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0651e9a718a6ce3d030e0086532dad8caf7571b961e311fda509a47d0ba4bd56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o6ylvF8FWy0?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 07:51:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 48510
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52099
x-xss-protection: 0
expires: Fri, 18 Feb 2022 07:51:02 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/ Frame 3199 157 KB
57 KB 65ms
62ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/o6ylvF8FWy0?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f003001a164fc40eb7a767dcb8f36dce6ba51e3f6852f38f9400322dfa59f252

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o6ylvF8FWy0?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 00:47:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 73952
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58426
x-xss-protection: 0
expires: Fri, 18 Feb 2022 00:47:00 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/ Frame 3199 1 MB
492 KB 65ms
62ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/o6ylvF8FWy0?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37555d2a8631f6c69e94303caf2b0f844327688c004f02e7549f15834558c263

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o6ylvF8FWy0?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 09:26:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 42788
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 504129
x-xss-protection: 0
expires: Fri, 18 Feb 2022 09:26:24 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/6eebf7aa/fetch-polyfill.vflset/ Frame 3199 8 KB
3 KB 65ms
63ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/o6ylvF8FWy0?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o6ylvF8FWy0?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 11:43:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 34541
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Fri, 18 Feb 2022 11:43:51 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3199 10 KB
11 KB 46ms
43ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/o6ylvF8FWy0?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/embed/o6ylvF8FWy0?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 04:25:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
age: 579234
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10748
x-xss-protection: 0
expires: Sat, 12 Feb 2022 04:25:38 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/6eebf7aa/ Frame 9437 340 KB
51 KB 65ms
62ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MVhhy_E1184?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0651e9a718a6ce3d030e0086532dad8caf7571b961e311fda509a47d0ba4bd56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/MVhhy_E1184?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 07:51:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 48510
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52099
x-xss-protection: 0
expires: Fri, 18 Feb 2022 07:51:02 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/ Frame 9437 157 KB
57 KB 64ms
61ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MVhhy_E1184?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f003001a164fc40eb7a767dcb8f36dce6ba51e3f6852f38f9400322dfa59f252

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/MVhhy_E1184?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 00:47:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 73952
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58426
x-xss-protection: 0
expires: Fri, 18 Feb 2022 00:47:00 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/ Frame 9437 1 MB
492 KB 64ms
61ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MVhhy_E1184?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37555d2a8631f6c69e94303caf2b0f844327688c004f02e7549f15834558c263

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/MVhhy_E1184?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 09:26:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 42788
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 504129
x-xss-protection: 0
expires: Fri, 18 Feb 2022 09:26:24 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/6eebf7aa/fetch-polyfill.vflset/ Frame 9437 8 KB
3 KB 64ms
61ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MVhhy_E1184?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/MVhhy_E1184?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 11:43:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 34541
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Fri, 18 Feb 2022 11:43:51 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9437 10 KB
11 KB 45ms
43ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MVhhy_E1184?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/embed/MVhhy_E1184?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 04:25:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
age: 579234
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10748
x-xss-protection: 0
expires: Sat, 12 Feb 2022 04:25:38 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame B501 183 B
411 B 694ms
298ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=2ceb302c45631031c9483bb27e0a4c29de107158

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html?origin=https%3A%2F%2Fwww.westernunion.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/widgets/widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html?origin=https%3A%2F%2Fwww.westernunion.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-response-time: 105
date: Thu, 18 Feb 2021 21:19:33 GMT
content-encoding: gzip
last-modified: Thu, 18 Feb 2021 21:19:33 GMT
server: tsa_f
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 9cce0998161bda9a6cad45f4792e1bd9
strict-transport-security: max-age=631138519
content-length: 152

GET
H/1.1 200
OK moment~timeline~tweet.01dc90aad711d9816ce427578e2064b6.js Show response
platform.twitter.com/js/ 23 KB
8 KB 13ms
13ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline~tweet.01dc90aad711d9816ce427578e2064b6.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB4) /
Resource Hash: 5ccdf5d349d1898f04c28c1ee09f980c5a805f1c08898fc0fdd9fe66b08f3346

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Feb 2021 21:19:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Feb 2021 21:19:23 GMT
Server: ECS (amb/6BB4)
Age: 778398
Etag: "e1fb072ff312282cd496fe7ad93c853f+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 7652

GET
H/1.1 200
OK timeline.217a220423d55b36c29099c89d1abb2d.js Show response
platform.twitter.com/js/ 21 KB
7 KB 30ms
13ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.217a220423d55b36c29099c89d1abb2d.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC4) /
Resource Hash: 46bddda9c36038b2705662a1f8f153b11fcb7e63454442714c2f1625a5f73138

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Feb 2021 21:19:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Feb 2021 21:19:23 GMT
Server: ECS (amb/6BC4)
Age: 778398
Etag: "32acb80b529b472c464a885ec1fcaa68+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 6651

GET
H3-Q050

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame EDF7
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
160 B

39ms
39ms

XHR
application/json

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/LkYm2EWIPWg?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03a49af2c9bce6f9c71fa35c23691e83972dbacf7effed8942e8a076a6574dae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/LkYm2EWIPWg?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 18 Feb 2021 21:19:33 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame EDF7 29 B
407 B 25ms
5ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/LkYm2EWIPWg?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:15:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 246
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 18 Feb 2021 21:30:27 GMT

GET
H3-Q050

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame E388
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
183 B

38ms
38ms

XHR
application/json

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uHLjBoc_yvo?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf951565f9af76e74bdb8960f05f4f84ce47e9d03a3a21358a616262c5b08fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/uHLjBoc_yvo?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 18 Feb 2021 21:19:33 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame E388 29 B
394 B 27ms
13ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/uHLjBoc_yvo?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:15:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 246
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 18 Feb 2021 21:30:27 GMT

GET
H2 200 dc Show response
wu-api.zeronaught.com/westernunion/ 177 B
327 B 478ms
453ms XHR
text/html 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://wu-api.zeronaught.com/westernunion/dc?key=AIzaSyCd3OyJJXOvIfTsT4_c9q1OobzXGB_eNAY&sc=AAkkA7d3AQAAnzRY6JROuRnI7Sz_kw8W4tgIPepVIVXNiy5Ggbu4vw4lkA0e%7C1%7C0%7C45db8d8f6dc587d18becbaf218c9d2edbfd21635&si=%7B%22uuid%22%3A%225cfa0457eb885d08%22%2C%22pid%22%3A%2243e1f8cb27c71e6b%22%2C%22ts%22%3A1613683172%2C%22p%22%3A0%2C%22v%22%3A%7B%7D%2C%22c%22%3A%7B%22sc%22%3A0%7D%2C%22cv%22%3A%7B%7D%2C%22ls%22%3A%7B%7D%2C%22tp%22%3A307%2C%22rmc%22%3A0%7D
Requested by: Host: www.westernunion.com
URL: https://www.westernunion.com/etc/clientlibs/westernunion/wu_common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: gunicorn/19.9.0 /
Resource Hash: 62e5fc3b6c8ac8fcacea6fe67195b2ae6588ae95661af7da7c42b062e7acc98e

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.westernunion.com
date: Thu, 18 Feb 2021 21:19:33 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
server: gunicorn/19.9.0
via: 1.1 google
content-type: text/html; charset=utf-8

GET
H3-Q050 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame C99B 113 B
1 KB 68ms
54ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

655825c0318f3e78f7c8c7310481c5b8b52be2c42717fdee36ac37e141db36f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/WlitwKWbOFc?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame C99B 29 B
54 B 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/WlitwKWbOFc?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:15:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 246
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 18 Feb 2021 21:30:27 GMT

GET
H3-Q050 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame E5F2 113 B
295 B 39ms
39ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd1aeef7165d7a07b53d836d65d6fdc575af376bf425d8c6ce831ea983567abf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/s6UuKPGflO0?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame E5F2 29 B
54 B 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/s6UuKPGflO0?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:15:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 246
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 18 Feb 2021 21:30:27 GMT

GET
H3-Q050 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 3199 113 B
298 B 40ms
39ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e22fb9158ea01dd16c6992f41d7d52df49758b8bb807c0e0048dbb67e600adc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o6ylvF8FWy0?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 3199 29 B
54 B 8ms
6ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o6ylvF8FWy0?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:15:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 246
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 18 Feb 2021 21:30:27 GMT

GET
H3-Q050 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 9437 113 B
160 B 39ms
38ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03f532fd40e8c186213f4dd7fe8b51d55bb63c7bbaebc568dce1a829082daa67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/MVhhy_E1184?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 9437 29 B
54 B 11ms
6ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/MVhhy_E1184?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:15:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 246
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 18 Feb 2021 21:30:27 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/ Frame EDF7 95 KB
31 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6109e8fab058603a1e83d35427f0f994937d00b9e19bc79e6cc919e01d4f3280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/LkYm2EWIPWg?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 16:30:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 17331
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32155
x-xss-protection: 0
expires: Fri, 18 Feb 2022 16:30:42 GMT

GET
H2 200 4hu3W9Jg9xsuY7gERYFg3xJPMsCLgV-8aZfevEBXI7g.js Show response
www.google.com/js/th/ Frame EDF7 33 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/4hu3W9Jg9xsuY7gERYFg3xJPMsCLgV-8aZfevEBXI7g.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e21bb75bd260f71b2e63b804458160df124f32c08b815fbc6997debc405723b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/LkYm2EWIPWg?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 09:27:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:00:00 GMT
server: sffe
age: 42724
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14405
x-xss-protection: 0
expires: Fri, 18 Feb 2022 09:27:29 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/ Frame EDF7 29 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51acacfa29a4836037ad7a3484b636a8d1adf06f44189818d07970054f4cb23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/LkYm2EWIPWg?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:48:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 189090
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9707
x-xss-protection: 0
expires: Wed, 16 Feb 2022 16:48:03 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/ Frame E388 95 KB
31 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6109e8fab058603a1e83d35427f0f994937d00b9e19bc79e6cc919e01d4f3280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/uHLjBoc_yvo?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 16:30:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 17331
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32155
x-xss-protection: 0
expires: Fri, 18 Feb 2022 16:30:42 GMT

GET
H3-Q050 200 -3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js Show response
www.google.com/js/bg/ Frame E388 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/-3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb73d5d93057e64e297129d2873fdd0fb83ea5dea63bf77cd87e9041af59dbc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/uHLjBoc_yvo?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 15:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:00:00 GMT
server: sffe
age: 106552
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6187
x-xss-protection: 0
expires: Thu, 17 Feb 2022 15:43:41 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/ Frame E388 29 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51acacfa29a4836037ad7a3484b636a8d1adf06f44189818d07970054f4cb23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/uHLjBoc_yvo?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:48:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 189090
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9707
x-xss-protection: 0
expires: Wed, 16 Feb 2022 16:48:03 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/ Frame C99B 95 KB
31 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6109e8fab058603a1e83d35427f0f994937d00b9e19bc79e6cc919e01d4f3280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/WlitwKWbOFc?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 16:30:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 17331
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32155
x-xss-protection: 0
expires: Fri, 18 Feb 2022 16:30:42 GMT

GET
H3-Q050 200 -3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js Show response
www.google.com/js/bg/ Frame C99B 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/-3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb73d5d93057e64e297129d2873fdd0fb83ea5dea63bf77cd87e9041af59dbc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/WlitwKWbOFc?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 15:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:00:00 GMT
server: sffe
age: 106552
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6187
x-xss-protection: 0
expires: Thu, 17 Feb 2022 15:43:41 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/ Frame C99B 29 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51acacfa29a4836037ad7a3484b636a8d1adf06f44189818d07970054f4cb23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/WlitwKWbOFc?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:48:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 189090
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9707
x-xss-protection: 0
expires: Wed, 16 Feb 2022 16:48:03 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/ Frame E5F2 95 KB
31 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6109e8fab058603a1e83d35427f0f994937d00b9e19bc79e6cc919e01d4f3280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/s6UuKPGflO0?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 16:30:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 17331
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32155
x-xss-protection: 0
expires: Fri, 18 Feb 2022 16:30:42 GMT

GET
H3-Q050 200 -3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js Show response
www.google.com/js/bg/ Frame E5F2 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/-3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb73d5d93057e64e297129d2873fdd0fb83ea5dea63bf77cd87e9041af59dbc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/s6UuKPGflO0?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 15:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:00:00 GMT
server: sffe
age: 106552
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6187
x-xss-protection: 0
expires: Thu, 17 Feb 2022 15:43:41 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/ Frame E5F2 29 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51acacfa29a4836037ad7a3484b636a8d1adf06f44189818d07970054f4cb23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/s6UuKPGflO0?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:48:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 189091
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9707
x-xss-protection: 0
expires: Wed, 16 Feb 2022 16:48:03 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/ Frame 3199 95 KB
31 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6109e8fab058603a1e83d35427f0f994937d00b9e19bc79e6cc919e01d4f3280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o6ylvF8FWy0?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 16:30:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 17332
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32155
x-xss-protection: 0
expires: Fri, 18 Feb 2022 16:30:42 GMT

GET
H3-Q050 200 -3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js Show response
www.google.com/js/bg/ Frame 3199 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/-3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb73d5d93057e64e297129d2873fdd0fb83ea5dea63bf77cd87e9041af59dbc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o6ylvF8FWy0?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 15:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:00:00 GMT
server: sffe
age: 106553
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6187
x-xss-protection: 0
expires: Thu, 17 Feb 2022 15:43:41 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/ Frame 3199 29 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51acacfa29a4836037ad7a3484b636a8d1adf06f44189818d07970054f4cb23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o6ylvF8FWy0?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:48:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 189091
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9707
x-xss-protection: 0
expires: Wed, 16 Feb 2022 16:48:03 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/ Frame 9437 95 KB
31 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6109e8fab058603a1e83d35427f0f994937d00b9e19bc79e6cc919e01d4f3280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/MVhhy_E1184?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 16:30:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 17332
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32155
x-xss-protection: 0
expires: Fri, 18 Feb 2022 16:30:42 GMT

GET
H3-Q050 200 -3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js Show response
www.google.com/js/bg/ Frame 9437 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/-3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb73d5d93057e64e297129d2873fdd0fb83ea5dea63bf77cd87e9041af59dbc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/MVhhy_E1184?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 15:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:00:00 GMT
server: sffe
age: 106553
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6187
x-xss-protection: 0
expires: Thu, 17 Feb 2022 15:43:41 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/ Frame 9437 29 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51acacfa29a4836037ad7a3484b636a8d1adf06f44189818d07970054f4cb23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/MVhhy_E1184?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:48:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 189091
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9707
x-xss-protection: 0
expires: Wed, 16 Feb 2022 16:48:03 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame 2EE8 5 KB
2 KB 59ms
45ms XHR
application/json 2a02:26f0:64:699::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=T8GD4-PXVWR-9MW97-GAT7V-FQG35&d=www.westernunion.com&t=5378944&v=1.632.0&if=&sl=0&si=8fvgu5ly0z-qoqtwl&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=188342
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/T8GD4-PXVWR-9MW97-GAT7V-FQG35
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:64:699::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 828248fcd785b275541d1f2c175ca90ea1b6db9b95cd0074cc734cf8c2554b52

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Feb 2021 21:19:34 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 1544

GET
H2 200 smo-config.us.js Show response
www.westernunion.com/staticassets/static/a876a5fdb5f52114859fc94828ee318b/ 168 KB
14 KB 161ms
160ms Script
application/javascript 184.31.84.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernunion.com/staticassets/static/a876a5fdb5f52114859fc94828ee318b/smo-config.us.js

Requested by

Host: www.westernunion.com
URL: https://www.westernunion.com/staticassets/7effccaf7664082656f52d4858d1fc7f2e04b929-0d5b833024413c3374de.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.84.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-31-84-98.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

90df91d05c73113b2ee4eb5e021c9b83ab9a07b0de6aef0af999ee12e5a0dc6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 283, 283
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: br
etag: "a876a5fdb5f52114859fc94828ee318b-gzip"
x-amz-cf-pop: DFW50-C1
x-edgeconnect-midmile-rtt: 5, 5
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 13541
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Feb 2021 06:11:04 GMT
server: Akamai Resource Optimizer
date: Thu, 18 Feb 2021 21:19:34 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: tWZE-j5XZorSwHye_ENRRRAt_yb6nuZSHPuD9H3DYWZezWLSuwcq4A==
expires: Sat, 20 Mar 2021 21:19:34 GMT

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 140 KB
12 KB 65ms
20ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_WUStopFraud_old&dnt=false&domain=www.westernunion.com&lang=en&screen_name=WUStopFraud&suppress_response_codes=true&t=1792981&tz=GMT%2B0100&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D1B) /

Resource Hash

999c693d3d1a3634ddf569765af9e7975fae15e4966e6a1e8406cab4d969ce0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 162
x-cache: HIT
content-disposition: attachment; filename=jsonp.jsonp
access-control-allow-methods: GET
vary: Accept-Encoding
content-length: 12006
x-xss-protection: 0
x-response-time: 204
last-modified: Thu, 18 Feb 2021 21:16:52 GMT
server: ECS (lcy/1D1B)
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
expires: Thu, 18 Feb 2021 21:24:33 GMT
cache-control: must-revalidate, max-age=300
x-connection-hash: 67bb73f0ffaa5c9a9b0f75a07f2bf686
accept-ranges: bytes
timing-allow-origin: *
x-transaction: 004ce2f900b05507
access-contol-allow-origin: platform.twitter.com

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 140 KB
12 KB 68ms
24ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i1_profile_WUStopFraud_old&dnt=false&domain=www.westernunion.com&lang=en&screen_name=WUStopFraud&suppress_response_codes=true&t=1792981&tz=GMT%2B0100&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D39) /

Resource Hash

459fa37ec2e52e3fec10f67b231343572e9aa3474ec7742318268979ea69a620

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 162
x-cache: HIT
content-disposition: attachment; filename=jsonp.jsonp
access-control-allow-methods: GET
vary: Accept-Encoding
content-length: 12006
x-xss-protection: 0
x-response-time: 212
last-modified: Thu, 18 Feb 2021 21:16:52 GMT
server: ECS (lcy/1D39)
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
expires: Thu, 18 Feb 2021 21:24:34 GMT
cache-control: must-revalidate, max-age=300
x-connection-hash: 8dcd4db62264527b609ded56a22718e7
accept-ranges: bytes
timing-allow-origin: *
x-transaction: 008d20a500fb46f0
access-contol-allow-origin: platform.twitter.com

GET
H2 200 outage-banner.html Show response
www.westernunion.com/content/wucom/outage-banner/ 8 KB
4 KB 557ms
556ms XHR
text/html 184.31.84.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernunion.com/content/wucom/outage-banner/outage-banner.html

Requested by

Host: www.westernunion.com
URL: https://www.westernunion.com/etc/clientlibs/westernunion/wu_common.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.84.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-31-84-98.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

6d74ad53e579fb1a225f8b9719881bc43ca509f073a0f17695d0352e27f90eb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 36
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 80
server-timing: cdn-cache; desc=MISS, edge; dur=360, origin; dur=36
vary: Accept-Encoding
content-length: 2676
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 10 Oct 2020 02:06:18 GMT
server: Apache
date: Thu, 18 Feb 2021 21:19:34 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-akamai-transformed: 9 1263 0 pmb=mNONE,2mRUM,2
access-control-allow-headers: *
x-akam-sw-version: 0.5.0
expires: Thu, 18 Feb 2021 21:19:34 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame EDF7 4 KB
2 KB 32ms
13ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c043e209b26776422fdd7a08a36a8d3a3298577f92401a463145d88ebfa93a01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/LkYm2EWIPWg?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Feb 2021 06:49:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1801
x-xss-protection: 0
expires: Thu, 18 Feb 2021 21:19:34 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame E388 4 KB
2 KB 27ms
14ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c043e209b26776422fdd7a08a36a8d3a3298577f92401a463145d88ebfa93a01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/uHLjBoc_yvo?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Feb 2021 06:49:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1801
x-xss-protection: 0
expires: Thu, 18 Feb 2021 21:19:34 GMT

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame EDF7 0
38 B 6ms
6ms Image
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?yxn-iw
Requested by: Host: www.westernunion.com
URL: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/LkYm2EWIPWg?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-Q050 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame C99B 4 KB
2 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c043e209b26776422fdd7a08a36a8d3a3298577f92401a463145d88ebfa93a01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/WlitwKWbOFc?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Feb 2021 06:49:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1801
x-xss-protection: 0
expires: Thu, 18 Feb 2021 21:19:34 GMT

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame E388 0
13 B 6ms
5ms Image
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?XIN1iA
Requested by: Host: www.westernunion.com
URL: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/uHLjBoc_yvo?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame C99B 0
13 B 6ms
6ms Image
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?ZshSIg
Requested by: Host: www.westernunion.com
URL: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/WlitwKWbOFc?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame E5F2 0
13 B 6ms
5ms Image
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?ACrzng
Requested by: Host: www.westernunion.com
URL: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/s6UuKPGflO0?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-Q050 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame E5F2 4 KB
2 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c043e209b26776422fdd7a08a36a8d3a3298577f92401a463145d88ebfa93a01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/s6UuKPGflO0?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Feb 2021 06:49:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1801
x-xss-protection: 0
expires: Thu, 18 Feb 2021 21:19:34 GMT

GET
H3-Q050 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 3199 4 KB
2 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c043e209b26776422fdd7a08a36a8d3a3298577f92401a463145d88ebfa93a01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o6ylvF8FWy0?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Feb 2021 06:49:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1801
x-xss-protection: 0
expires: Thu, 18 Feb 2021 21:19:34 GMT

GET
H3-Q050 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 9437 4 KB
2 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c043e209b26776422fdd7a08a36a8d3a3298577f92401a463145d88ebfa93a01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/MVhhy_E1184?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Feb 2021 06:49:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1801
x-xss-protection: 0
expires: Thu, 18 Feb 2021 21:19:34 GMT

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame 3199 0
13 B 6ms
5ms Image
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?4wFEDQ
Requested by: Host: www.westernunion.com
URL: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/o6ylvF8FWy0?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame 9437 0
13 B 6ms
6ms Image
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?-MZZ8w
Requested by: Host: www.westernunion.com
URL: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/MVhhy_E1184?rel=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 outage-configuration.js Show response
www.westernunion.com/content/wucom/outage-banner/ 24 KB
5 KB 432ms
431ms Script
text/javascript 184.31.84.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernunion.com/content/wucom/outage-banner/outage-configuration.js

Requested by

Host: www.westernunion.com
URL: https://www.westernunion.com/staticassets/7effccaf7664082656f52d4858d1fc7f2e04b929-0d5b833024413c3374de.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.84.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-31-84-98.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9e0232dc0a86894feed097d2a95bf2c6bc8898b6e549a8aceec9bcd4cfa538fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 37, 105, 37, 37
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 40, 7, 146, 47
server-timing: cdn-cache; desc=MISS, edge; dur=140, origin; dur=105
vary: Accept-Encoding
content-length: 4417
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 15 Feb 2021 13:04:08 GMT
server: Apache
date: Thu, 18 Feb 2021 21:19:35 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
access-control-allow-headers: *
expires: Thu, 18 Feb 2021 21:19:35 GMT

GET
H2 200 1f50b.png
abs.twimg.com/emoji/v2/72x72/ Frame 2DAC 322 B
466 B 35ms
11ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f50b.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F6D) /

Resource Hash

d3fb76e9bb7631be2e8dbdf23acdb596f6d3d7e9b718aabb8158bb8bb052482c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
x-content-type-options: nosniff
age: 16426438
x-ton-expected-size: 322
x-cache: HIT
content-length: 322
x-response-time: 12
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:25 GMT
server: ECAcc (frc/8F6D)
etag: "z5wevZrNgUyO6f6Es+d5SQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: b96a6a470ee3ae80d33a598853de322b
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:34 GMT

GET
H2 200 1f4b8.png
abs.twimg.com/emoji/v2/72x72/ Frame 2DAC 1 KB
2 KB 32ms
8ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f4b8.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FED) /

Resource Hash

daf26ae36691689ba351925b0171614e6d24efbe9f11ed45a8a1f51b774638c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
x-content-type-options: nosniff
age: 16924252
x-ton-expected-size: 1449
x-cache: HIT
content-length: 1449
x-response-time: 10
surrogate-key: twitter-assets
last-modified: Wed, 15 Apr 2020 20:54:54 GMT
server: ECAcc (frc/8FED)
etag: "/KZd5a9GkSWPWnbkgyhV9w=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: d2f28c60db6236cb2e4272ed1021f639
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:34 GMT

GET
H2 200 XLACpSCE
pbs.twimg.com/card_img/1361765132892835845/ Frame 2DAC 20 KB
21 KB 73ms
15ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1361765132892835845/XLACpSCE?format=jpg&name=600x314

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B98) /

Resource Hash

5048b3bcd811837c767a9207a3df35bcb09c859849bef6e8a6c47e796bc6106f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 2048
x-cache: HIT
content-length: 20677
x-response-time: 154
surrogate-key: card_img card_img/bucket/5 card_img/1361765132892835845
last-modified: Tue, 16 Feb 2021 19:49:22 GMT
server: ECS (amb/6B98)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c0cb9d8dc45ecd4999caf1c873f6cebc
accept-ranges: bytes

GET
H2 200 1f4b2.png
abs.twimg.com/emoji/v2/72x72/ Frame 2DAC 528 B
673 B 32ms
9ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f4b2.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F38) /

Resource Hash

1edebdeeb793180e241eb0576c268f0a6d674b35683f85abaf1ae6171ac0ddce

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
x-content-type-options: nosniff
age: 16426451
x-ton-expected-size: 528
x-cache: HIT
content-length: 528
x-response-time: 11
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:24 GMT
server: ECAcc (frc/8F38)
etag: "qrDFaBiVuZ6SumX4O7shxQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 9d5759a07fd3f7b4fb965ddbbc2f51c5
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:34 GMT

GET
H2 200 2b07.png
abs.twimg.com/emoji/v2/72x72/ Frame 2DAC 388 B
529 B 32ms
9ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2b07.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F53) /

Resource Hash

11fc3f4ae99586ae01aec05dcf1954dc95024f8d63776d220a3b0187873e6eb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
x-content-type-options: nosniff
age: 20076540
x-ton-expected-size: 388
x-cache: HIT
content-length: 388
x-response-time: 11
surrogate-key: twitter-assets
last-modified: Thu, 16 Apr 2020 17:04:17 GMT
server: ECAcc (frc/8F53)
etag: "SALAWUsBYUywup5sSvc+YQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 519d9c76a258adffbd641a83d7c0abf4
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:34 GMT

GET
H2 200 2705.png
abs.twimg.com/emoji/v2/72x72/ Frame 2DAC 525 B
668 B 37ms
14ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2705.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FBD) /

Resource Hash

e3cc2f7251c41ff1f4b2e07a3ccd074d21288160fbd9893f0f0e4fc62d2c63c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
x-content-type-options: nosniff
age: 18840217
x-ton-expected-size: 525
x-cache: HIT
content-length: 525
x-response-time: 12
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:43 GMT
server: ECAcc (frc/8FBD)
etag: "7zUYLT41o1+zuu1kEClhZw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 73d97b29c5373349581274df41d69c6a
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:34 GMT

GET
H2 200 1f9f3.png
abs.twimg.com/emoji/v2/72x72/ Frame 2DAC 323 B
464 B 32ms
10ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f9f3.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F06) /

Resource Hash

2e291c96a77af5188ed2235a31ca2a33eef388bb4067130f5c97426513eb3355

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
x-content-type-options: nosniff
age: 16426425
x-ton-expected-size: 323
x-cache: HIT
content-length: 323
x-response-time: 11
surrogate-key: twitter-assets
last-modified: Mon, 04 Jun 2018 23:14:22 GMT
server: ECAcc (frc/8F06)
etag: "OZVONN7uoKqaFYZswJgmYg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 2dacda3f55279d5e98661ee461c8c632
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:34 GMT

GET
H2 200 1f459.png
abs.twimg.com/emoji/v2/72x72/ Frame 2DAC 851 B
991 B 19ms
13ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f459.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FF1) /

Resource Hash

ea1e7d4389a3f1b8a5208738663f8d74f0219625847877fa8fb2b1697c9a0fa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
x-content-type-options: nosniff
age: 16426395
x-ton-expected-size: 851
x-cache: HIT
content-length: 851
x-response-time: 12
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:35 GMT
server: ECAcc (frc/8FF1)
etag: "1lsCIGctBCsjFwldYD8Wcg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 0505d439851593ae6c196ac6394d600c
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:34 GMT

GET
H2 200 1f576.png
abs.twimg.com/emoji/v2/72x72/ Frame 2DAC 376 B
522 B 20ms
13ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f576.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F6C) /

Resource Hash

6cc3ed6ac6cff556e3fa6470eb90324d9624b44c577b446bfa107b10b8c21a98

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
x-content-type-options: nosniff
age: 16426401
x-ton-expected-size: 376
x-cache: HIT
content-length: 376
x-response-time: 14
surrogate-key: twitter-assets
last-modified: Mon, 17 Sep 2018 19:13:37 GMT
server: ECAcc (frc/8F6C)
etag: "BVCSwz1Aw4yyODS9kYrQRw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 086717b416c53bc437a62cb75dddbec0
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:34 GMT

GET
H2 200 1f4f8.png
abs.twimg.com/emoji/v2/72x72/ Frame 2DAC 1 KB
1 KB 25ms
19ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f4f8.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FE9) /

Resource Hash

733cb6d23d17e898719635b1d35d6041a243aa41bfb2a266b9e7eddfa5a22e3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
x-content-type-options: nosniff
age: 16426450
x-ton-expected-size: 1051
x-cache: HIT
content-length: 1051
x-response-time: 13
surrogate-key: twitter-assets
last-modified: Mon, 17 Sep 2018 19:13:30 GMT
server: ECAcc (frc/8FE9)
etag: "G69ZXka063MGIj18aOjBxg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 3fa261ddc1f5689ccabff453f7461811
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:34 GMT

GET
H2 200 1f6ab.png
abs.twimg.com/emoji/v2/72x72/ Frame 2DAC 617 B
757 B 20ms
14ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f6ab.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E92) /

Resource Hash

648f2e93eeb916922acc1de00811798cd6f09e60efa98fddb7af90a515c643cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
x-content-type-options: nosniff
age: 21479054
x-ton-expected-size: 617
x-cache: HIT
content-length: 617
x-response-time: 11
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:32 GMT
server: ECAcc (frc/8E92)
etag: "vw8PfoAiXUyOGFHGHRfRhQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: bac0ac8bde8d03638622286ba11aec80
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:34 GMT

GET
H2 200 1f511.png
abs.twimg.com/emoji/v2/72x72/ Frame 2DAC 480 B
603 B 20ms
14ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f511.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FAC) /

Resource Hash

21bfbad7dfc6848e0c5f1a7fd6b8cbb75b80dadeaf71b2703dc78e89dbebbb7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
x-content-type-options: nosniff
age: 16426424
x-ton-expected-size: 480
x-cache: HIT
content-length: 480
x-response-time: 20
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:25 GMT
server: ECAcc (frc/8FAC)
etag: "QYf9HGk/nD6lDlgYvJPXhQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: dbba116b94b6e972413f1120cffa5972
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:34 GMT

GET
H2 200 1f50b.png
abs.twimg.com/emoji/v2/72x72/ Frame 625A 322 B
395 B 16ms
11ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f50b.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F6D) /

Resource Hash

d3fb76e9bb7631be2e8dbdf23acdb596f6d3d7e9b718aabb8158bb8bb052482c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
x-content-type-options: nosniff
age: 16426438
x-ton-expected-size: 322
x-cache: HIT
content-length: 322
x-response-time: 12
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:25 GMT
server: ECAcc (frc/8F6D)
etag: "z5wevZrNgUyO6f6Es+d5SQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: b96a6a470ee3ae80d33a598853de322b
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:34 GMT

GET
H2 200 1f4b8.png
abs.twimg.com/emoji/v2/72x72/ Frame 625A 1 KB
1 KB 19ms
13ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f4b8.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FED) /

Resource Hash

daf26ae36691689ba351925b0171614e6d24efbe9f11ed45a8a1f51b774638c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
x-content-type-options: nosniff
age: 16924252
x-ton-expected-size: 1449
x-cache: HIT
content-length: 1449
x-response-time: 10
surrogate-key: twitter-assets
last-modified: Wed, 15 Apr 2020 20:54:54 GMT
server: ECAcc (frc/8FED)
etag: "/KZd5a9GkSWPWnbkgyhV9w=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: d2f28c60db6236cb2e4272ed1021f639
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:34 GMT

GET
H2 200 XLACpSCE
pbs.twimg.com/card_img/1361765132892835845/ Frame 625A 20 KB
20 KB 81ms
28ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1361765132892835845/XLACpSCE?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B98) /

Resource Hash

5048b3bcd811837c767a9207a3df35bcb09c859849bef6e8a6c47e796bc6106f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 2048
x-cache: HIT
content-length: 20677
x-response-time: 154
surrogate-key: card_img card_img/bucket/5 card_img/1361765132892835845
last-modified: Tue, 16 Feb 2021 19:49:22 GMT
server: ECS (amb/6B98)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c0cb9d8dc45ecd4999caf1c873f6cebc
accept-ranges: bytes

GET
H2 200 1f4b2.png
abs.twimg.com/emoji/v2/72x72/ Frame 625A 528 B
601 B 17ms
12ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f4b2.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F38) /

Resource Hash

1edebdeeb793180e241eb0576c268f0a6d674b35683f85abaf1ae6171ac0ddce

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
x-content-type-options: nosniff
age: 16426451
x-ton-expected-size: 528
x-cache: HIT
content-length: 528
x-response-time: 11
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:24 GMT
server: ECAcc (frc/8F38)
etag: "qrDFaBiVuZ6SumX4O7shxQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 9d5759a07fd3f7b4fb965ddbbc2f51c5
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:34 GMT

GET
H2 200 2b07.png
abs.twimg.com/emoji/v2/72x72/ Frame 625A 388 B
462 B 17ms
12ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2b07.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F53) /

Resource Hash

11fc3f4ae99586ae01aec05dcf1954dc95024f8d63776d220a3b0187873e6eb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
x-content-type-options: nosniff
age: 20076540
x-ton-expected-size: 388
x-cache: HIT
content-length: 388
x-response-time: 11
surrogate-key: twitter-assets
last-modified: Thu, 16 Apr 2020 17:04:17 GMT
server: ECAcc (frc/8F53)
etag: "SALAWUsBYUywup5sSvc+YQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 519d9c76a258adffbd641a83d7c0abf4
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:34 GMT

GET
H2 200 2705.png
abs.twimg.com/emoji/v2/72x72/ Frame 625A 525 B
599 B 18ms
12ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2705.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FBD) /

Resource Hash

e3cc2f7251c41ff1f4b2e07a3ccd074d21288160fbd9893f0f0e4fc62d2c63c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
x-content-type-options: nosniff
age: 18840217
x-ton-expected-size: 525
x-cache: HIT
content-length: 525
x-response-time: 12
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:43 GMT
server: ECAcc (frc/8FBD)
etag: "7zUYLT41o1+zuu1kEClhZw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 73d97b29c5373349581274df41d69c6a
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:34 GMT

GET
H2 200 1f9f3.png
abs.twimg.com/emoji/v2/72x72/ Frame 625A 323 B
397 B 18ms
13ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f9f3.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F06) /

Resource Hash

2e291c96a77af5188ed2235a31ca2a33eef388bb4067130f5c97426513eb3355

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
x-content-type-options: nosniff
age: 16426425
x-ton-expected-size: 323
x-cache: HIT
content-length: 323
x-response-time: 11
surrogate-key: twitter-assets
last-modified: Mon, 04 Jun 2018 23:14:22 GMT
server: ECAcc (frc/8F06)
etag: "OZVONN7uoKqaFYZswJgmYg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 2dacda3f55279d5e98661ee461c8c632
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:34 GMT

GET
H2 200 1f459.png
abs.twimg.com/emoji/v2/72x72/ Frame 625A 851 B
924 B 22ms
16ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f459.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FF1) /

Resource Hash

ea1e7d4389a3f1b8a5208738663f8d74f0219625847877fa8fb2b1697c9a0fa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
x-content-type-options: nosniff
age: 16426395
x-ton-expected-size: 851
x-cache: HIT
content-length: 851
x-response-time: 12
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:35 GMT
server: ECAcc (frc/8FF1)
etag: "1lsCIGctBCsjFwldYD8Wcg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 0505d439851593ae6c196ac6394d600c
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:34 GMT

GET
H2 200 1f576.png
abs.twimg.com/emoji/v2/72x72/ Frame 625A 376 B
450 B 25ms
19ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f576.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F6C) /

Resource Hash

6cc3ed6ac6cff556e3fa6470eb90324d9624b44c577b446bfa107b10b8c21a98

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
x-content-type-options: nosniff
age: 16426401
x-ton-expected-size: 376
x-cache: HIT
content-length: 376
x-response-time: 14
surrogate-key: twitter-assets
last-modified: Mon, 17 Sep 2018 19:13:37 GMT
server: ECAcc (frc/8F6C)
etag: "BVCSwz1Aw4yyODS9kYrQRw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 086717b416c53bc437a62cb75dddbec0
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:34 GMT

GET
H2 200 1f4f8.png
abs.twimg.com/emoji/v2/72x72/ Frame 625A 1 KB
1 KB 26ms
20ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f4f8.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FE9) /

Resource Hash

733cb6d23d17e898719635b1d35d6041a243aa41bfb2a266b9e7eddfa5a22e3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
x-content-type-options: nosniff
age: 16426450
x-ton-expected-size: 1051
x-cache: HIT
content-length: 1051
x-response-time: 13
surrogate-key: twitter-assets
last-modified: Mon, 17 Sep 2018 19:13:30 GMT
server: ECAcc (frc/8FE9)
etag: "G69ZXka063MGIj18aOjBxg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 3fa261ddc1f5689ccabff453f7461811
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:34 GMT

GET
H2 200 1f6ab.png
abs.twimg.com/emoji/v2/72x72/ Frame 625A 617 B
691 B 24ms
18ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f6ab.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E92) /

Resource Hash

648f2e93eeb916922acc1de00811798cd6f09e60efa98fddb7af90a515c643cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
x-content-type-options: nosniff
age: 21479054
x-ton-expected-size: 617
x-cache: HIT
content-length: 617
x-response-time: 11
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:32 GMT
server: ECAcc (frc/8E92)
etag: "vw8PfoAiXUyOGFHGHRfRhQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: bac0ac8bde8d03638622286ba11aec80
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:34 GMT

GET
H2 200 1f511.png
abs.twimg.com/emoji/v2/72x72/ Frame 625A 480 B
554 B 25ms
19ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f511.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FAC) /

Resource Hash

21bfbad7dfc6848e0c5f1a7fd6b8cbb75b80dadeaf71b2703dc78e89dbebbb7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:34 GMT
x-content-type-options: nosniff
age: 16426424
x-ton-expected-size: 480
x-cache: HIT
content-length: 480
x-response-time: 20
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:25 GMT
server: ECAcc (frc/8FAC)
etag: "QYf9HGk/nD6lDlgYvJPXhQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: dbba116b94b6e972413f1120cffa5972
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:34 GMT

GET
H/1.1 200
OK timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
platform.twitter.com/css/ Frame 2DAC 53 KB
12 KB 16ms
13ms Stylesheet
text/css 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B87) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Feb 2021 21:19:34 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Feb 2021 21:19:19 GMT
Server: ECS (amb/6B87)
Age: 778400
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H/1.1 200
OK timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
platform.twitter.com/css/ Frame 625A 53 KB
12 KB 15ms
13ms Stylesheet
text/css 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B87) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Feb 2021 21:19:34 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Feb 2021 21:19:19 GMT
Server: ECS (amb/6B87)
Age: 778400
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H/1.1 200
OK timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 32ms
16ms Image
text/css 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B87) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Feb 2021 21:19:34 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Feb 2021 21:19:19 GMT
Server: ECS (amb/6B87)
Age: 778400
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H2 200 1f50b.png
abs.twimg.com/emoji/v2/72x72/ Frame 2DAC 322 B
441 B 10ms
8ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f50b.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.01dc90aad711d9816ce427578e2064b6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F6D) /

Resource Hash

d3fb76e9bb7631be2e8dbdf23acdb596f6d3d7e9b718aabb8158bb8bb052482c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 16426439
x-ton-expected-size: 322
x-cache: HIT
content-length: 322
x-response-time: 12
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:25 GMT
server: ECAcc (frc/8F6D)
etag: "z5wevZrNgUyO6f6Es+d5SQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: b96a6a470ee3ae80d33a598853de322b
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:35 GMT

GET
H2 200 1f4b8.png
abs.twimg.com/emoji/v2/72x72/ Frame 2DAC 1 KB
1 KB 12ms
9ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f4b8.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.01dc90aad711d9816ce427578e2064b6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FED) /

Resource Hash

daf26ae36691689ba351925b0171614e6d24efbe9f11ed45a8a1f51b774638c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 16924253
x-ton-expected-size: 1449
x-cache: HIT
content-length: 1449
x-response-time: 10
surrogate-key: twitter-assets
last-modified: Wed, 15 Apr 2020 20:54:54 GMT
server: ECAcc (frc/8FED)
etag: "/KZd5a9GkSWPWnbkgyhV9w=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: d2f28c60db6236cb2e4272ed1021f639
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:35 GMT

GET
H2 200 XLACpSCE
pbs.twimg.com/card_img/1361765132892835845/ Frame 2DAC 20 KB
20 KB 17ms
14ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1361765132892835845/XLACpSCE?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.01dc90aad711d9816ce427578e2064b6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B98) /

Resource Hash

5048b3bcd811837c767a9207a3df35bcb09c859849bef6e8a6c47e796bc6106f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 2048
x-cache: HIT
content-length: 20677
x-response-time: 154
surrogate-key: card_img card_img/bucket/5 card_img/1361765132892835845
last-modified: Tue, 16 Feb 2021 19:49:22 GMT
server: ECS (amb/6B98)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c0cb9d8dc45ecd4999caf1c873f6cebc
accept-ranges: bytes

GET
H2 200 1f4b2.png
abs.twimg.com/emoji/v2/72x72/ Frame 2DAC 528 B
601 B 12ms
9ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f4b2.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.01dc90aad711d9816ce427578e2064b6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F38) /

Resource Hash

1edebdeeb793180e241eb0576c268f0a6d674b35683f85abaf1ae6171ac0ddce

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 16426452
x-ton-expected-size: 528
x-cache: HIT
content-length: 528
x-response-time: 11
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:24 GMT
server: ECAcc (frc/8F38)
etag: "qrDFaBiVuZ6SumX4O7shxQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 9d5759a07fd3f7b4fb965ddbbc2f51c5
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:35 GMT

GET
H2 200 2b07.png
abs.twimg.com/emoji/v2/72x72/ Frame 2DAC 388 B
462 B 12ms
10ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2b07.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.01dc90aad711d9816ce427578e2064b6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F53) /

Resource Hash

11fc3f4ae99586ae01aec05dcf1954dc95024f8d63776d220a3b0187873e6eb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 20076541
x-ton-expected-size: 388
x-cache: HIT
content-length: 388
x-response-time: 11
surrogate-key: twitter-assets
last-modified: Thu, 16 Apr 2020 17:04:17 GMT
server: ECAcc (frc/8F53)
etag: "SALAWUsBYUywup5sSvc+YQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 519d9c76a258adffbd641a83d7c0abf4
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:35 GMT

GET
H2 200 2705.png
abs.twimg.com/emoji/v2/72x72/ Frame 2DAC 525 B
599 B 12ms
10ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2705.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.01dc90aad711d9816ce427578e2064b6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FBD) /

Resource Hash

e3cc2f7251c41ff1f4b2e07a3ccd074d21288160fbd9893f0f0e4fc62d2c63c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 18840218
x-ton-expected-size: 525
x-cache: HIT
content-length: 525
x-response-time: 12
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:43 GMT
server: ECAcc (frc/8FBD)
etag: "7zUYLT41o1+zuu1kEClhZw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 73d97b29c5373349581274df41d69c6a
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:35 GMT

GET
H2 200 1f9f3.png
abs.twimg.com/emoji/v2/72x72/ Frame 2DAC 323 B
397 B 12ms
10ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f9f3.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.01dc90aad711d9816ce427578e2064b6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F06) /

Resource Hash

2e291c96a77af5188ed2235a31ca2a33eef388bb4067130f5c97426513eb3355

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 16426426
x-ton-expected-size: 323
x-cache: HIT
content-length: 323
x-response-time: 11
surrogate-key: twitter-assets
last-modified: Mon, 04 Jun 2018 23:14:22 GMT
server: ECAcc (frc/8F06)
etag: "OZVONN7uoKqaFYZswJgmYg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 2dacda3f55279d5e98661ee461c8c632
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:35 GMT

GET
H2 200 1f459.png
abs.twimg.com/emoji/v2/72x72/ Frame 2DAC 851 B
924 B 12ms
10ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f459.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.01dc90aad711d9816ce427578e2064b6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FF1) /

Resource Hash

ea1e7d4389a3f1b8a5208738663f8d74f0219625847877fa8fb2b1697c9a0fa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 16426396
x-ton-expected-size: 851
x-cache: HIT
content-length: 851
x-response-time: 12
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:35 GMT
server: ECAcc (frc/8FF1)
etag: "1lsCIGctBCsjFwldYD8Wcg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 0505d439851593ae6c196ac6394d600c
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:35 GMT

GET
H2 200 1f576.png
abs.twimg.com/emoji/v2/72x72/ Frame 2DAC 376 B
450 B 12ms
11ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f576.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.01dc90aad711d9816ce427578e2064b6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F6C) /

Resource Hash

6cc3ed6ac6cff556e3fa6470eb90324d9624b44c577b446bfa107b10b8c21a98

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 16426402
x-ton-expected-size: 376
x-cache: HIT
content-length: 376
x-response-time: 14
surrogate-key: twitter-assets
last-modified: Mon, 17 Sep 2018 19:13:37 GMT
server: ECAcc (frc/8F6C)
etag: "BVCSwz1Aw4yyODS9kYrQRw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 086717b416c53bc437a62cb75dddbec0
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:35 GMT

GET
H2 200 1f4f8.png
abs.twimg.com/emoji/v2/72x72/ Frame 2DAC 1 KB
1 KB 13ms
11ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f4f8.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.01dc90aad711d9816ce427578e2064b6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FE9) /

Resource Hash

733cb6d23d17e898719635b1d35d6041a243aa41bfb2a266b9e7eddfa5a22e3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 16426451
x-ton-expected-size: 1051
x-cache: HIT
content-length: 1051
x-response-time: 13
surrogate-key: twitter-assets
last-modified: Mon, 17 Sep 2018 19:13:30 GMT
server: ECAcc (frc/8FE9)
etag: "G69ZXka063MGIj18aOjBxg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 3fa261ddc1f5689ccabff453f7461811
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:35 GMT

GET
H2 200 1f6ab.png
abs.twimg.com/emoji/v2/72x72/ Frame 2DAC 617 B
691 B 13ms
12ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f6ab.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.01dc90aad711d9816ce427578e2064b6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E92) /

Resource Hash

648f2e93eeb916922acc1de00811798cd6f09e60efa98fddb7af90a515c643cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 21479055
x-ton-expected-size: 617
x-cache: HIT
content-length: 617
x-response-time: 11
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:32 GMT
server: ECAcc (frc/8E92)
etag: "vw8PfoAiXUyOGFHGHRfRhQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: bac0ac8bde8d03638622286ba11aec80
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:35 GMT

GET
H2 200 1f511.png
abs.twimg.com/emoji/v2/72x72/ Frame 2DAC 480 B
554 B 14ms
13ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f511.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.01dc90aad711d9816ce427578e2064b6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FAC) /

Resource Hash

21bfbad7dfc6848e0c5f1a7fd6b8cbb75b80dadeaf71b2703dc78e89dbebbb7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 16426425
x-ton-expected-size: 480
x-cache: HIT
content-length: 480
x-response-time: 20
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:25 GMT
server: ECAcc (frc/8FAC)
etag: "QYf9HGk/nD6lDlgYvJPXhQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: dbba116b94b6e972413f1120cffa5972
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:35 GMT

GET
H2 200 THkVBZEN_normal.jpg
pbs.twimg.com/profile_images/1080510925751402499/ Frame 2DAC 2 KB
2 KB 15ms
13ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1080510925751402499/THkVBZEN_normal.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BBD) /

Resource Hash

09dc188060a4bbb4f5c63aeddd178e1e102b6bf3c2364d543016d5366694d087

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 459287
x-cache: HIT
content-length: 2035
x-response-time: 113
surrogate-key: profile_images profile_images/bucket/6 profile_images/1080510925751402499
last-modified: Wed, 02 Jan 2019 17:05:34 GMT
server: ECS (amb/6BBD)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 376036aaae471ded3c461d50761f3df9
accept-ranges: bytes

GET
H2 200 fdtRLXGx_normal.jpg
pbs.twimg.com/profile_images/1080499739102081024/ Frame 2DAC 2 KB
2 KB 16ms
12ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1080499739102081024/fdtRLXGx_normal.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B76) /

Resource Hash

5fde101736e6809d69f764d9c9b99f379359dc2979e81a6c2a1324d8c0d6d772

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 521295
x-cache: HIT
content-length: 2035
x-response-time: 114
surrogate-key: profile_images profile_images/bucket/8 profile_images/1080499739102081024
last-modified: Wed, 02 Jan 2019 16:21:07 GMT
server: ECS (amb/6B76)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 82bbc0734b4b1690d8aeceb2acfbb46a
accept-ranges: bytes

GET
H2 200 FG12njoc_normal.jpg
pbs.twimg.com/profile_images/1082355258741841920/ Frame 2DAC 2 KB
2 KB 16ms
13ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1082355258741841920/FG12njoc_normal.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BC2) /

Resource Hash

8a005a01fda555fb9fe7c99436be38f0185405643d6dac4a48aa4ebeb41f367d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 289827
x-cache: HIT
content-length: 1807
x-response-time: 117
surrogate-key: profile_images profile_images/bucket/7 profile_images/1082355258741841920
last-modified: Mon, 07 Jan 2019 19:14:17 GMT
server: ECS (amb/6BC2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 0e91a3d6042fc025763d8f1758a2e07b
accept-ranges: bytes

GET
H2 200 aec80c45dda745cad1c2b30dfdc581ec_normal.png
pbs.twimg.com/profile_images/3505404666/ Frame 2DAC 7 KB
7 KB 18ms
13ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/3505404666/aec80c45dda745cad1c2b30dfdc581ec_normal.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BBC) /

Resource Hash

a2f0b593ae38b180be73973a82d04d8cf7ce0a473e62ae174a3db56cfeda27e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 358867
x-cache: HIT
content-length: 7190
x-response-time: 109
surrogate-key: profile_images profile_images/bucket/7 profile_images/3505404666
last-modified: Thu, 04 Nov 2010 01:42:54 GMT
server: ECS (amb/6BBC)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 13e2e3ffc2af0400ebd460d87ad0e758
accept-ranges: bytes

GET
H2 200 42pL6c5v_normal.jpg
pbs.twimg.com/profile_images/925718614136602625/ Frame 2DAC 2 KB
3 KB 19ms
13ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/925718614136602625/42pL6c5v_normal.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BAC) /

Resource Hash

8f91919592c300517780da4826169619cdeec2d760df69e07c0851e4df15a161

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 225074
x-cache: HIT
content-length: 2415
x-response-time: 108
surrogate-key: profile_images profile_images/bucket/6 profile_images/925718614136602625
last-modified: Wed, 01 Nov 2017 13:36:11 GMT
server: ECS (amb/6BAC)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8a894a3c2a111eea0cbc84b8a90b2f4a
accept-ranges: bytes

GET
H2 200 Twitter_AF_normal.jpg
pbs.twimg.com/profile_images/1864641589/ Frame 2DAC 2 KB
2 KB 18ms
12ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1864641589/Twitter_AF_normal.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B99) /

Resource Hash

016c09fb60485653b9988a15409d764758e84159e6996a5ae399043c657c591a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 549852
x-cache: HIT
content-length: 1731
x-response-time: 109
surrogate-key: profile_images profile_images/bucket/8 profile_images/1864641589
last-modified: Thu, 04 Nov 2010 01:42:54 GMT
server: ECS (amb/6B99)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3712176b236484a9a148eff4e785adc6
accept-ranges: bytes

GET
H2 200 EuSGVT6XEAs6Epc
pbs.twimg.com/media/ Frame 2DAC 46 KB
46 KB 19ms
14ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EuSGVT6XEAs6Epc?format=jpg&name=small

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B8A) /

Resource Hash

782125d87eaf76dbc4e65c054ddc955f59664a073f85c8dad5d30ef838c420a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 13745
x-cache: HIT
content-length: 46890
x-response-time: 119
surrogate-key: media media/bucket/7 media/1361360688053161995
last-modified: Mon, 15 Feb 2021 17:02:15 GMT
server: ECS (amb/6B8A)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: fab67bb59e92dbec2b6029d46baea848
accept-ranges: bytes

GET
H2 200 MrF_i1QF050_3-J1
pbs.twimg.com/ext_tw_video_thumb/1362103142498922498/pu/img/ Frame 2DAC 7 KB
8 KB 31ms
19ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1362103142498922498/pu/img/MrF_i1QF050_3-J1?format=jpg&name=small

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BBD) /

Resource Hash

21882ee973238f8706188d1b817069b3a13decfeb92b88f2d0ce87b1667cfc39

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 96883
x-cache: HIT
content-length: 7597
x-response-time: 121
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/2 ext_tw_video_thumb/1362103142498922498
last-modified: Wed, 17 Feb 2021 18:12:30 GMT
server: ECS (amb/6BBD)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 760311d7f00467da6040c198bab1bf6c
accept-ranges: bytes

GET
H2 200 EuDMQfJXEAgc7fV
pbs.twimg.com/media/ Frame 2DAC 34 KB
34 KB 31ms
19ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EuDMQfJXEAgc7fV?format=jpg&name=small

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B99) /

Resource Hash

44fb0846f54a7c39c991fc36007a7b7a9bb5e9c030b290b73e0cb3a94fbd4918

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 79760
x-cache: HIT
content-length: 34817
x-response-time: 127
surrogate-key: media media/bucket/3 media/1360311671076622344
last-modified: Fri, 12 Feb 2021 19:33:50 GMT
server: ECS (amb/6B99)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: dc60f0372c4ff847bb3df4316a610c3a
accept-ranges: bytes

GET
H2 200 EuDM91VWQAQdZ0W
pbs.twimg.com/media/ Frame 2DAC 58 KB
58 KB 31ms
19ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EuDM91VWQAQdZ0W?format=jpg&name=small

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B7D) /

Resource Hash

cd6034a552b3794bd62322dc1cb633fc44aa9d3ea9f3cfb8de37f551e36e0a7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 89616
x-cache: HIT
content-length: 58949
x-response-time: 128
surrogate-key: media media/bucket/7 media/1360312450126594052
last-modified: Fri, 12 Feb 2021 19:36:56 GMT
server: ECS (amb/6B7D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f6ce7cf98b497b688ce31ae5453f41ca
accept-ranges: bytes

GET
H2 200 Etuya_aXYAEhG0e
pbs.twimg.com/media/ Frame 2DAC 30 KB
31 KB 31ms
19ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Etuya_aXYAEhG0e?format=jpg&name=small

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B74) /

Resource Hash

32efa5ccd5bf8e71160960dfcba6c7ad1ce9673df59a3f03ee83fab2eb84d707

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 98952
x-cache: HIT
content-length: 31196
x-response-time: 124
surrogate-key: media media/bucket/1 media/1358875889350696961
last-modified: Mon, 08 Feb 2021 20:28:33 GMT
server: ECS (amb/6B74)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9cce1b66969fb010e0e1c7b62fa7997f
accept-ranges: bytes

GET
H2 200 EuDK7WtXcAc5mGb
pbs.twimg.com/media/ Frame 2DAC 51 KB
51 KB 24ms
13ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EuDK7WtXcAc5mGb?format=jpg&name=small

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BA5) /

Resource Hash

c19bb7dab9960ad22e4b1c8000ada0e04c5c9c1c7a74d2e3f1de4a343c0381a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 112739
x-cache: HIT
content-length: 51941
x-response-time: 123
surrogate-key: media media/bucket/4 media/1360310208522842119
last-modified: Fri, 12 Feb 2021 19:28:01 GMT
server: ECS (amb/6BA5)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1ebda52609fe033e7fff11b630100399
accept-ranges: bytes

GET
H2 200 EuXxxKmXEAAobGe
pbs.twimg.com/tweet_video_thumb/ Frame 2DAC 31 KB
31 KB 38ms
27ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/tweet_video_thumb/EuXxxKmXEAAobGe?format=jpg&name=small

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BC0) /

Resource Hash

25a6dd1ab3c07ad6b1f0f681a00176945209aa20007b1dab61012cfa83351f2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 169754
x-cache: HIT
content-length: 31391
x-response-time: 131
surrogate-key: tweet_video_thumb tweet_video_thumb/bucket/5 tweet_video_thumb/1361760289310576640
last-modified: Tue, 16 Feb 2021 19:30:07 GMT
server: ECS (amb/6BC0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 65c02acf7adb2713afaca935b823a449
accept-ranges: bytes

GET
H2 200 EtutocVWgAEgdaz
pbs.twimg.com/media/ Frame 2DAC 41 KB
41 KB 38ms
20ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EtutocVWgAEgdaz?format=jpg&name=small

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BB5) /

Resource Hash

e5636a0ac3c64848d9571ea7724476815b626d5b7f4af51fce054aafcbe6aa04

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 179347
x-cache: HIT
content-length: 41597
x-response-time: 124
surrogate-key: media media/bucket/6 media/1358870622894456833
last-modified: Mon, 08 Feb 2021 20:07:37 GMT
server: ECS (amb/6BB5)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e0a747a8f167685077590ecdef744b50
accept-ranges: bytes

GET
H2 200 EuSunAUXMAA30PZ
pbs.twimg.com/media/ Frame 2DAC 39 KB
39 KB 38ms
21ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EuSunAUXMAA30PZ?format=jpg&name=small

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BB5) /

Resource Hash

40ba4593ddea2d34844c23e5064814ae1113eb3191d04f14981480bd39318116

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 188482
x-cache: HIT
content-length: 40010
x-response-time: 126
surrogate-key: media media/bucket/9 media/1361404972496269312
last-modified: Mon, 15 Feb 2021 19:58:13 GMT
server: ECS (amb/6BB5)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 927c6f6a2afcd008b77eb1fd527a28b4
accept-ranges: bytes

GET
H2 200 Etur5k7XMAE6WhM
pbs.twimg.com/media/ Frame 2DAC 42 KB
42 KB 38ms
21ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Etur5k7XMAE6WhM?format=jpg&name=small

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B74) /

Resource Hash

9603537dcd7f7191cd5b247c02e9cd65bf2fc6d211240483b38158d51260a66f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 251968
x-cache: HIT
content-length: 43294
x-response-time: 113
surrogate-key: media media/bucket/7 media/1358868718235889665
last-modified: Mon, 08 Feb 2021 20:00:03 GMT
server: ECS (amb/6B74)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 823c94be1fc14271115bb2a2b291ada2
accept-ranges: bytes

GET
H2 200 Etyy8F0XcAY6YG1
pbs.twimg.com/media/ Frame 2DAC 46 KB
46 KB 39ms
21ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Etyy8F0XcAY6YG1?format=jpg&name=small

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B8D) /

Resource Hash

180e31730a3b3208d55f0649ec681503ea5b205f8457f70f25bcb9f71846eddb

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 379170
x-cache: HIT
content-length: 46852
x-response-time: 115
surrogate-key: media media/bucket/2 media/1359157932982759430
last-modified: Tue, 09 Feb 2021 15:09:17 GMT
server: ECS (amb/6B8D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7e79c67920553cfca53c1fc0380d906b
accept-ranges: bytes

GET
H2 200 EuSIfaiXUAIj0Ok
pbs.twimg.com/media/ Frame 2DAC 28 KB
28 KB 38ms
21ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EuSIfaiXUAIj0Ok?format=jpg&name=small

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BC6) /

Resource Hash

b702efb2adbdf8d3dc1995d41d7f40734dddedf665fe7eb36fcf405488423c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 263340
x-cache: HIT
content-length: 28954
x-response-time: 116
surrogate-key: media media/bucket/4 media/1361363060653510658
last-modified: Mon, 15 Feb 2021 17:11:41 GMT
server: ECS (amb/6BC6)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 67fba00be0273ea5cd4bad26cdb97d31
accept-ranges: bytes

GET
H2 200 THkVBZEN_normal.jpg
pbs.twimg.com/profile_images/1080510925751402499/ Frame 625A 2 KB
2 KB 22ms
12ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1080510925751402499/THkVBZEN_normal.jpg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.01dc90aad711d9816ce427578e2064b6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BBD) /

Resource Hash

09dc188060a4bbb4f5c63aeddd178e1e102b6bf3c2364d543016d5366694d087

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 459287
x-cache: HIT
content-length: 2035
x-response-time: 113
surrogate-key: profile_images profile_images/bucket/6 profile_images/1080510925751402499
last-modified: Wed, 02 Jan 2019 17:05:34 GMT
server: ECS (amb/6BBD)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 376036aaae471ded3c461d50761f3df9
accept-ranges: bytes

GET
H2 200 1f50b.png
abs.twimg.com/emoji/v2/72x72/ Frame 625A 322 B
395 B 16ms
0ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f50b.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.01dc90aad711d9816ce427578e2064b6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F6D) /

Resource Hash

d3fb76e9bb7631be2e8dbdf23acdb596f6d3d7e9b718aabb8158bb8bb052482c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 16426439
x-ton-expected-size: 322
x-cache: HIT
content-length: 322
x-response-time: 12
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:25 GMT
server: ECAcc (frc/8F6D)
etag: "z5wevZrNgUyO6f6Es+d5SQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: b96a6a470ee3ae80d33a598853de322b
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:35 GMT

GET
H2 200 1f4b8.png
abs.twimg.com/emoji/v2/72x72/ Frame 625A 1 KB
1 KB 16ms
0ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f4b8.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.01dc90aad711d9816ce427578e2064b6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FED) /

Resource Hash

daf26ae36691689ba351925b0171614e6d24efbe9f11ed45a8a1f51b774638c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 16924253
x-ton-expected-size: 1449
x-cache: HIT
content-length: 1449
x-response-time: 10
surrogate-key: twitter-assets
last-modified: Wed, 15 Apr 2020 20:54:54 GMT
server: ECAcc (frc/8FED)
etag: "/KZd5a9GkSWPWnbkgyhV9w=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: d2f28c60db6236cb2e4272ed1021f639
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:35 GMT

GET
H2 200 XLACpSCE
pbs.twimg.com/card_img/1361765132892835845/ Frame 625A 20 KB
20 KB 36ms
20ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1361765132892835845/XLACpSCE?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.01dc90aad711d9816ce427578e2064b6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B98) /

Resource Hash

5048b3bcd811837c767a9207a3df35bcb09c859849bef6e8a6c47e796bc6106f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 2048
x-cache: HIT
content-length: 20677
x-response-time: 154
surrogate-key: card_img card_img/bucket/5 card_img/1361765132892835845
last-modified: Tue, 16 Feb 2021 19:49:22 GMT
server: ECS (amb/6B98)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c0cb9d8dc45ecd4999caf1c873f6cebc
accept-ranges: bytes

GET
H2 200 fdtRLXGx_normal.jpg
pbs.twimg.com/profile_images/1080499739102081024/ Frame 625A 2 KB
2 KB 36ms
20ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1080499739102081024/fdtRLXGx_normal.jpg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.01dc90aad711d9816ce427578e2064b6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B76) /

Resource Hash

5fde101736e6809d69f764d9c9b99f379359dc2979e81a6c2a1324d8c0d6d772

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 521295
x-cache: HIT
content-length: 2035
x-response-time: 114
surrogate-key: profile_images profile_images/bucket/8 profile_images/1080499739102081024
last-modified: Wed, 02 Jan 2019 16:21:07 GMT
server: ECS (amb/6B76)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 82bbc0734b4b1690d8aeceb2acfbb46a
accept-ranges: bytes

GET
H2 200 FG12njoc_normal.jpg
pbs.twimg.com/profile_images/1082355258741841920/ Frame 625A 2 KB
2 KB 37ms
17ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1082355258741841920/FG12njoc_normal.jpg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.01dc90aad711d9816ce427578e2064b6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BC2) /

Resource Hash

8a005a01fda555fb9fe7c99436be38f0185405643d6dac4a48aa4ebeb41f367d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 289827
x-cache: HIT
content-length: 1807
x-response-time: 117
surrogate-key: profile_images profile_images/bucket/7 profile_images/1082355258741841920
last-modified: Mon, 07 Jan 2019 19:14:17 GMT
server: ECS (amb/6BC2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 0e91a3d6042fc025763d8f1758a2e07b
accept-ranges: bytes

GET
H2 200 aec80c45dda745cad1c2b30dfdc581ec_normal.png
pbs.twimg.com/profile_images/3505404666/ Frame 625A 7 KB
7 KB 37ms
18ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/3505404666/aec80c45dda745cad1c2b30dfdc581ec_normal.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.01dc90aad711d9816ce427578e2064b6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BBC) /

Resource Hash

a2f0b593ae38b180be73973a82d04d8cf7ce0a473e62ae174a3db56cfeda27e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 358867
x-cache: HIT
content-length: 7190
x-response-time: 109
surrogate-key: profile_images profile_images/bucket/7 profile_images/3505404666
last-modified: Thu, 04 Nov 2010 01:42:54 GMT
server: ECS (amb/6BBC)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 13e2e3ffc2af0400ebd460d87ad0e758
accept-ranges: bytes

GET
H2 200 1f4b2.png
abs.twimg.com/emoji/v2/72x72/ Frame 625A 528 B
601 B 25ms
6ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f4b2.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.01dc90aad711d9816ce427578e2064b6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F38) /

Resource Hash

1edebdeeb793180e241eb0576c268f0a6d674b35683f85abaf1ae6171ac0ddce

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 16426452
x-ton-expected-size: 528
x-cache: HIT
content-length: 528
x-response-time: 11
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:24 GMT
server: ECAcc (frc/8F38)
etag: "qrDFaBiVuZ6SumX4O7shxQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 9d5759a07fd3f7b4fb965ddbbc2f51c5
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:35 GMT

GET
H2 200 42pL6c5v_normal.jpg
pbs.twimg.com/profile_images/925718614136602625/ Frame 625A 2 KB
3 KB 37ms
18ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/925718614136602625/42pL6c5v_normal.jpg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.01dc90aad711d9816ce427578e2064b6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BAC) /

Resource Hash

8f91919592c300517780da4826169619cdeec2d760df69e07c0851e4df15a161

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 225074
x-cache: HIT
content-length: 2415
x-response-time: 108
surrogate-key: profile_images profile_images/bucket/6 profile_images/925718614136602625
last-modified: Wed, 01 Nov 2017 13:36:11 GMT
server: ECS (amb/6BAC)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8a894a3c2a111eea0cbc84b8a90b2f4a
accept-ranges: bytes

GET
H2 200 2b07.png
abs.twimg.com/emoji/v2/72x72/ Frame 625A 388 B
462 B 25ms
7ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2b07.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.01dc90aad711d9816ce427578e2064b6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F53) /

Resource Hash

11fc3f4ae99586ae01aec05dcf1954dc95024f8d63776d220a3b0187873e6eb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 20076541
x-ton-expected-size: 388
x-cache: HIT
content-length: 388
x-response-time: 11
surrogate-key: twitter-assets
last-modified: Thu, 16 Apr 2020 17:04:17 GMT
server: ECAcc (frc/8F53)
etag: "SALAWUsBYUywup5sSvc+YQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 519d9c76a258adffbd641a83d7c0abf4
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:35 GMT

GET
H2 200 2705.png
abs.twimg.com/emoji/v2/72x72/ Frame 625A 525 B
599 B 26ms
7ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2705.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.01dc90aad711d9816ce427578e2064b6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FBD) /

Resource Hash

e3cc2f7251c41ff1f4b2e07a3ccd074d21288160fbd9893f0f0e4fc62d2c63c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 18840218
x-ton-expected-size: 525
x-cache: HIT
content-length: 525
x-response-time: 12
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:43 GMT
server: ECAcc (frc/8FBD)
etag: "7zUYLT41o1+zuu1kEClhZw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 73d97b29c5373349581274df41d69c6a
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:35 GMT

GET
H2 200 1f9f3.png
abs.twimg.com/emoji/v2/72x72/ Frame 625A 323 B
397 B 27ms
9ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f9f3.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.01dc90aad711d9816ce427578e2064b6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F06) /

Resource Hash

2e291c96a77af5188ed2235a31ca2a33eef388bb4067130f5c97426513eb3355

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 16426426
x-ton-expected-size: 323
x-cache: HIT
content-length: 323
x-response-time: 11
surrogate-key: twitter-assets
last-modified: Mon, 04 Jun 2018 23:14:22 GMT
server: ECAcc (frc/8F06)
etag: "OZVONN7uoKqaFYZswJgmYg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 2dacda3f55279d5e98661ee461c8c632
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:35 GMT

GET
H2 200 1f459.png
abs.twimg.com/emoji/v2/72x72/ Frame 625A 851 B
924 B 27ms
9ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f459.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.01dc90aad711d9816ce427578e2064b6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FF1) /

Resource Hash

ea1e7d4389a3f1b8a5208738663f8d74f0219625847877fa8fb2b1697c9a0fa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 16426396
x-ton-expected-size: 851
x-cache: HIT
content-length: 851
x-response-time: 12
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:35 GMT
server: ECAcc (frc/8FF1)
etag: "1lsCIGctBCsjFwldYD8Wcg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 0505d439851593ae6c196ac6394d600c
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:35 GMT

GET
H2 200 1f576.png
abs.twimg.com/emoji/v2/72x72/ Frame 625A 376 B
450 B 27ms
10ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f576.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.01dc90aad711d9816ce427578e2064b6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F6C) /

Resource Hash

6cc3ed6ac6cff556e3fa6470eb90324d9624b44c577b446bfa107b10b8c21a98

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 16426402
x-ton-expected-size: 376
x-cache: HIT
content-length: 376
x-response-time: 14
surrogate-key: twitter-assets
last-modified: Mon, 17 Sep 2018 19:13:37 GMT
server: ECAcc (frc/8F6C)
etag: "BVCSwz1Aw4yyODS9kYrQRw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 086717b416c53bc437a62cb75dddbec0
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:35 GMT

GET
H2 200 1f4f8.png
abs.twimg.com/emoji/v2/72x72/ Frame 625A 1 KB
1 KB 28ms
10ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f4f8.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.01dc90aad711d9816ce427578e2064b6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FE9) /

Resource Hash

733cb6d23d17e898719635b1d35d6041a243aa41bfb2a266b9e7eddfa5a22e3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 16426451
x-ton-expected-size: 1051
x-cache: HIT
content-length: 1051
x-response-time: 13
surrogate-key: twitter-assets
last-modified: Mon, 17 Sep 2018 19:13:30 GMT
server: ECAcc (frc/8FE9)
etag: "G69ZXka063MGIj18aOjBxg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 3fa261ddc1f5689ccabff453f7461811
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:35 GMT

GET
H2 200 1f6ab.png
abs.twimg.com/emoji/v2/72x72/ Frame 625A 617 B
691 B 28ms
9ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f6ab.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.01dc90aad711d9816ce427578e2064b6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E92) /

Resource Hash

648f2e93eeb916922acc1de00811798cd6f09e60efa98fddb7af90a515c643cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 21479055
x-ton-expected-size: 617
x-cache: HIT
content-length: 617
x-response-time: 11
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:32 GMT
server: ECAcc (frc/8E92)
etag: "vw8PfoAiXUyOGFHGHRfRhQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: bac0ac8bde8d03638622286ba11aec80
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:35 GMT

GET
H2 200 1f511.png
abs.twimg.com/emoji/v2/72x72/ Frame 625A 480 B
554 B 28ms
9ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f511.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.01dc90aad711d9816ce427578e2064b6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FAC) /

Resource Hash

21bfbad7dfc6848e0c5f1a7fd6b8cbb75b80dadeaf71b2703dc78e89dbebbb7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 16426425
x-ton-expected-size: 480
x-cache: HIT
content-length: 480
x-response-time: 20
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:25 GMT
server: ECAcc (frc/8FAC)
etag: "QYf9HGk/nD6lDlgYvJPXhQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: dbba116b94b6e972413f1120cffa5972
accept-ranges: bytes
expires: Fri, 18 Feb 2022 21:19:35 GMT

GET
H2 200 Twitter_AF_normal.jpg
pbs.twimg.com/profile_images/1864641589/ Frame 625A 2 KB
2 KB 45ms
26ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1864641589/Twitter_AF_normal.jpg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.01dc90aad711d9816ce427578e2064b6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B99) /

Resource Hash

016c09fb60485653b9988a15409d764758e84159e6996a5ae399043c657c591a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 549852
x-cache: HIT
content-length: 1731
x-response-time: 109
surrogate-key: profile_images profile_images/bucket/8 profile_images/1864641589
last-modified: Thu, 04 Nov 2010 01:42:54 GMT
server: ECS (amb/6B99)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3712176b236484a9a148eff4e785adc6
accept-ranges: bytes

GET
H2 200 EuSGVT6XEAs6Epc
pbs.twimg.com/media/ Frame 625A 74 KB
74 KB 39ms
24ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EuSGVT6XEAs6Epc?format=jpg&name=900x900

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B8A) /

Resource Hash

124ef99a3456a542ee0cb44576e6d619af8634d75bc8781094bf69c85241c41b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 13707
x-cache: HIT
content-length: 75335
x-response-time: 176
surrogate-key: media media/bucket/7 media/1361360688053161995
last-modified: Mon, 15 Feb 2021 17:02:15 GMT
server: ECS (amb/6B8A)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 32027fdfca50e63c63e9ddb4fc83c20d
accept-ranges: bytes

GET
H2 200 MrF_i1QF050_3-J1
pbs.twimg.com/ext_tw_video_thumb/1362103142498922498/pu/img/ Frame 625A 11 KB
12 KB 39ms
25ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1362103142498922498/pu/img/MrF_i1QF050_3-J1?format=jpg&name=900x900

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BBD) /

Resource Hash

a07105aba194bc0b1f21993681f7b812b515b6fbd0fcbc36f4acc7d662c126f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 77398
x-cache: HIT
content-length: 11753
x-response-time: 154
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/2 ext_tw_video_thumb/1362103142498922498
last-modified: Wed, 17 Feb 2021 18:12:30 GMT
server: ECS (amb/6BBD)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6e9e8504d5bebdac763932b7f1fd26c1
accept-ranges: bytes

GET
H2 200 EuDMQfJXEAgc7fV
pbs.twimg.com/media/ Frame 625A 60 KB
60 KB 39ms
25ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EuDMQfJXEAgc7fV?format=jpg&name=900x900

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B99) /

Resource Hash

7a4db64df90aa04b73770b2d10f0bebfd6ac68262d8a4463547b9f950cb1d27e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 79748
x-cache: HIT
content-length: 60971
x-response-time: 174
surrogate-key: media media/bucket/3 media/1360311671076622344
last-modified: Fri, 12 Feb 2021 19:33:50 GMT
server: ECS (amb/6B99)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 559a26c08165519128762a822b32c674
accept-ranges: bytes

GET
H2 200 EuDM91VWQAQdZ0W
pbs.twimg.com/media/ Frame 625A 90 KB
90 KB 39ms
25ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EuDM91VWQAQdZ0W?format=jpg&name=900x900

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B7D) /

Resource Hash

e467b8b69e618db83b78ebc057348e7173da65b14cacb6dd828a049e69cfc723

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 89664
x-cache: HIT
content-length: 91815
x-response-time: 177
surrogate-key: media media/bucket/7 media/1360312450126594052
last-modified: Fri, 12 Feb 2021 19:36:56 GMT
server: ECS (amb/6B7D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d6127b15c7c57527aaa51bff250391a1
accept-ranges: bytes

GET
H2 200 Etuya_aXYAEhG0e
pbs.twimg.com/media/ Frame 625A 48 KB
48 KB 39ms
25ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Etuya_aXYAEhG0e?format=jpg&name=900x900

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B74) /

Resource Hash

68ac41278822b212aa883254358c92d474f1cd8622afce153d982ce90d8ec400

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 98949
x-cache: HIT
content-length: 49291
x-response-time: 197
surrogate-key: media media/bucket/1 media/1358875889350696961
last-modified: Mon, 08 Feb 2021 20:28:33 GMT
server: ECS (amb/6B74)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 05a5e9fa6350abf0ebcaf9edc43edd1d
accept-ranges: bytes

GET
H2 200 EuDK7WtXcAc5mGb
pbs.twimg.com/media/ Frame 625A 73 KB
73 KB 38ms
25ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EuDK7WtXcAc5mGb?format=jpg&name=900x900

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BA5) /

Resource Hash

f0c9cd3e599c9dcebe68c273299c476f6631e9c4c8c544c387d9a9cfa6151757

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 112660
x-cache: HIT
content-length: 74299
x-response-time: 197
surrogate-key: media media/bucket/4 media/1360310208522842119
last-modified: Fri, 12 Feb 2021 19:28:01 GMT
server: ECS (amb/6BA5)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e7a90d6dfd3ebe5b3d744a180bba3114
accept-ranges: bytes

GET
H2 200 EuXxxKmXEAAobGe
pbs.twimg.com/tweet_video_thumb/ Frame 625A 31 KB
31 KB 38ms
25ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/tweet_video_thumb/EuXxxKmXEAAobGe?format=jpg&name=900x900

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BC0) /

Resource Hash

25a6dd1ab3c07ad6b1f0f681a00176945209aa20007b1dab61012cfa83351f2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 169485
x-cache: HIT
content-length: 31391
x-response-time: 125
surrogate-key: tweet_video_thumb tweet_video_thumb/bucket/5 tweet_video_thumb/1361760289310576640
last-modified: Tue, 16 Feb 2021 19:30:07 GMT
server: ECS (amb/6BC0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 19e55b6760d1d5553a1dfaa19aec62c3
accept-ranges: bytes

GET
H2 200 EtutocVWgAEgdaz
pbs.twimg.com/media/ Frame 625A 61 KB
61 KB 33ms
26ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EtutocVWgAEgdaz?format=jpg&name=900x900

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BB5) /

Resource Hash

6802be08bf18395b2374916ac3f13b872934c792beac461ed1c42e2bcb5d0cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 179347
x-cache: HIT
content-length: 62314
x-response-time: 196
surrogate-key: media media/bucket/6 media/1358870622894456833
last-modified: Mon, 08 Feb 2021 20:07:37 GMT
server: ECS (amb/6BB5)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 698ac740872b1db8beebe50b3c378e97
accept-ranges: bytes

GET
H2 200 EuSunAUXMAA30PZ
pbs.twimg.com/media/ Frame 625A 59 KB
60 KB 33ms
26ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EuSunAUXMAA30PZ?format=jpg&name=900x900

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BB5) /

Resource Hash

28868f709b6552c5c31cb9c8409ed05698947b934ac22ef232595ac925791f12

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 263954
x-cache: HIT
content-length: 60798
x-response-time: 172
surrogate-key: media media/bucket/9 media/1361404972496269312
last-modified: Mon, 15 Feb 2021 19:58:13 GMT
server: ECS (amb/6BB5)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c93bcddea11b07eca0b70056a8b87490
accept-ranges: bytes

GET
H2 200 Etur5k7XMAE6WhM
pbs.twimg.com/media/ Frame 625A 66 KB
66 KB 33ms
26ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Etur5k7XMAE6WhM?format=jpg&name=900x900

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B74) /

Resource Hash

1238601bbaf030632ccb76f5b7c32878152cf42159b7b82edbdbb6df57d42a1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 251691
x-cache: HIT
content-length: 67634
x-response-time: 153
surrogate-key: media media/bucket/7 media/1358868718235889665
last-modified: Mon, 08 Feb 2021 20:00:03 GMT
server: ECS (amb/6B74)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6f1c3a214c26c06ecd1b2711ce8ec2a1
accept-ranges: bytes

GET
H2 200 Etyy8F0XcAY6YG1
pbs.twimg.com/media/ Frame 625A 68 KB
69 KB 33ms
26ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Etyy8F0XcAY6YG1?format=jpg&name=900x900

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B8D) /

Resource Hash

55d81176f60ae1c16fdb3d3c047f4c8f350857a8281d3056ed596a93c0ffb0bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 379165
x-cache: HIT
content-length: 70041
x-response-time: 172
surrogate-key: media media/bucket/2 media/1359157932982759430
last-modified: Tue, 09 Feb 2021 15:09:17 GMT
server: ECS (amb/6B8D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 89daafa29355f8672bd871cf88aede70
accept-ranges: bytes

GET
H2 200 EuSIfaiXUAIj0Ok
pbs.twimg.com/media/ Frame 625A 44 KB
45 KB 33ms
26ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EuSIfaiXUAIj0Ok?format=jpg&name=900x900

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BC6) /

Resource Hash

8077f1a8fe8e7b6669b29f3cfe4bc8ed5e9086c0a2b149f1c027d4887482b1a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 263331
x-cache: HIT
content-length: 45422
x-response-time: 187
surrogate-key: media media/bucket/4 media/1361363060653510658
last-modified: Mon, 15 Feb 2021 17:11:41 GMT
server: ECS (amb/6BC6)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 646524e46599ff1e23d1dfcf57528998
accept-ranges: bytes

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame 2DAC 44 KB
7 KB 50ms
12ms Stylesheet
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96736
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 8
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 99fbce976bb00a2d55f7d635b56182f5
accept-ranges: bytes
expires: Thu, 25 Feb 2021 21:19:35 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame 625A 44 KB
7 KB 47ms
13ms Stylesheet
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96736
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 8
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 99fbce976bb00a2d55f7d635b56182f5
accept-ranges: bytes
expires: Thu, 25 Feb 2021 21:19:35 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 54ms
17ms Image
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96736
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 8
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 99fbce976bb00a2d55f7d635b56182f5
accept-ranges: bytes
expires: Thu, 25 Feb 2021 21:19:35 GMT

GET
DATA 200
OK truncated
/ Frame 625A 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 625A 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 625A 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 625A 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 625A 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 625A 739 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 625A 607 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 XLACpSCE
pbs.twimg.com/card_img/1361765132892835845/ Frame 625A 20 KB
20 KB 14ms
13ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1361765132892835845/XLACpSCE?format=jpg&name=600x314

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B98) /

Resource Hash

5048b3bcd811837c767a9207a3df35bcb09c859849bef6e8a6c47e796bc6106f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
x-content-type-options: nosniff
age: 2048
x-cache: HIT
content-length: 20677
x-response-time: 154
surrogate-key: card_img card_img/bucket/5 card_img/1361765132892835845
last-modified: Tue, 16 Feb 2021 19:49:22 GMT
server: ECS (amb/6B98)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c0cb9d8dc45ecd4999caf1c873f6cebc
accept-ranges: bytes

GET
H2 200 news_stroke_v1_78ce5b21fb24a7c7e528d22fc25bd9f9df7f24e2.svg
ton.twimg.com/tfw/assets/ Frame 625A 829 B
529 B 8ms
8ms Image
image/svg+xml 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/assets/news_stroke_v1_78ce5b21fb24a7c7e528d22fc25bd9f9df7f24e2.svg

Requested by

Host: ton.twimg.com
URL: https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FB7) /

Resource Hash

5c0f79d0286f1fd3db48e1b689358017b302c0f4babde540329e8c644cf119c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95991
x-ton-expected-size: 829
x-cache: HIT
vary: Accept-Encoding
content-length: 395
x-response-time: 9
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FB7)
etag: "CTUg6L9PuY+d9h5xpE0zmw=="
strict-transport-security: max-age=631138519
content-type: image/svg+xml
access-control-allow-origin: *
x-connection-hash: f5e3863ec829fec6641eea40cb31f019
accept-ranges: bytes
expires: Thu, 25 Feb 2021 21:19:35 GMT

GET
H2 200 outage-banner-logic.js Show response
www.westernunion.com/content/wucom/outage-banner/ 15 KB
4 KB 490ms
490ms Script
text/javascript 184.31.84.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernunion.com/content/wucom/outage-banner/outage-banner-logic.js

Requested by

Host: www.westernunion.com
URL: https://www.westernunion.com/staticassets/7effccaf7664082656f52d4858d1fc7f2e04b929-0d5b833024413c3374de.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.84.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-31-84-98.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

72b5b6268dd50f5de44f3fe52d2613a9523f16c2d904bc2ea291b418a1bbd1f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 27, 70, 27, 27
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 24, 1, 133, 31
server-timing: cdn-cache; desc=MISS, edge; dur=202, origin; dur=70
vary: Accept-Encoding
content-length: 3718
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 30 Oct 2020 02:50:55 GMT
server: Apache
date: Thu, 18 Feb 2021 21:19:35 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
access-control-allow-headers: *
expires: Thu, 18 Feb 2021 21:19:35 GMT

GET
H/1.1

200
OK

jot.html Show response
platform.twitter.com/ Frame 9D82
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
571 B

13ms
12ms

Document
text/html

2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: www.westernunion.com
URL: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC4) /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://www.westernunion.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 778401
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 18 Feb 2021 21:19:35 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Mon, 08 Feb 2021 21:20:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BC4)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Thu, 18 Feb 2021 21:19:35 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Thu, 18 Feb 2021 21:19:35 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_f
status: 302 Found
strict-transport-security: max-age=631138519
x-connection-hash: 9cce0998161bda9a6cad45f4792e1bd9
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 119
x-transaction: 00b52a6400967a4c
x-tsa-request-body-time: 1
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H/1.1

200
OK

jot.html Show response
platform.twitter.com/ Frame 1259
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
571 B

13ms
12ms

Document
text/html

2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: www.westernunion.com
URL: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC4) /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://www.westernunion.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 778401
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 18 Feb 2021 21:19:35 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Mon, 08 Feb 2021 21:20:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BC4)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Thu, 18 Feb 2021 21:19:35 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Thu, 18 Feb 2021 21:19:35 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_f
status: 302 Found
strict-transport-security: max-age=631138519
x-connection-hash: 9cce0998161bda9a6cad45f4792e1bd9
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 121
x-transaction: 005368c2006a85f1
x-tsa-request-body-time: 9
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 13 KB
5 KB 26ms
12ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.westernunion.com
URL: https://www.westernunion.com/staticassets/app-92c81ae1310686248988.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd4b42f7c8ddeeedbc0e556a5da8b647fd08c56a2ac3540b1e5a6d9342ba5c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 18 Feb 2021 21:19:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: DgCf/JQeR4+J+ZEYMfLA9Q==
age: 3423
vary: Accept-Encoding
content-length: 4211
cf-request-id: 08589c4a2000002c569f24d000000001
x-ms-lease-status: unlocked
last-modified: Thu, 18 Feb 2021 14:14:24 GMT
server: cloudflare
etag: 0x8D8D4177E597BD1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b1e4d451-a01e-00b5-4101-06d519000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 623ac989c95f2c56-FRA

GET
H2 200 md5.min.js Show response
www.westernunion.com/staticassets/scripts/vendors/ 4 KB
3 KB 182ms
182ms Script
application/javascript 184.31.84.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernunion.com/staticassets/scripts/vendors/md5.min.js

Requested by

Host: www.westernunion.com
URL: https://www.westernunion.com/staticassets/app-92c81ae1310686248988.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.84.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-31-84-98.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

280166f7fcdc3ffb209d074ce092b622d1ebb709b86450c7d018e6a8c60d3888

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 161, 161, 161
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: br
etag: "af8afe3ab3163be66748672b28e2ea9f-gzip"
x-amz-cf-pop: IAD66-C2
x-edgeconnect-midmile-rtt: 142, 142, 142
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 1640
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Feb 2021 06:14:03 GMT
server: Akamai Resource Optimizer
date: Thu, 18 Feb 2021 21:19:36 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 4SZ09k3iZaWL78RQTpQvZNs4OzSV-uVnZZYBApWdmknGlNufaAaReA==
expires: Sat, 20 Mar 2021 21:19:36 GMT

GET
H2 200 amplitude-4.4.0-min.gz.js Show response
cdn.amplitude.com/libs/ 74 KB
25 KB 421ms
159ms Script
application/javascript 65.9.23.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-4.4.0-min.gz.js
Requested by: Host: www.westernunion.com
URL: https://www.westernunion.com/staticassets/app-92c81ae1310686248988.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.23.178 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa4d27e0d0c0172667e24d953344b058b7f16c6ef7dcc54a8910878f1d050cae

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 06:01:30 GMT
content-encoding: gzip
age: 5498287
x-cache: Hit from cloudfront
content-length: 25521
access-control-allow-origin: *
last-modified: Mon, 21 Oct 2019 15:45:35 GMT
server: AmazonS3
etag: "0ac70c6a5de910a09be49cfefd77c771"
x-amz-version-id: 5wXGiWTByEVk3DSg02L19x7h8A..ke3l
via: 1.1 c25bc16c1238c23c74267a81302a62f8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: VbpdXJ89Nr2hzJ1Ngcw68ddxlNDOg1zt_S_GyKhyv_VKjlW7g2l2rQ==

GET
H2 200 launch-EN0655178b63a1496ab02060384481db37.min.js Show response
assets.adobedtm.com/ 553 KB
96 KB 25ms
6ms Script
application/x-javascript 2a02:26f0:7100:491::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN0655178b63a1496ab02060384481db37.min.js
Requested by: Host: www.westernunion.com
URL: https://www.westernunion.com/staticassets/app-92c81ae1310686248988.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:491::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3e5c530b4c9d00ca05dfe4435336681ca997fcc7c32acab73616cca022befa87

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:35 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 15:02:16 GMT
server: AkamaiNetStorage
etag: "b68c154a372b6082067123c96390ba06:1613142136.617477"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.westernunion.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 97593
expires: Thu, 18 Feb 2021 22:19:35 GMT

GET
H2 200 ae.js Show response
ws.audioeye.com/ 12 KB
5 KB 399ms
132ms Script
text/javascript 65.9.20.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.audioeye.com/ae.js
Requested by: Host: www.westernunion.com
URL: https://www.westernunion.com/staticassets/app-92c81ae1310686248988.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.20.74 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 247123f99d26081a7eddce9e90e0e07bb3dea826851dd3dda8b3ace64d891f72

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 01:06:21 GMT
content-encoding: gzip
age: 677595
x-cache: Hit from cloudfront
content-length: 4750
access-control-allow-origin: *
last-modified: Thu, 11 Feb 2021 01:05:50 GMT
server: Apache
etag: "3126-5bb051ed60e5c-gzip"
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 3b241d28b74f1afdcb7ac9fb7109cff1.cloudfront.net (CloudFront)
cache-control: max-age=1800, must-revalidate, public
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
x-amz-cf-id: K6ynlVKADpplyIpJSf209b6o9Rd9og15N2Gin2xcHguhNW7-e0_lSg==

GET
H/1.1 200
OK branch-latest.min.js Show response
cdn.branch.io/ 78 KB
24 KB 600ms
222ms Script
text/javascript 13.226.159.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: www.westernunion.com
URL: https://www.westernunion.com/staticassets/app-92c81ae1310686248988.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-53.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ff0169292598bec1751fce80d0024e2c9e55c406b7456ef3aefae30bf3a4efb

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: c7Vvzbb8uKgHcC4eD_pqp123QB.GvKI.
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 19 Nov 2020 17:43:28 GMT
Server: AmazonS3
Age: 59
ETag: "d4ba055ba82c0baa510053e92eb83211"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
Cache-Control: max-age=300
Date: Thu, 18 Feb 2021 21:18:37 GMT
X-Amz-Cf-Pop: DUS51-C1
Content-Length: 23541
X-Amz-Cf-Id: 4nil8PCt3E7nzdD3wpknJSnZYy1S_cpRkuxKJA8e3tnTXJz8XE4ZtQ==

POST
H2 200 list.optimus.json Show response
www.westernunion.com/megatron/ 5 KB
4 KB 685ms
685ms XHR
application/json 184.31.84.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernunion.com/megatron/list.optimus.json

Requested by

Host: www.westernunion.com
URL: https://www.westernunion.com/etc/clientlibs/westernunion/wu_common.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.84.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-31-84-98.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

3c29f308c4bc98bb40c70a2b8e0f530866ebed1049c6c9b1bd7378080d866ca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-edgeconnect-origin-mex-latency: 503
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0
mpulse_origin_time: 503
vary: Accept-Encoding
content-length: 2454
x-xss-protection: 1; mode=block
server: Apache
mpulse_cdn_cache: MISS
date: Thu, 18 Feb 2021 21:19:36 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=7181
access-control-allow-credentials: false
access-control-allow-headers: *
expires: Thu, 18 Feb 2021 23:19:17 GMT

GET
H2 200 521f4809-fc8f-46b5-986a-d3b8da4f60e0.json Show response
cdn.cookielaw.org/consent/521f4809-fc8f-46b5-986a-d3b8da4f60e0/ 4 KB
2 KB 25ms
13ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/521f4809-fc8f-46b5-986a-d3b8da4f60e0/521f4809-fc8f-46b5-986a-d3b8da4f60e0.json

Requested by

Host: www.westernunion.com
URL: https://www.westernunion.com/etc/clientlibs/westernunion/wu_common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d55a0123a427c8f233aff89da38ee9c3f2c52a0bc03360daff0297d83c808513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 18 Feb 2021 21:19:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: wRiQXAFyta22B7m6NU30qg==
age: 740
vary: Accept-Encoding
content-length: 1511
cf-request-id: 08589c4a8000004aa3cdab7000000001
x-ms-lease-status: unlocked
last-modified: Wed, 25 Nov 2020 16:10:42 GMT
server: cloudflare
etag: 0x8D8915CA88757C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2387cdec-d01e-001b-504b-c3f674000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 623ac98a6d554aa3-FRA

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AACD3BC75245B4940A490D4D%40AdobeOrg&d_nsid=0&ts=1613683176108
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AACD3BC75245B4940A490D4D%40AdobeOrg&d_nsid=0&ts=1613683176108

371 B
1 KB

239ms
239ms

XHR
application/json

34.255.145.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AACD3BC75245B4940A490D4D%40AdobeOrg&d_nsid=0&ts=1613683176108

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.255.145.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-255-145-192.eu-west-1.compute.amazonaws.com

Software

Resource Hash

4af946a68be9cc8e027f7c6cd0cd36789551cecaa412bbeae174495540e3684f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-07b8aad13.edge-irl1.demdex.com 5.80.6.20210202104731 4ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: p+lMk9amSUk=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.westernunion.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 304
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.westernunion.com
X-TID: fVppaRbERNU=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AACD3BC75245B4940A490D4D%40AdobeOrg&d_nsid=0&ts=1613683176108
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 EX23cb40c4e3f84ee8b47b01e2ef5659be-libraryCode_source.min.js Show response
assets.adobedtm.com/a2f2368b1fb5/0e7d39ba9fe5/f201c9c676eb/ 59 KB
20 KB 7ms
6ms Script
application/x-javascript 2a02:26f0:7100:491::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a2f2368b1fb5/0e7d39ba9fe5/f201c9c676eb/EX23cb40c4e3f84ee8b47b01e2ef5659be-libraryCode_source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN0655178b63a1496ab02060384481db37.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:491::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e16393e6cbce84c1ce4199255cc5b5a3ba8909886bd56fc931131e877f0af6f3

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:36 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 15:02:17 GMT
server: AkamaiNetStorage
etag: "2fefcda0d0e2430a545f6c610d87ae69:1613142137.325616"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.westernunion.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 20658
expires: Thu, 18 Feb 2021 22:19:36 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 197 B
551 B 39ms
26ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b25aa5eb92fee08d51add083e5c4fa22516e9d1ab61179734fbb1e27fb7f8063

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:36 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 623ac98aeb074e74-FRA
cf-request-id: 08589c4ace00004e7490b25000000001

GET
H2 200 RC3f3bcf0697ef43fe9e86426017a51c6e-source.min.js Show response
assets.adobedtm.com/a2f2368b1fb5/0e7d39ba9fe5/f201c9c676eb/ 742 B
604 B 8ms
8ms Script
application/x-javascript 2a02:26f0:7100:491::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a2f2368b1fb5/0e7d39ba9fe5/f201c9c676eb/RC3f3bcf0697ef43fe9e86426017a51c6e-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN0655178b63a1496ab02060384481db37.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:491::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f46490fa0055e0637c9793f738590a7a8f6fabc658e5be95eceddf4bdc9f6bfb

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:36 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 15:02:17 GMT
server: AkamaiNetStorage
etag: "2fefcda0d0e2430a545f6c610d87ae69:1613142137.325616"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.westernunion.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 335
expires: Thu, 18 Feb 2021 22:19:36 GMT

GET
H2 200 RC66e8111bc14b4369b4fcd21398361d8d-source.min.js Show response
assets.adobedtm.com/a2f2368b1fb5/0e7d39ba9fe5/f201c9c676eb/ 965 B
822 B 21ms
20ms Script
application/x-javascript 2a02:26f0:7100:491::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a2f2368b1fb5/0e7d39ba9fe5/f201c9c676eb/RC66e8111bc14b4369b4fcd21398361d8d-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN0655178b63a1496ab02060384481db37.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:491::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f40b7fdefd10ef911f49890b7836bccc0e8bf0fa2ad243b64d9866b6131d14e1

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:36 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 15:02:17 GMT
server: AkamaiNetStorage
etag: "2fefcda0d0e2430a545f6c610d87ae69:1613142137.325616"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.westernunion.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 553
expires: Thu, 18 Feb 2021 22:19:36 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.9.0/ 341 KB
74 KB 21ms
21ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a13b93c05af6ec6255b737032aa3f5d1f4823ed2d57d12c0735bd2c4adc8efc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 18 Feb 2021 21:19:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 56jOXvghU3RiFIKiZ2Zh+g==
age: 3379
vary: Accept-Encoding
content-length: 75725
cf-request-id: 08589c4af700002c568ca11000000001
x-ms-lease-status: unlocked
last-modified: Fri, 20 Nov 2020 16:34:12 GMT
server: cloudflare
etag: 0x8D88D721D404CB2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f438b215-601e-008a-3a2c-0462c5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 623ac98b2b642c56-FRA

GET
H2 200 RC803dede4560f4a0084da2fd650e086f7-source.min.js Show response
assets.adobedtm.com/a2f2368b1fb5/0e7d39ba9fe5/f201c9c676eb/ 87 KB
12 KB 25ms
25ms Script
application/x-javascript 2a02:26f0:7100:491::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a2f2368b1fb5/0e7d39ba9fe5/f201c9c676eb/RC803dede4560f4a0084da2fd650e086f7-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN0655178b63a1496ab02060384481db37.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:491::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 6dd34bcd843921910bf673b51265074fad8a99e76b22062d3176a4735a6c383c

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:36 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 15:02:17 GMT
server: AkamaiNetStorage
etag: "2fefcda0d0e2430a545f6c610d87ae69:1613142137.325616"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.westernunion.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 11893
expires: Thu, 18 Feb 2021 22:19:36 GMT

GET
H/1.1

200
OK

results.txt Show response
yjrwsyyccc5esybo3hua-p2a70y-6786203f2-clientnsv4-s.akamaihd.net/eum/ Frame 2EE8
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p2a70y9wf
https://yjrwsyyccc5esybo3hua-p2a70y-6786203f2-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

547ms
151ms

XHR
text/plain

2.16.186.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://yjrwsyyccc5esybo3hua-p2a70y-6786203f2-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-73.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Feb 2021 21:19:37 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://yjrwsyyccc5esybo3hua-p2a70y-6786203f2-clientnsv4-s.akamaihd.net/eum/results.txt
Date: Thu, 18 Feb 2021 21:19:36 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
fiaqj6absjkbikqce3ygyaaaabqc5wpi-p2a70y-e5c59a9be-clienttons-s.akamaihd.net/eum/ Frame 2EE8
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p2a70y9wf
https://fiaqj6absjkbikqce3ygyaaaabqc5wpi-p2a70y-e5c59a9be-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

51ms
6ms

XHR
text/plain

2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://fiaqj6absjkbikqce3ygyaaaabqc5wpi-p2a70y-e5c59a9be-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Feb 2021 21:19:36 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://fiaqj6absjkbikqce3ygyaaaabqc5wpi-p2a70y-e5c59a9be-clienttons-s.akamaihd.net/eum/results.txt
Date: Thu, 18 Feb 2021 21:19:36 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H2 200 fr.json Show response
cdn.cookielaw.org/consent/521f4809-fc8f-46b5-986a-d3b8da4f60e0/d107b0b2-00b2-4fb3-a7cc-6e7203ad23b7/ 67 KB
15 KB 13ms
13ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/521f4809-fc8f-46b5-986a-d3b8da4f60e0/d107b0b2-00b2-4fb3-a7cc-6e7203ad23b7/fr.json

Requested by

Host: www.westernunion.com
URL: https://www.westernunion.com/etc/clientlibs/westernunion/wu_common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20d8b250ec45f805905b45904c2af21a8eabb53b7605a22f439e03295e9c7378

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 18 Feb 2021 21:19:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 17LBOYpr9jywGFNRITfXtg==
age: 4324
vary: Accept-Encoding
content-length: 15520
cf-request-id: 08589c4b1700004aa3d0215000000001
x-ms-lease-status: unlocked
last-modified: Wed, 25 Nov 2020 16:11:03 GMT
server: cloudflare
etag: 0x8D8915CB4ED4126
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2b758ef0-001e-00de-50f9-05884f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 623ac98b5ee14aa3-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-3388366

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c2b85d4a6280154ad8a52c0f3c5427a421a47355f25c47fbdfe7a06e12a10534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39310
x-xss-protection: 0
last-modified: Thu, 18 Feb 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Feb 2021 21:19:36 GMT

GET
H2 200 RC23e21490883c4ce29fc9a5a0bfaa0c3e-source.min.js Show response
assets.adobedtm.com/a2f2368b1fb5/0e7d39ba9fe5/f201c9c676eb/ 891 B
785 B 16ms
16ms Script
application/x-javascript 2a02:26f0:7100:491::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a2f2368b1fb5/0e7d39ba9fe5/f201c9c676eb/RC23e21490883c4ce29fc9a5a0bfaa0c3e-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN0655178b63a1496ab02060384481db37.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:491::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2010e7735dce8a66a473c80a4119804452443c1c736af42bbc265823cd88ac07

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:19:36 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 15:02:17 GMT
server: AkamaiNetStorage
etag: "2fefcda0d0e2430a545f6c610d87ae69:1613142137.325616"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.westernunion.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 516
expires: Thu, 18 Feb 2021 22:19:36 GMT

GET
H2 200 otFloatingRoundedIcon.json Show response
cdn.cookielaw.org/scripttemplates/6.9.0/assets/ 15 KB
4 KB 17ms
14ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.9.0/assets/otFloatingRoundedIcon.json

Requested by

Host: www.westernunion.com
URL: https://www.westernunion.com/etc/clientlibs/westernunion/wu_common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28fa791c054cd6ef97d9066f083450179086d6077a0a979514099e3ae83a53d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 18 Feb 2021 21:19:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Gy6MZb5F7xFYoq+YsIec9Q==
age: 4856
vary: Accept-Encoding
content-length: 4060
cf-request-id: 08589c4b4b00004aa370834000000001
x-ms-lease-status: unlocked
last-modified: Fri, 20 Nov 2020 16:34:04 GMT
server: cloudflare
etag: 0x8D88D72183345F2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: d70d93b1-101e-0042-3524-04f3f2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 623ac98baf524aa3-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.9.0/assets/v2/ 46 KB
11 KB 13ms
12ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.9.0/assets/v2/otPcCenter.json

Requested by

Host: www.westernunion.com
URL: https://www.westernunion.com/etc/clientlibs/westernunion/wu_common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5dbd2985ef2d22745931d04bb5d212624b46d3f79458331e8625a7c2e61b287

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 18 Feb 2021 21:19:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: SyeN6ChPWcrwm5vVybzGmw==
age: 3313
vary: Accept-Encoding
content-length: 11368
cf-request-id: 08589c4b4c00004aa379056000000001
x-ms-lease-status: unlocked
last-modified: Fri, 20 Nov 2020 16:34:05 GMT
server: cloudflare
etag: 0x8D88D721902A23F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: dfdf8f3a-e01e-0135-7f45-f130e6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 623ac98baf534aa3-FRA

GET
H2 200 loader.js Show response
wsv3cdn.audioeye.com/scripts/ 730 KB
202 KB 441ms
173ms Script
text/javascript 65.9.20.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/scripts/loader.js?r=westernunion.com&d=www.westernunion.com&lang=fraudawareness-EN&cb=20210210b&pscb=54caa5ed1c78fa726e6264825207a8bc
Requested by: Host: ws.audioeye.com
URL: https://ws.audioeye.com/ae.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.20.107 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 0a9d4ce21a8230df52319bcbe95e615073cae3bc2610d5e889cc54c234af047c

Request headers

Origin: https://www.westernunion.com
Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 18:51:52 GMT
content-encoding: gzip
last-modified: Fri, 01 Jan 2021 03:13:15 GMT
server: Apache
x-amz-cf-pop: ZAG50-C1
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800, max-stale=3600, stale-while-revalidate=3600, must-revalidate, public
x-amz-cf-id: 9U0SpZXhyl6PYDO9FSUbj1RvEqNzuHfLPtsychsLilioSsgVJ1VxiQ==
via: 1.1 924bf9febd74cef2bda62c15c8441e00.cloudfront.net (CloudFront)

GET
H2 200 wuDataAccess.min.js Show response
www.westernunion.com/staticassets/scripts/vendors/ 59 KB
13 KB 198ms
198ms Script
application/javascript 184.31.84.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernunion.com/staticassets/scripts/vendors/wuDataAccess.min.js

Requested by

Host: www.westernunion.com
URL: https://www.westernunion.com/staticassets/app-92c81ae1310686248988.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.84.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-31-84-98.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

fde930b7f210aadce8630a56f2f7a875b7a14ee900f58dc35a44327e2bf0df0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 103, 103, 103, 103, 103, 103
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: br
etag: "9fe882cd60393d7709fc9b3ff0300e1d-gzip"
x-amz-cf-pop: IAD66-C2
x-edgeconnect-midmile-rtt: 43, 44, 43, 162, 43, 44
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=5
content-length: 11510
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Feb 2021 06:33:55 GMT
server: Akamai Resource Optimizer
date: Thu, 18 Feb 2021 21:19:36 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: W5btwicD6_Wz3bc1I74RXw764iVyardYJOWgjQ6omKYqe2OQIsujVQ==
expires: Sat, 20 Mar 2021 21:19:36 GMT

POST
H2 204 /
686eb704.akstat.io/ 0
206 B 67ms
46ms Other
image/gif 2a02:26f0:7100:199::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://686eb704.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/T8GD4-PXVWR-9MW97-GAT7V-FQG35

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:7100:199::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 21:19:36 GMT
content-type: image/gif
access-control-allow-origin: https://www.westernunion.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Thu, 18 Feb 2021 21:19:36 GMT

GET
H/1.1 200
OK _r Show response
app.link/ 90 B
741 B 183ms
160ms Script
text/javascript 2600:9000:2182:fe00:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.57.1&branch_key=key_live_eaeHYdsFTWam0CLodWJ6SjlcxugvlRh2&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:fe00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty / Express

Resource Hash

edcbe27bcf9d45559b1fa59b97f07e31858c8bd310670bc2735b1d9bb22c788d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Feb 2021 21:19:36 GMT
Via: 1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Server: openresty
X-Amz-Cf-Pop: DUS51-C1
X-Powered-By: Express
X-Cache: Miss from cloudfront
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 90
ETag: W/"5a-67vkTsXGPT249XqIsiZskh5ab/I"
X-Amz-Cf-Id: UdIpaDp56tta6w62FSbkstjLa9KOIeMLCYQl3NlcvjOXC24xBx8vMw==

POST
H2 200 / Show response
api.amplitude.com/ 7 B
168 B 928ms
328ms XHR
text/html 34.218.96.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: www.westernunion.com
URL: https://www.westernunion.com/etc/clientlibs/westernunion/wu_common.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.218.96.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-218-96-104.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 18 Feb 2021 21:19:37 GMT
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

POST
H2 200 open Show response
api2.branch.io/v1/ 306 B
621 B 191ms
168ms XHR
application/json 2600:9000:2182:1600:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/open
Requested by: Host: www.westernunion.com
URL: https://www.westernunion.com/etc/clientlibs/westernunion/wu_common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:1600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 86c867bf4352af0608e8ad7b0eff3ebb503bb5b465219dec236738683fdbd973

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 18 Feb 2021 21:19:36 GMT
via: 1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: f6bf1bc56a3c40c497b02e2f9e72410c-2021021821
content-length: 306
x-amz-cf-id: h_5IeCy7uWcuwhysZOq9kY4IKLyYpd5BegMupMHGDY9MSyHNNMPKpw==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
387 B 340ms
340ms XHR
application/json 2600:9000:2182:1600:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: www.westernunion.com
URL: https://www.westernunion.com/etc/clientlibs/westernunion/wu_common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:1600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 18 Feb 2021 21:19:37 GMT
via: 1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: e0ed3397b7494d639b26fdce8fb24258-2021021821
content-length: 28
x-amz-cf-id: r9VjUbuhgeausu8j5GBv1Eip6Q9by510s3dtZMsgux_CYE-7DoPrmg==

GET
H/1.1 200
OK Cookie set dest5.html Show response
westernunion.demdex.net/ Frame 20AF 7 KB
3 KB 903ms
233ms Document
text/html 52.212.209.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://westernunion.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN0655178b63a1496ab02060384481db37.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.209.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-209-68.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: westernunion.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=17756740288073763982252106156309755606
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 11 Feb 2021 14:59:27 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=17756740288073763982252106156309755606;Path=/;Domain=.demdex.net;Expires=Tue, 17-Aug-2021 21:19:37 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: fz8mm7CQQdY=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
smetrics.westernunion.com/ 48 B
516 B 688ms
225ms XHR
application/x-javascript 15.237.76.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.westernunion.com/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=AACD3BC75245B4940A490D4D%40AdobeOrg&mid=14011244557368089231482999044856704259&ts=1613683177166

Requested by

Host: www.westernunion.com
URL: https://www.westernunion.com/etc/clientlibs/westernunion/wu_common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a8ebfa3844ee16f05766b4d3fef219978343b3d9f7a6417137adb65d2dcd695a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 18 Feb 2021 21:19:37 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-5955cb7dcf-5z7p9
vary: Origin
x-c: main-1422.I3bac54.M0-478
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.westernunion.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=17756740288073763982252106156309755606
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YC7Z6QAAAI7mXDtJ
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YC7Z6QAAAI7mXDtJ

42 B
915 B

262ms
262ms

Image
image/gif

34.255.145.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YC7Z6QAAAI7mXDtJ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.255.145.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-255-145-192.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-067649fb0.edge-irl1.demdex.com 5.80.6.20210202104731 1ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: 0xR4FlyTS1g=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: zkg+rxTVSks=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YC7Z6QAAAI7mXDtJ
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cookieStorage.html Show response
wsv3cdn.audioeye.com/frame/ Frame 7ECF 1 KB
934 B 483ms
160ms Document
text/html 65.9.20.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/frame/cookieStorage.html?build=prod&pscb=54caa5ed1c78fa726e6264825207a8bc
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/scripts/loader.js?r=westernunion.com&d=www.westernunion.com&lang=fraudawareness-EN&cb=20210210b&pscb=54caa5ed1c78fa726e6264825207a8bc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.20.107 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: deb2ca300962cf7e3d53cd14bcfe4b483b04081e97151b54c0dab3d5902a36c4

Request headers

:method: GET
:authority: wsv3cdn.audioeye.com
:scheme: https
:path: /frame/cookieStorage.html?build=prod&pscb=54caa5ed1c78fa726e6264825207a8bc
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793

Response headers

content-type: text/html; charset=UTF-8
content-length: 615
cache-control: public, max-age=365000000, immutable
content-encoding: gzip
date: Sat, 02 Jan 2021 21:00:27 GMT
server: Apache
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9616c9d248a84b00a499563db915c53b.cloudfront.net (CloudFront)
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: 56SzEk3npsSynoQO1pilVyyqI5AVwdRdCZGJQjAMFhhoZfotv8icsQ==
age: 4061950

POST
H2 200 send
analytics.audioeye.com/p/v0/ 44 B
400 B 606ms
297ms Other
application/json 13.224.193.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.audioeye.com/p/v0/send
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/scripts/loader.js?r=westernunion.com&d=www.westernunion.com&lang=fraudawareness-EN&cb=20210210b&pscb=54caa5ed1c78fa726e6264825207a8bc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-86.fra2.r.cloudfront.net
Software: /
Resource Hash: 264a9a3fa2fe11c43ece039b85e14387bd5a7a2b2275cc927ad4a4691d9c1986

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 18 Feb 2021 21:19:37 GMT
via: 1.1 d8328954e51c0912a8419c1a67cea1dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: 3a280038-36ad-4691-b83f-3245a7c9b46b
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-602ed9e9-61f8bc3c627e14255861ac94
x-amz-apigw-id: a9b8iEoevHcF7tg=
content-length: 44
x-amz-cf-id: jFdDqTO1HNZKGR8LNjvnXiBrNLWS3sClNpRm1HXytim-3B-8_ESb7w==

POST
H2 200 / Show response
api.amplitude.com/ 7 B
167 B 320ms
320ms XHR
text/html 34.218.96.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: www.westernunion.com
URL: https://www.westernunion.com/etc/clientlibs/westernunion/wu_common.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.218.96.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-218-96-104.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 18 Feb 2021 21:19:37 GMT
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H2 200 aggregate.css
wsv3cdn.audioeye.com/css/ 35 KB
7 KB 187ms
187ms Stylesheet
text/css 65.9.20.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/css/aggregate.css?files=default|core&cb=20210210b
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/scripts/loader.js?r=westernunion.com&d=www.westernunion.com&lang=fraudawareness-EN&cb=20210210b&pscb=54caa5ed1c78fa726e6264825207a8bc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.20.107 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: d04880e3b5ea2be0ba7b565ecf46a3dddc794590912cbcdbab3b6cab9ffdcdc8

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 01:07:21 GMT
content-encoding: gzip
server: Apache
age: 677536
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css;charset=UTF-8
via: 1.1 9616c9d248a84b00a499563db915c53b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZAG50-C1
content-length: 7296
x-amz-cf-id: MQV0zqU-D_iHSDph99-5DpCKbNG4moetd60-__lQjt1hHdISQkib6w==

GET
H2 200 launcher.css
wsv3cdn.audioeye.com/css/ 13 KB
3 KB 190ms
190ms Stylesheet
text/css 65.9.20.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/css/launcher.css?cb=20210210b
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/scripts/loader.js?r=westernunion.com&d=www.westernunion.com&lang=fraudawareness-EN&cb=20210210b&pscb=54caa5ed1c78fa726e6264825207a8bc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.20.107 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: d96fac131e66a32f876270d131ac42e6c44bbb6b9cef9aa9cec55ecce25fa4ec

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 01:43:44 GMT
content-encoding: gzip
last-modified: Wed, 13 Jan 2021 17:49:07 GMT
server: Apache
age: 70553
etag: "33a8-5b8cbc1807214-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 9616c9d248a84b00a499563db915c53b.cloudfront.net (CloudFront)
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
content-length: 2502
x-amz-cf-id: b_fAyr9ihZwd_Y88xvo7eZULauOEThUVEqVgT5ezZu5rwnSudO76nQ==

GET
H2 200 launcher_icons.ttf
wsv3cdn.audioeye.com/fonts/ 2 KB
2 KB 185ms
184ms Font
font/ttf 65.9.20.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/fonts/launcher_icons.ttf
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/css/launcher.css?cb=20210210b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.20.107 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 6d5a37ea48fe09f4567aa23356a9fb81104a2a317cc6cb2c8db33a7bed701f23

Request headers

Origin: https://www.westernunion.com
Referer: https://wsv3cdn.audioeye.com/css/launcher.css?cb=20210210b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:08:31 GMT
content-encoding: gzip
last-modified: Tue, 04 Oct 2016 03:43:48 GMT
server: Apache
age: 61867
etag: "8f4-53e01de408d8d-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/ttf
access-control-allow-origin: *
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
content-length: 1347
via: 1.1 924bf9febd74cef2bda62c15c8441e00.cloudfront.net (CloudFront)
x-amz-cf-id: jHLHKVCkIjXvkiTJZOlEQsd1Nq7xS_nZq22Rn20OI16CIQa_IOmYxQ==

POST
H2 200 send
analytics.audioeye.com/p/v0/ 44 B
401 B 328ms
328ms Other
application/json 13.224.193.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.audioeye.com/p/v0/send
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/scripts/loader.js?r=westernunion.com&d=www.westernunion.com&lang=fraudawareness-EN&cb=20210210b&pscb=54caa5ed1c78fa726e6264825207a8bc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-86.fra2.r.cloudfront.net
Software: /
Resource Hash: 264a9a3fa2fe11c43ece039b85e14387bd5a7a2b2275cc927ad4a4691d9c1986

Request headers

Referer: https://www.westernunion.com/us/en/fraudawareness/fraud-home.html?src=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rmid=ProjectsUS_Email_ALL_ALL_ReferaFriendNonOpeners_Wave4_EN_NA_US&rrid=7000000000500074793
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 18 Feb 2021 21:19:38 GMT
via: 1.1 d8328954e51c0912a8419c1a67cea1dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: 8273e0de-c564-4254-8f2d-345aaea280c2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-602ed9ea-5d186b102dbc3da2068ac430
x-amz-apigw-id: a9b8pHwOvHcF11Q=
content-length: 44
x-amz-cf-id: 7wytqSEjkMjwY6cSAV5q-VN-eaOY17w3qv3qJ1T-UK_XWVE5t-5OwQ==

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame EDF7 28 B
168 B 24ms
24ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/LkYm2EWIPWg?rel=0
X-YouTube-Client-Version: 1.20210214.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtzN3hWSXBWcXRUMCjks7uBBg%3D%3D
X-YouTube-Ad-Signals: dt=1613683173211&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image&bid=ANyPxKp7v7SIgpAtmLJbrlUejfO4cFyt1M5bY37YAW7Pe7U_4E3nX54mf2QGSXF60N77pLFQqpV4Iuy3JMRmyPo58hDV8nqF-w

Response headers

date: Thu, 18 Feb 2021 21:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 18 Feb 2021 21:19:44 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame E388 28 B
293 B 18ms
18ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/uHLjBoc_yvo?rel=0
X-YouTube-Client-Version: 1.20210214.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtOY0pfX2RlVmpPQSjks7uBBg%3D%3D
X-YouTube-Ad-Signals: dt=1613683173271&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image&bid=ANyPxKqtqXABB_dx41hRQaEKT5LthAkoFP60sOT7HnxG-d6oOeg2J_d7WCWzGvc8GCoXrGGWzeNYNcsvJtYN6ByFMNSqy0Vleg

Response headers

date: Thu, 18 Feb 2021 21:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 18 Feb 2021 21:19:44 GMT

POST
H3-Q050 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 3199 28 B
305 B 20ms
20ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/o6ylvF8FWy0?rel=0
X-YouTube-Client-Version: 1.20210214.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtNV0xSVEtid3F0RSjks7uBBg%3D%3D
X-YouTube-Ad-Signals: dt=1613683173367&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image&bid=ANyPxKoc7JRz8_n1CwB8D9Fk7lEzGIgHPblxocS7tpx_HcJFRuxnjoCmsTzYDxL3wDh9scx28jM_DTUA7AlYkzvR9mllb2lTkQ

Response headers

date: Thu, 18 Feb 2021 21:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 18 Feb 2021 21:19:44 GMT

POST
H3-Q050 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 9437 28 B
125 B 23ms
23ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/MVhhy_E1184?rel=0
X-YouTube-Client-Version: 1.20210214.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtEUTRlNmtKTmVkYyjks7uBBg%3D%3D
X-YouTube-Ad-Signals: dt=1613683173402&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image&bid=ANyPxKq6qdKwNXbJlv_d3JXXMsGlTGRM26B9H9WkbZqYQHlbiVmKFjHeIYVZgVZl2k5ePZ7cbQ4SZUvr7YeT_qyi9ikaS5lcCQ

Response headers

date: Thu, 18 Feb 2021 21:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 18 Feb 2021 21:19:44 GMT

POST
H3-Q050 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame E5F2 28 B
125 B 23ms
23ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/s6UuKPGflO0?rel=0
X-YouTube-Client-Version: 1.20210214.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtoeF9EQmJ2YUVNOCjks7uBBg%3D%3D
X-YouTube-Ad-Signals: dt=1613683173336&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image&bid=ANyPxKr2RD4IkaELe3KRn2UEJvgnK7GZC_kcUlCT6yMSDJFyg5VipRFmifkJU3Ir59fEelegv2QuLAXwB9Cvg5R3EnccsG5lbw

Response headers

date: Thu, 18 Feb 2021 21:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 18 Feb 2021 21:19:44 GMT

POST
H3-Q050 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame C99B 28 B
125 B 17ms
17ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/WlitwKWbOFc?rel=0
X-YouTube-Client-Version: 1.20210214.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtmSl9xRWVfTDBFNCjks7uBBg%3D%3D
X-YouTube-Ad-Signals: dt=1613683173306&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image&bid=ANyPxKoa_n2BmYtfSyjLir_2pw1szScHBkYXI5Nbo8govMs6OBo_qEvX0IyUA-SkMCF4EgMNdaEWZe2HioaRgQmqqHQm7SBnIQ

Response headers

date: Thu, 18 Feb 2021 21:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 18 Feb 2021 21:19:44 GMT

Verdicts & Comments Add Verdict or Comment

325 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1970-01-19 20:33:55	Name: VISITOR_INFO1_LIVE Value: DQ4e6kJNedc
.westernunion.com/	1970-01-19 18:24:19	Name: WULanguageCookie_ Value: en
.westernunion.com/	1970-01-19 16:14:46	Name: AKA_A2 Value: A
.www.westernunion.com/	1969-12-31 23:59:59	Name: is_tablet Value: false
.westernunion.com/	1970-01-19 18:24:19	Name: AKCounty Value:
.westernunion.com/	1970-01-19 18:24:19	Name: AKCity Value: WARSAW
.westernunion.com/	1970-01-19 18:24:19	Name: AKZip Value:
.westernunion.com/	1970-01-19 18:24:19	Name: AKCountry Value: PL
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: sDcjem-iOP0
www.westernunion.com/	1970-01-19 16:14:44	Name: BIGipServerwudispatcher.westernunion.com Value: 838938378.36895.0000
.westernunion.com/	1970-01-20 01:00:40	Name: A4kgk7nd Value: AAkkA7d3AQAAnzRY6JROuRnI7Sz_kw8W4tgIPepVIVXNiy5Ggbu4vw4lkA0e\|1\|0\|45db8d8f6dc587d18becbaf218c9d2edbfd21635
.westernunion.com/	1970-01-19 18:24:19	Name: AKAreacode Value:
.www.westernunion.com/	1969-12-31 23:59:59	Name: is_mobile Value: false
.westernunion.com/	1970-01-19 16:24:47	Name: RT Value: "z=1&dm=westernunion.com&si=8fvgu5ly0z&ss=klbdaopx&sl=0&tt=0"
.westernunion.com/	1970-01-19 18:24:19	Name: AKRegioncode Value:
.www.westernunion.com/	1969-12-31 23:59:59	Name: resolution_width Value: 1280
.westernunion.com/	1970-01-20 01:00:19	Name: WUCountryCookie_ Value: US
.www.westernunion.com/	1970-01-19 16:24:47	Name: RT Value: "z=1&dm=www.westernunion.com&si=063dd697-f477-488a-9d71-62fdfafb13c4&ss=klbdamgf&sl=1&tt=4y1&bcn=%2F%2F686eb704.akstat.io%2F"
.westernunion.com/	1970-01-19 16:57:55	Name: A4kgk7nd_dc Value: %7B%22c%22%3A%20%22WnRrSEwzczZxeVpna3pmWA%3D%3D5aaNV8O6L0a5dmhw3WJ1cseko3gzAXLQGyzVrEWAxmbsc9CPXAunmvR3RT5VTnXJeR95pjrJ06eNNIv6UHGzui9OUGvH0AMnFw31ozwFLA%3D%3D%22%2C%20%22dc%22%3A%200%2C%20%22mf%22%3A%200%7D
.westernunion.com/	1969-12-31 23:59:59	Name: AK_TLS_Version Value: tls1.2
.www.westernunion.com/	1969-12-31 23:59:59	Name: resolution_height Value: 800

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.westernunion.com/staticassets/app-92c81ae1310686248988.js(Line 2) Message: Plugins loaded: onetrust \| amplitude \| WuDataEventCapture \| adobeLaunch \| audioEye \| branchIo \| md5
console-api	log	URL: https://www.westernunion.com/staticassets/app-92c81ae1310686248988.js(Line 2) Message: /staticassets/scripts/vendors/WUAnalyticEventCapture.js
console-api	log	URL: https://www.westernunion.com/staticassets/app-92c81ae1310686248988.js(Line 2) Message: Lazyload Images
console-api	log	URL: https://www.westernunion.com/etc/clientlibs/westernunion/wu_common.js?async(Line 1) Message:
console-api	error	URL: https://s.go-mpulse.net/boomerang/T8GD4-PXVWR-9MW97-GAT7V-FQG35(Line 16) Message: Adobe Launch thirdPartyConditionError : TypeError: Cannot read property 'indexOf' of undefined
console-api	log	URL: https://www.westernunion.com/staticassets/scripts/main.js(Line 1) Message: Country list is generated

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

686eb704.akstat.io
abs.twimg.com
analytics.audioeye.com
api.amplitude.com
api2.branch.io
app.link
assets.adobedtm.com
c.go-mpulse.net
cdn.amplitude.com
cdn.branch.io
cdn.cookielaw.org
cdn.syndication.twimg.com
cm.everesttech.net
content.zeronaught.com
dpm.demdex.net
em.westernunion.com
fiaqj6absjkbikqce3ygyaaaabqc5wpi-p2a70y-e5c59a9be-clienttons-s.akamaihd.net
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
pbs.twimg.com
platform.twitter.com
s.go-mpulse.net
smetrics.westernunion.com
static.doubleclick.net
syndication.twitter.com
ton.twimg.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
westernunion.demdex.net
ws.audioeye.com
wsv3cdn.audioeye.com
wu-api.zeronaught.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.westernunion.com
www.youtube.com
yjrwsyyccc5esybo3hua-p2a70y-6786203f2-clientnsv4-s.akamaihd.net
104.244.42.200
12.130.158.40
13.224.193.86
13.226.159.53
15.237.76.117
184.31.84.98
2.16.186.73
2001:4860:4802:32::15
2001:4860:4802:34::15
2600:9000:2182:1600:11:f728:3040:93a1
2600:9000:2182:fe00:19:9934:6a80:93a1
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:7ee2:97c:ab4c:6c70:be36
2606:2800:233:8173:898f:63b3:95c3:79d2
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6814:b944
2606:4700::6810:9540
2a00:1450:4001:809::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:813::2006
2a00:1450:4001:827::200e
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
2a02:26f0:64:699::11a6
2a02:26f0:6c00::210:ba13
2a02:26f0:6c00::210:ba22
2a02:26f0:7100:199::11a6
2a02:26f0:7100:491::1e80
34.218.96.104
34.255.145.192
34.255.166.243
52.212.209.68
65.9.20.107
65.9.20.74
65.9.23.178
016c09fb60485653b9988a15409d764758e84159e6996a5ae399043c657c591a
03a49af2c9bce6f9c71fa35c23691e83972dbacf7effed8942e8a076a6574dae
03f532fd40e8c186213f4dd7fe8b51d55bb63c7bbaebc568dce1a829082daa67
059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2
0651e9a718a6ce3d030e0086532dad8caf7571b961e311fda509a47d0ba4bd56
09dc188060a4bbb4f5c63aeddd178e1e102b6bf3c2364d543016d5366694d087
0a9d4ce21a8230df52319bcbe95e615073cae3bc2610d5e889cc54c234af047c
0bb6e7b0635beec7e4a62b47af72f70fffc07db9ad83716b5bfc14ba94c65fc3
0e22fb9158ea01dd16c6992f41d7d52df49758b8bb807c0e0048dbb67e600adc
0e541ae911731a219311f486f9de977a95434c090d4d8285cb193287a2de4349
11fc3f4ae99586ae01aec05dcf1954dc95024f8d63776d220a3b0187873e6eb0
1238601bbaf030632ccb76f5b7c32878152cf42159b7b82edbdbb6df57d42a1a
124ef99a3456a542ee0cb44576e6d619af8634d75bc8781094bf69c85241c41b
12b8044a0fd2b23063e8c64bd5ec876faea9a6cba7bebf9a780dd8ec6bd91358
180e31730a3b3208d55f0649ec681503ea5b205f8457f70f25bcb9f71846eddb
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
1e20cb26a57a8db23fb1d3f8b48452ee3921b0abd4e04a3222a07c3a2037e042
1edebdeeb793180e241eb0576c268f0a6d674b35683f85abaf1ae6171ac0ddce
2010e7735dce8a66a473c80a4119804452443c1c736af42bbc265823cd88ac07
20d8b250ec45f805905b45904c2af21a8eabb53b7605a22f439e03295e9c7378
21882ee973238f8706188d1b817069b3a13decfeb92b88f2d0ce87b1667cfc39
21bfbad7dfc6848e0c5f1a7fd6b8cbb75b80dadeaf71b2703dc78e89dbebbb7f
222a0741a8874f51bfeeaadd24eeec14ab7da8d53e06c491f448eaa14248aab5
247123f99d26081a7eddce9e90e0e07bb3dea826851dd3dda8b3ace64d891f72
25a6dd1ab3c07ad6b1f0f681a00176945209aa20007b1dab61012cfa83351f2f
264a9a3fa2fe11c43ece039b85e14387bd5a7a2b2275cc927ad4a4691d9c1986
280166f7fcdc3ffb209d074ce092b622d1ebb709b86450c7d018e6a8c60d3888
28868f709b6552c5c31cb9c8409ed05698947b934ac22ef232595ac925791f12
28fa791c054cd6ef97d9066f083450179086d6077a0a979514099e3ae83a53d7
2e291c96a77af5188ed2235a31ca2a33eef388bb4067130f5c97426513eb3355
32efa5ccd5bf8e71160960dfcba6c7ad1ce9673df59a3f03ee83fab2eb84d707
3472b01e522031bfc8d5b90050caae55bd05b34a26ec7d382e46aba5e0f95d84
35a48d8af12a27b7fdaab5b44d9c16050ab84381d4315503bf6219128ffc640c
37555d2a8631f6c69e94303caf2b0f844327688c004f02e7549f15834558c263
3995b75680b6c37d4afe866603b8ebb3920256947b56cd0beede880dffe82101
3c29f308c4bc98bb40c70a2b8e0f530866ebed1049c6c9b1bd7378080d866ca6
3e5c530b4c9d00ca05dfe4435336681ca997fcc7c32acab73616cca022befa87
3ff0169292598bec1751fce80d0024e2c9e55c406b7456ef3aefae30bf3a4efb
40ba4593ddea2d34844c23e5064814ae1113eb3191d04f14981480bd39318116
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
44fb0846f54a7c39c991fc36007a7b7a9bb5e9c030b290b73e0cb3a94fbd4918
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
459fa37ec2e52e3fec10f67b231343572e9aa3474ec7742318268979ea69a620
46bddda9c36038b2705662a1f8f153b11fcb7e63454442714c2f1625a5f73138
4af946a68be9cc8e027f7c6cd0cd36789551cecaa412bbeae174495540e3684f
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
5048b3bcd811837c767a9207a3df35bcb09c859849bef6e8a6c47e796bc6106f
51acacfa29a4836037ad7a3484b636a8d1adf06f44189818d07970054f4cb23a
55d81176f60ae1c16fdb3d3c047f4c8f350857a8281d3056ed596a93c0ffb0bb
5794d89af4a07cb2202b21149e577d50fefd4a8dc25e0a2d1d9ed71bfe75e831
5c0f79d0286f1fd3db48e1b689358017b302c0f4babde540329e8c644cf119c7
5ccdf5d349d1898f04c28c1ee09f980c5a805f1c08898fc0fdd9fe66b08f3346
5fde101736e6809d69f764d9c9b99f379359dc2979e81a6c2a1324d8c0d6d772
6109e8fab058603a1e83d35427f0f994937d00b9e19bc79e6cc919e01d4f3280
6241f1c87413383f1c3f85c4413bf787a66f69491171bf489bd429689f1448c1
62e5fc3b6c8ac8fcacea6fe67195b2ae6588ae95661af7da7c42b062e7acc98e
648f2e93eeb916922acc1de00811798cd6f09e60efa98fddb7af90a515c643cc
655825c0318f3e78f7c8c7310481c5b8b52be2c42717fdee36ac37e141db36f8
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
6802be08bf18395b2374916ac3f13b872934c792beac461ed1c42e2bcb5d0cab
68ac41278822b212aa883254358c92d474f1cd8622afce153d982ce90d8ec400
6a13b93c05af6ec6255b737032aa3f5d1f4823ed2d57d12c0735bd2c4adc8efc
6adcc1d95863cb1dbe604ba93fcf5f1a23bb3b17f6152871f5ee57c398823822
6cc3ed6ac6cff556e3fa6470eb90324d9624b44c577b446bfa107b10b8c21a98
6d5a37ea48fe09f4567aa23356a9fb81104a2a317cc6cb2c8db33a7bed701f23
6d74ad53e579fb1a225f8b9719881bc43ca509f073a0f17695d0352e27f90eb8
6dd34bcd843921910bf673b51265074fad8a99e76b22062d3176a4735a6c383c
72b5b6268dd50f5de44f3fe52d2613a9523f16c2d904bc2ea291b418a1bbd1f4
733cb6d23d17e898719635b1d35d6041a243aa41bfb2a266b9e7eddfa5a22e3f
782125d87eaf76dbc4e65c054ddc955f59664a073f85c8dad5d30ef838c420a0
79229c97c8f09b889426b3e814029c2fc082d3e0b9e058353751300e5cfefff2
7a4db64df90aa04b73770b2d10f0bebfd6ac68262d8a4463547b9f950cb1d27e
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8077f1a8fe8e7b6669b29f3cfe4bc8ed5e9086c0a2b149f1c027d4887482b1a8
828248fcd785b275541d1f2c175ca90ea1b6db9b95cd0074cc734cf8c2554b52
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
86c867bf4352af0608e8ad7b0eff3ebb503bb5b465219dec236738683fdbd973
8a005a01fda555fb9fe7c99436be38f0185405643d6dac4a48aa4ebeb41f367d
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8f91919592c300517780da4826169619cdeec2d760df69e07c0851e4df15a161
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
908ea214fcb01c7ec0092d17d313560a44c6340da2a5d4e837f7e6e85c871435
90df91d05c73113b2ee4eb5e021c9b83ab9a07b0de6aef0af999ee12e5a0dc6b
9463317b23e582336c95dfda2b34d75cb13fbaed0e81f3650eeb6271746953c1
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
9603537dcd7f7191cd5b247c02e9cd65bf2fc6d211240483b38158d51260a66f
999c693d3d1a3634ddf569765af9e7975fae15e4966e6a1e8406cab4d969ce0f
99adb384fd992660be76df488633e76fe86ed9bba2a7cdf143a97e03fc3ee94d
9e0232dc0a86894feed097d2a95bf2c6bc8898b6e549a8aceec9bcd4cfa538fa
9eb3c3bb2c26612057f694e17d3dd5dd7636f71a766ef7a23abeb83c814444b3
9f1ab04fc35dd8f538b131e7ecfa3ba6b61d959cde86f33f70de80c5e6471233
a07105aba194bc0b1f21993681f7b812b515b6fbd0fcbc36f4acc7d662c126f5
a2f0b593ae38b180be73973a82d04d8cf7ce0a473e62ae174a3db56cfeda27e0
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
a86fc3163d8dd4baaadbb64ed8d3f9e9e2e65a6a50bd7900d1ea32b5e7a9e07a
a8ebfa3844ee16f05766b4d3fef219978343b3d9f7a6417137adb65d2dcd695a
aa4d27e0d0c0172667e24d953344b058b7f16c6ef7dcc54a8910878f1d050cae
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b25aa5eb92fee08d51add083e5c4fa22516e9d1ab61179734fbb1e27fb7f8063
b702efb2adbdf8d3dc1995d41d7f40734dddedf665fe7eb36fcf405488423c92
b7482d38f8c22ab8d28afa4f61d19c2882a67c9391736fb4ccee6669bed09daf
b817964b237b97cd80071cae1194d0afc9778184fb5d4a0cfb0707d07d3a8902
bdf951565f9af76e74bdb8960f05f4f84ce47e9d03a3a21358a616262c5b08fd
c043e209b26776422fdd7a08a36a8d3a3298577f92401a463145d88ebfa93a01
c19bb7dab9960ad22e4b1c8000ada0e04c5c9c1c7a74d2e3f1de4a343c0381a5
c2b85d4a6280154ad8a52c0f3c5427a421a47355f25c47fbdfe7a06e12a10534
c2dee95e2b830683d9ee917426b24cdf4a6e06dbd90c4884801aa42fece6f4a8
c34f5c51cea0ee9e05108c79c404086a24b73fbecb0999654fc9116b4c4b755e
c4ffd0455cf50bc1683646dc77e7263d81cffad51f36d3c39b85a9848fb5a196
c9707e2bc994d97dce15ce405ea8a24d207249546130a84a51ecf68278925e59
cc78fb461d0ed75d1822dc62d9783ef7b88764257c3eb8b9616f0bab9331fd2d
cd1aeef7165d7a07b53d836d65d6fdc575af376bf425d8c6ce831ea983567abf
cd6034a552b3794bd62322dc1cb633fc44aa9d3ea9f3cfb8de37f551e36e0a7c
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
d04880e3b5ea2be0ba7b565ecf46a3dddc794590912cbcdbab3b6cab9ffdcdc8
d088058fb9e21d559def1816da8c4f41fabb59c9429ceae7263a8cca6f248730
d3fb76e9bb7631be2e8dbdf23acdb596f6d3d7e9b718aabb8158bb8bb052482c
d55a0123a427c8f233aff89da38ee9c3f2c52a0bc03360daff0297d83c808513
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d96fac131e66a32f876270d131ac42e6c44bbb6b9cef9aa9cec55ecce25fa4ec
daf26ae36691689ba351925b0171614e6d24efbe9f11ed45a8a1f51b774638c8
dd4b42f7c8ddeeedbc0e556a5da8b647fd08c56a2ac3540b1e5a6d9342ba5c4f
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
deb2ca300962cf7e3d53cd14bcfe4b483b04081e97151b54c0dab3d5902a36c4
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
e16393e6cbce84c1ce4199255cc5b5a3ba8909886bd56fc931131e877f0af6f3
e21bb75bd260f71b2e63b804458160df124f32c08b815fbc6997debc405723b8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cc2f7251c41ff1f4b2e07a3ccd074d21288160fbd9893f0f0e4fc62d2c63c5
e467b8b69e618db83b78ebc057348e7173da65b14cacb6dd828a049e69cfc723
e5636a0ac3c64848d9571ea7724476815b626d5b7f4af51fce054aafcbe6aa04
e6d76dfbbc0b00bb795388dc695e602f883426e99b36eb2ec5f6f37fd7f249fc
ea1e7d4389a3f1b8a5208738663f8d74f0219625847877fa8fb2b1697c9a0fa9
eb18c5e28a8ed1af4b52b3ba0bbc26b18044ea4b3c4a3f1e85893c31654b2307
edcbe27bcf9d45559b1fa59b97f07e31858c8bd310670bc2735b1d9bb22c788d
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f003001a164fc40eb7a767dcb8f36dce6ba51e3f6852f38f9400322dfa59f252
f0c9cd3e599c9dcebe68c273299c476f6631e9c4c8c544c387d9a9cfa6151757
f40b7fdefd10ef911f49890b7836bccc0e8bf0fa2ad243b64d9866b6131d14e1
f46490fa0055e0637c9793f738590a7a8f6fabc658e5be95eceddf4bdc9f6bfb
f5dbd2985ef2d22745931d04bb5d212624b46d3f79458331e8625a7c2e61b287
f7ba29a7ff93a6951e58701d2e224de26c2c60bdbe5e4db9de00a8db67c2c761
fb73d5d93057e64e297129d2873fdd0fb83ea5dea63bf77cd87e9041af59dbc7
fde930b7f210aadce8630a56f2f7a875b7a14ee900f58dc35a44327e2bf0df0e

www.westernunion.com Open in urlscan Pro 184.31.84.98 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

254 Requests

100 %HTTPS

61 %IPv6

21 Domains

39 Subdomains

34 IPs

4 Countries

7106 kBTransfer

20434 kBSize

21 Cookies

21 Outgoing links

Page URL History

Redirected requests

254 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.westernunion.com Open in urlscan Pro
184.31.84.98 Public Scan

Screenshot
Live screenshot

Full Image

254
Requests

100 %
HTTPS

61 %
IPv6

21
Domains

39
Subdomains

34
IPs

4
Countries

7106 kB
Transfer

20434 kB
Size

21
Cookies

254 HTTP transactions
7 data transactions