resources.cigna.com Open in urlscan Pro
34.193.254.111 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-...
Effective URL:
https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-...
Submission: On November 28 via api (November 28th 2022, 6:00:29 pm UTC) from US — Scanned from DE

Summary HTTP 101 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 33 IPs in 6 countries across 24 domains to perform 101 HTTP transactions. The main IP is 34.193.254.111, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is resources.cigna.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on February 7th 2022. Valid for: a year.

This is the only time resources.cigna.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	34.193.254.111 34.193.254.111	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
3	13.225.78.46 13.225.78.46	16509 (AMAZON-02) (AMAZON-02)
2	13.224.189.61 13.224.189.61	16509 (AMAZON-02) (AMAZON-02)
1	96.16.149.96 96.16.149.96	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1 3	192.29.202.153 192.29.202.153	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	34.202.57.97 34.202.57.97	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:20e... 2600:9000:20eb:d800:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
4	34.235.48.117 34.235.48.117	14618 (AMAZON-AES) (AMAZON-AES)
5	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
21	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:401... 2a00:1450:4014:1::c	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:23::a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
101	33

2 34.193.254.111 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-254-111.compute-1.amazonaws.com

resources.cigna.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

overpass-30e2.kxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.78.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-46.fra2.r.cloudfront.net

cdn.pathfactory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-61.fra2.r.cloudfront.net

cdn-app.pathfactory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.149.96 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-149-96.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.29.202.153 (Amsterdam, Netherlands) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

s1325061471.t.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.202.57.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-57-97.compute-1.amazonaws.com

jukebox.pathfactory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:d800:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.235.48.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-48-117.compute-1.amazonaws.com

spcollector.pathfactory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4014:1::c (Ireland)

ASN15169 (GOOGLE, US)

rr6---sn-2gb7sn7z.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:23::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr5---sn-4g5edndk.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	youtube.com www.youtube.com — Cisco Umbrella Rank: 93	912 KB
21	pathfactory.com cdn.pathfactory.com — Cisco Umbrella Rank: 156441 cdn-app.pathfactory.com — Cisco Umbrella Rank: 104554 jukebox.pathfactory.com — Cisco Umbrella Rank: 72567 spcollector.pathfactory.com — Cisco Umbrella Rank: 103597	820 KB
12	googlevideo.com rr6---sn-2gb7sn7z.googlevideo.com — Cisco Umbrella Rank: 414548 rr5---sn-4g5edndk.googlevideo.com — Cisco Umbrella Rank: 50066	3 MB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	268 B
5	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 stats.g.doubleclick.net — Cisco Umbrella Rank: 142 static.doubleclick.net — Cisco Umbrella Rank: 350	3 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 107 jnn-pa.googleapis.com — Cisco Umbrella Rank: 277	32 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	48 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 563 www.linkedin.com — Cisco Umbrella Rank: 550 px4.ads.linkedin.com — Cisco Umbrella Rank: 5838	4 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 165	217 KB
3	google.com www.google.com — Cisco Umbrella Rank: 16	15 KB
3	eloqua.com 1 redirects s1325061471.t.eloqua.com	2 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 237	7 KB
2	google.de www.google.de — Cisco Umbrella Rank: 3269	611 B
2	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1297	374 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 84	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 106	138 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1048	77 KB
2	cigna.com 1 redirects resources.cigna.com	17 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 665	392 B
1	t.co t.co — Cisco Umbrella Rank: 497	376 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1173	5 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 822	15 KB
1	en25.com img.en25.com — Cisco Umbrella Rank: 8603	3 KB
1	kxcdn.com overpass-30e2.kxcdn.com — Cisco Umbrella Rank: 206172	842 B
101	24

	Domain	Requested by
21	www.youtube.com	cdn-app.pathfactory.com www.youtube.com
12	jukebox.pathfactory.com	cdn-app.pathfactory.com
7	rr5---sn-4g5edndk.googlevideo.com	www.youtube.com
5	rr6---sn-2gb7sn7z.googlevideo.com	www.youtube.com
5	www.facebook.com	connect.facebook.net resources.cigna.com
4	jnn-pa.googleapis.com	www.youtube.com
4	spcollector.pathfactory.com	cdn-app.pathfactory.com
4	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	www.google.com	resources.cigna.com www.youtube.com
3	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com www.youtube.com
3	s1325061471.t.eloqua.com	1 redirects resources.cigna.com img.en25.com
3	cdn.pathfactory.com	resources.cigna.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	yt3.ggpht.com	www.youtube.com
2	fonts.gstatic.com	www.youtube.com
2	www.google.de	resources.cigna.com
2	px.ads.linkedin.com	2 redirects
2	cdn.linkedin.oribi.io	snap.licdn.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdn-app.pathfactory.com	resources.cigna.com
2	www.googletagmanager.com	resources.cigna.com
2	maxcdn.bootstrapcdn.com	resources.cigna.com maxcdn.bootstrapcdn.com
2	resources.cigna.com	1 redirects
1	static.doubleclick.net	www.youtube.com
1	analytics.twitter.com	resources.cigna.com
1	t.co	resources.cigna.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	px4.ads.linkedin.com	resources.cigna.com
1	www.linkedin.com	1 redirects
1	snap.licdn.com	resources.cigna.com
1	static.ads-twitter.com	resources.cigna.com
1	img.en25.com	resources.cigna.com
1	overpass-30e2.kxcdn.com	resources.cigna.com
1	fonts.googleapis.com	resources.cigna.com
101	34

This site contains links to these domains. Also see Links.

Domain
www.cignaglobal.com

Subject Issuer	Validity	Valid
resources.cigna.com Entrust Certification Authority - L1K	`2022-02-07` - `2023-02-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.kxcdn.com Thawte RSA CA 2018	`2022-07-28` - `2023-07-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.pathfactory.com Amazon	`2022-03-07` - `2023-04-04`	a year	crt.sh
*.en25.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-17` - `2023-07-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-07` - `2022-12-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.t.eloqua.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-29` - `2023-04-11`	a year	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-11-08` - `2023-01-17`	2 months	crt.sh

This page contains 2 frames:

Primary Page: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
Frame ID: EB0BF4CFEE72EFB1ECDF8128900585EC
Requests: 48 HTTP requests in this frame

Frame: https://www.youtube.com/embed/7CX6f68QVkc?autoplay=true&cc_load_policy=0&rel=0&start=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.cigna.com&widgetid=1
Frame ID: 80B6BD7260275649768D0E1C53C44CA3
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cigna Global Health Options - International Health & Wellbeing

Page URL History Show full URLs

https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaig... HTTP 302
https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaig... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

101
Requests

97 %
HTTPS

67 %
IPv6

24
Domains

34
Subdomains

33
IPs

6
Countries

5203 kB
Transfer

10281 kB
Size

26
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cignaglobal.com/country-guide#country-guide-Asia
Title: Asia

Search URL Search Domain Scan URL

URL: https://www.cignaglobal.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&lb_email=staci.austin%40americanfidelity.com&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284 HTTP 302
https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://s1325061471.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=1325061471&ref=https%3A%2F%2Fresources.cigna.com%2Fc%2Fcigna-global-health-options-international-health-and-wellbeing%3Futm_campaign%3Dim0594-gih-offers-country-specific-email%26utm_medium%3Demail%26utm_source%3DEloqua%26e%3Dae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95%26x%3DWOc6FN%26elqTrackId%3Db0e095e36fb34acbb64cafde129299a7%26elq%3D670b7104e7364269b72077472d200869%26elqaid%3D7300%26elqat%3D1%26elqCampaignId%3D5621%26elqcst%3D272%26elqcsid%3D1284&ref2=elqNone&tzo=0&ms=313&optin=disabled HTTP 302
https://s1325061471.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=1325061471&ref=https%3A%2F%2Fresources.cigna.com%2Fc%2Fcigna-global-health-options-international-health-and-wellbeing%3Futm_campaign%3Dim0594-gih-offers-country-specific-email%26utm_medium%3Demail%26utm_source%3DEloqua%26e%3Dae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95%26x%3DWOc6FN%26elqTrackId%3Db0e095e36fb34acbb64cafde129299a7%26elq%3D670b7104e7364269b72077472d200869%26elqaid%3D7300%26elqat%3D1%26elqCampaignId%3D5621%26elqcst%3D272%26elqcsid%3D1284&ref2=elqNone&tzo=0&ms=313&optin=disabled&elqCookie=1

Request Chain 23

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1870217&time=1669658422629&url=https%3A%2F%2Fresources.cigna.com%2Fc%2Fcigna-global-health-options-international-health-and-wellbeing%3Futm_campaign%3Dim0594-gih-offers-country-specific-email%26utm_medium%3Demail%26utm_source%3DEloqua%26e%3Dae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95%26x%3DWOc6FN%26elqTrackId%3Db0e095e36fb34acbb64cafde129299a7%26elq%3D670b7104e7364269b72077472d200869%26elqaid%3D7300%26elqat%3D1%26elqCampaignId%3D5621%26elqcst%3D272%26elqcsid%3D1284 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1870217%26time%3D1669658422629%26url%3Dhttps%253A%252F%252Fresources.cigna.com%252Fc%252Fcigna-global-health-options-international-health-and-wellbeing%253Futm_campaign%253Dim0594-gih-offers-country-specific-email%2526utm_medium%253Demail%2526utm_source%253DEloqua%2526e%253Dae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95%2526x%253DWOc6FN%2526elqTrackId%253Db0e095e36fb34acbb64cafde129299a7%2526elq%253D670b7104e7364269b72077472d200869%2526elqaid%253D7300%2526elqat%253D1%2526elqCampaignId%253D5621%2526elqcst%253D272%2526elqcsid%253D1284%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1870217&time=1669658422629&url=https%3A%2F%2Fresources.cigna.com%2Fc%2Fcigna-global-health-options-international-health-and-wellbeing%3Futm_campaign%3Dim0594-gih-offers-country-specific-email%26utm_medium%3Demail%26utm_source%3DEloqua%26e%3Dae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95%26x%3DWOc6FN%26elqTrackId%3Db0e095e36fb34acbb64cafde129299a7%26elq%3D670b7104e7364269b72077472d200869%26elqaid%3D7300%26elqat%3D1%26elqCampaignId%3D5621%26elqcst%3D272%26elqcsid%3D1284&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1870217&time=1669658422629&url=https%3A%2F%2Fresources.cigna.com%2Fc%2Fcigna-global-health-options-international-health-and-wellbeing%3Futm_campaign%3Dim0594-gih-offers-country-specific-email%26utm_medium%3Demail%26utm_source%3DEloqua%26e%3Dae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95%26x%3DWOc6FN%26elqTrackId%3Db0e095e36fb34acbb64cafde129299a7%26elq%3D670b7104e7364269b72077472d200869%26elqaid%3D7300%26elqat%3D1%26elqCampaignId%3D5621%26elqcst%3D272%26elqcsid%3D1284&liSync=true&e_ipv6=AQLJIXqVq4SWLgAAAYS_Za6mfW9R5Jk7EEp1W7sMRv0m_gU6CGbfvdqE1UQQ80Hvt1Ltdns4uyBNNxZblfksZbPIB4z3jA

Request Chain 63

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

101 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request cigna-global-health-options-international-health-and-wellbeing Show response
resources.cigna.com/c/
Redirect Chain

https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198a...
https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198a...

80 KB
17 KB

300ms
300ms

Document
text/html

34.193.254.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.254.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-254-111.compute-1.amazonaws.com

Software

Resource Hash

4648272207fa05ed93c9265280409cae81de1d13d38128f089f00ab5a9d99fe3

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-security-policy
content-type: text/html; charset=utf-8
date: Mon, 28 Nov 2022 18:00:22 GMT
etag: W/"4648272207fa05ed93c9265280409cae"
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin Accept-Encoding
x-content-type-options: nosniff
x-request-id: 7f2759b6-7b1d-45c0-b63a-254c8676d99b
x-runtime: 0.195520

Redirect headers

cache-control: no-cache
content-security-policy
content-type: text/html; charset=utf-8
date: Mon, 28 Nov 2022 18:00:21 GMT
location: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-request-id: 2a1b3ee6-8c03-4d77-907f-7602d8245649
x-runtime: 0.141629

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 43ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700|Lato:400,700

Requested by

Host: resources.cigna.com
URL: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

390aca4ba708128182c4802df7c4a1d3a85566b96bf2542caa3b4ea1f1507c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 28 Nov 2022 18:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 17:59:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Nov 2022 18:00:22 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/ 28 KB
7 KB 37ms
17ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 18:00:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 632, 617, 617
age: 4149869
cdn-cachedat: 2021-06-08 21:36:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0da3e6fa0421515cbcf5425517fc7012
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 771500b278c89b95-FRA
cdn-requestpullsuccess: True

GET
H2 200 overpass.css
overpass-30e2.kxcdn.com/ 6 KB
842 B 68ms
19ms Stylesheet
text/css 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://overpass-30e2.kxcdn.com/overpass.css
Requested by: Host: resources.cigna.com
URL: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: b25e835722ffbec8ab733d999dc194aa9ef7fcf00edc594e453f2823e0c65fb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 18:00:22 GMT
content-encoding: br
last-modified: Fri, 30 Dec 2016 09:56:37 GMT
server: keycdn-engine
x-edge-location: defr
etag: W/"58662f55-180e"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-headers: *
expires: Mon, 05 Dec 2022 18:00:22 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 242 KB
58 KB 39ms
15ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TVBBRP9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1bc20de172e3638583a479556fc7cde9419bfba68146e56a850361e6161cf9ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 18:00:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 59361
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 28 Nov 2022 18:00:22 GMT

GET
H2 200 4e87e6c4-a2b1-4ac7-9e73-b7dd3f3446d4.jpg
cdn.pathfactory.com/assets/10721/thumbnails/347828/ 189 KB
190 KB 389ms
131ms Image
image/jpeg 13.225.78.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pathfactory.com/assets/10721/thumbnails/347828/4e87e6c4-a2b1-4ac7-9e73-b7dd3f3446d4.jpg
Requested by: Host: resources.cigna.com
URL: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-46.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: daf81dbb695ef5ec2e72cef0cead0f8fa7bc322194655cd84a12271ae27f8a3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 18:00:21 GMT
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 15:57:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 1
x-amz-server-side-encryption: AES256
etag: "b26e1451c5b1cbc8e235786d24a3c4dd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=60, must-revalidate
accept-ranges: bytes
content-length: 193748
x-amz-cf-id: x_atKL-dIcQMZPREOKTHLMgKKl_nqCa47mTOM9D-hI-hLKrmBd8ZsQ==

GET
H2 200 tracks.js Show response
cdn-app.pathfactory.com/production/jukebox/current/ 2 MB
439 KB 75ms
33ms Script
text/javascript 13.224.189.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-app.pathfactory.com/production/jukebox/current/tracks.js?x=2
Requested by: Host: resources.cigna.com
URL: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-61.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a7524eebaf6c04d5e5ed8e12b5217e52649627c2d38b9c60e4dff44da0408e75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
date: Mon, 28 Nov 2022 06:28:15 GMT
last-modified: Wed, 23 Nov 2022 02:02:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 42880
etag: W/"fec4118ce5564be9a3781f554956351d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=43200
x-amz-cf-id: -S6bp29-P113wzml2PRBryKI4jBbmQlv8Zxwo7sdS_DBjDlAqtiUcQ==

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 72ms
24ms Script
application/x-javascript 96.16.149.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/elqCfg.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.149.96 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-149-96.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 18:00:22 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Mon, 03 Oct 2022 17:55:36 GMT
ETag: "ff37a05751d7d81:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Mon, 28 Nov 2022 18:00:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 59ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVBBRP9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 17:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2668
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 28 Nov 2022 19:15:54 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 225 KB
79 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NKRPF2C

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

226ed747aa9dba9ba2a76bb936e50f283e3d3c0a83a9a4bd6a8c6e53bf615014

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 18:00:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81106
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 28 Nov 2022 18:00:22 GMT

GET
H/1.1

200
OK

svrGP.aspx
s1325061471.t.eloqua.com/visitor/v200/
Redirect Chain

https://s1325061471.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=1325061471&ref=https%3A%2F%2Fresources.cigna.com%2Fc%2Fcigna-global-health-options-international-health-and-wellbeing%3Futm_campaign...
https://s1325061471.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=1325061471&ref=https%3A%2F%2Fresources.cigna.com%2Fc%2Fcigna-global-health-options-international-health-and-wellbeing%3Futm_cam...

49 B
448 B

1053ms
1052ms

Image
image/gif

192.29.202.153
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1325061471.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=1325061471&ref=https%3A%2F%2Fresources.cigna.com%2Fc%2Fcigna-global-health-options-international-health-and-wellbeing%3Futm_campaign%3Dim0594-gih-offers-country-specific-email%26utm_medium%3Demail%26utm_source%3DEloqua%26e%3Dae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95%26x%3DWOc6FN%26elqTrackId%3Db0e095e36fb34acbb64cafde129299a7%26elq%3D670b7104e7364269b72077472d200869%26elqaid%3D7300%26elqat%3D1%26elqCampaignId%3D5621%26elqcst%3D272%26elqcsid%3D1284&ref2=elqNone&tzo=0&ms=313&optin=disabled&elqCookie=1

Requested by

Protocol

HTTP/1.1

Server

192.29.202.153 Amsterdam, Netherlands, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Mon, 28 Nov 2022 18:00:22 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Mon, 28 Nov 2022 18:00:21 GMT
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
Location: https://s1325061471.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=1325061471&ref=https%3A%2F%2Fresources.cigna.com%2Fc%2Fcigna-global-health-options-international-health-and-wellbeing%3Futm_campaign%3Dim0594-gih-offers-country-specific-email%26utm_medium%3Demail%26utm_source%3DEloqua%26e%3Dae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95%26x%3DWOc6FN%26elqTrackId%3Db0e095e36fb34acbb64cafde129299a7%26elq%3D670b7104e7364269b72077472d200869%26elqaid%3D7300%26elqat%3D1%26elqCampaignId%3D5621%26elqcst%3D272%26elqcsid%3D1284&ref2=elqNone&tzo=0&ms=313&optin=disabled&elqCookie=1
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 742
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 26ms
10ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NKRPF2C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 28 Nov 2022 18:00:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27340
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: jA9yh6e8kqtQbHiIYOUvXao2MB8+p//R1OAaWZMeJmblUSBo6e5bFox8GrsSzLlvCqvkbGn1450UxFlm9kvGYw==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/440383784/ 3 KB
2 KB 86ms
54ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/440383784/?random=1669658422385&cv=11&fst=1669658422385&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fresources.cigna.com%2Fc%2Fcigna-global-health-options-international-health-and-wellbeing%3Futm_campaign%3Dim0594-gih-offers-country-specific-email%26utm_medium%3Demail%26utm_source%3DEloqua%26e%3Dae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95%26x%3DWOc6FN%26elqTrackId%3Db0e095e36fb34acbb64cafde129299a7%26elq%3D670b7104e7364269b72077472d200869%26elqaid%3D7300%26elqat%3D1%26elqCampaignId%3D5621%26elqcst%3D272%26elqcsid%3D1284&tiba=Cigna%20Global%20Health%20Options%20-%20International%20Health%20%26%20Wellbeing&auid=1742742672.1669658422&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NKRPF2C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e24d71c1baffc233161f458363d51605af4c6701940faa52af5003f59b7a90ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 18:00:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1116
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 67ms
15ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: resources.cigna.com
URL: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 18:00:22 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230057-FRA

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 54ms
17ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: resources.cigna.com
URL: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 18:00:22 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 18:52:45 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=78152
accept-ranges: bytes
content-length: 4581

OPTIONS
H2 200 page_views
jukebox.pathfactory.com/api/public/v1/ Frame 0
0 307ms
102ms Preflight 34.202.57.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jukebox.pathfactory.com/api/public/v1/page_views
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.57.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-57-97.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://resources.cigna.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://resources.cigna.com
access-control-expose-headers
access-control-max-age: 7200
date: Mon, 28 Nov 2022 18:00:22 GMT

GET
H/1.1 200
OK svrGP Show response
s1325061471.t.eloqua.com/visitor/v200/ 79 B
580 B 60ms
32ms Script
application/javascript 192.29.202.153
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://s1325061471.t.eloqua.com/visitor/v200/svrGP?pps=70&siteid=1325061471&ms=313

Requested by

Host: img.en25.com
URL: https://img.en25.com/i/elqCfg.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.29.202.153 Amsterdam, Netherlands, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

f0b0b4b58871f41650cb4963d0ff110bb2c209bcb6f12c7f3348d306329d4887

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 18:00:21 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 105
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 sp.min.js Show response
cdn-app.pathfactory.com/libraries/snowplow/2.17.3/ 76 KB
26 KB 8ms
8ms Script
application/javascript 13.224.189.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-app.pathfactory.com/libraries/snowplow/2.17.3/sp.min.js
Requested by: Host: resources.cigna.com
URL: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-61.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a876a773b46aea97d22c1f84dac918fbc98ee3c1e1729f21cef7911de52f141e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
date: Mon, 28 Nov 2022 02:39:28 GMT
last-modified: Tue, 04 Oct 2022 12:39:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 55255
etag: W/"adc64ce76490600da947214718dc8528"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: EqQoitSPHQagC5uICwJC-mPFwc7cD_AIMZhzHGprGrW-ZEBcaxO4Yw==

POST
H2 200 page_views Show response
jukebox.pathfactory.com/api/public/v1/ 152 B
1 KB 463ms
267ms XHR
application/json 34.202.57.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://jukebox.pathfactory.com/api/public/v1/page_views

Requested by

Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox/current/tracks.js?x=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.57.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-202-57-97.compute-1.amazonaws.com

Software

Resource Hash

66eef4de632b046f3c7decf11eb87ee10aba16a87f837d414eeb09b043aed338

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 28 Nov 2022 18:00:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy
content-encoding: gzip
x-request-id: 8ffd41cf-7028-44c9-9f1f-9ab1968e5d53
x-runtime: 0.162180
referrer-policy: no-referrer-when-downgrade
etag: W/"66eef4de632b046f3c7decf11eb87ee1"
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://resources.cigna.com
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 31ms
16ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=512867849&t=pageview&_s=1&dl=https%3A%2F%2Fresources.cigna.com%2Fc%2Fcigna-global-health-options-international-health-and-wellbeing%3Futm_campaign%3Dim0594-gih-offers-country-specific-email%26utm_medium%3Demail%26utm_source%3DEloqua%26e%3Dae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95%26x%3DWOc6FN%26elqTrackId%3Db0e095e36fb34acbb64cafde129299a7%26elq%3D670b7104e7364269b72077472d200869%26elqaid%3D7300%26elqat%3D1%26elqCampaignId%3D5621%26elqcst%3D272%26elqcsid%3D1284&ul=en-us&de=UTF-8&dt=Cigna%20Global%20Health%20Options%20-%20International%20Health%20%26%20Wellbeing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAEK~&jid=150547799&gjid=1987647935&cid=588265052.1669658423&tid=UA-19752341-2&_gid=962017250.1669658423&_r=1&gtm=2wgb90TVBBRP9&z=1077085339

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 18:00:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://resources.cigna.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 19ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.89

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 28 Nov 2022 18:00:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 3XhfpBp0CmVyJJao64tB/h47HKwLiwOulkeXq52TKjyVRGwtFD9KZYG7leLrgcVNY3DkcsJDHI3ptRxvQpWS/g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 2207305502888256 Show response
connect.facebook.net/signals/config/ 294 KB
85 KB 68ms
58ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2207305502888256?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4293ab35acbfd272f5b1f556206a46be9671dedd0e7a6fffcf4d5340127d2d24

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 28 Nov 2022 18:00:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: VLktXwX5rB2agEsEXWdzDgxMGYCHWzxchpDisHuYDg/PC7Xf1gahgHqE0mlOGqgqk0LLNaDi3ZtO3LjjSSzNKw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 200 token
cdn.linkedin.oribi.io/partner/1870217/domain/resources.cigna.com/ Frame 0
0 67ms
7ms Preflight 2600:9000:20eb:d800:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/1870217/domain/resources.cigna.com/token
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:d800:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://resources.cigna.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 1800
age: 33112
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Mon, 28 Nov 2022 08:48:30 GMT
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
x-amz-cf-id: FPPmUAqpUYUbYiIODgTPoYLnPgDbkNnfJjBJ0QRaqdBDC8JCGBt4NQ==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/1870217/domain/resources.cigna.com/ 36 B
374 B 9ms
9ms XHR
application/json 2600:9000:20eb:d800:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/1870217/domain/resources.cigna.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:d800:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 28 Nov 2022 17:34:30 GMT
content-encoding: gzip
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 1552
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: aPlG4cOagvCNYy9UppA30B5lTdZzcSMkZsEnjBrjYdKN93sItc-tbA==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1870217&time=1669658422629&url=https%3A%2F%2Fresources.cigna.com%2Fc%2Fcigna-global-health-options-international-health-and-wellbeing%3Futm_campai...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1870217%26time%3D1669658422629%26url%3Dhttps%253A%252F%252Fresources.cigna.com%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1870217&time=1669658422629&url=https%3A%2F%2Fresources.cigna.com%2Fc%2Fcigna-global-health-options-international-health-and-wellbeing%3Futm_campai...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1870217&time=1669658422629&url=https%3A%2F%2Fresources.cigna.com%2Fc%2Fcigna-global-health-options-international-health-and-wellbeing%3Futm_campa...

0
265 B

129ms
107ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1870217&time=1669658422629&url=https%3A%2F%2Fresources.cigna.com%2Fc%2Fcigna-global-health-options-international-health-and-wellbeing%3Futm_campaign%3Dim0594-gih-offers-country-specific-email%26utm_medium%3Demail%26utm_source%3DEloqua%26e%3Dae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95%26x%3DWOc6FN%26elqTrackId%3Db0e095e36fb34acbb64cafde129299a7%26elq%3D670b7104e7364269b72077472d200869%26elqaid%3D7300%26elqat%3D1%26elqCampaignId%3D5621%26elqcst%3D272%26elqcsid%3D1284&liSync=true&e_ipv6=AQLJIXqVq4SWLgAAAYS_Za6mfW9R5Jk7EEp1W7sMRv0m_gU6CGbfvdqE1UQQ80Hvt1Ltdns4uyBNNxZblfksZbPIB4z3jA
Requested by: Host: resources.cigna.com
URL: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 18:00:22 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: B4FEC6487401487BB6EDC7409D9243F1 Ref B: FRAEDGE1407 Ref C: 2022-11-28T18:00:23Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXui6U0DTw+g4WGrJADxA==

Redirect headers

date: Mon, 28 Nov 2022 18:00:22 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 36C067650CAE44CF86CDECD723FACC13 Ref B: FRAEDGE1718 Ref C: 2022-11-28T18:00:22Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1870217&time=1669658422629&url=https%3A%2F%2Fresources.cigna.com%2Fc%2Fcigna-global-health-options-international-health-and-wellbeing%3Futm_campaign%3Dim0594-gih-offers-country-specific-email%26utm_medium%3Demail%26utm_source%3DEloqua%26e%3Dae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95%26x%3DWOc6FN%26elqTrackId%3Db0e095e36fb34acbb64cafde129299a7%26elq%3D670b7104e7364269b72077472d200869%26elqaid%3D7300%26elqat%3D1%26elqCampaignId%3D5621%26elqcst%3D272%26elqcsid%3D1284&liSync=true&e_ipv6=AQLJIXqVq4SWLgAAAYS_Za6mfW9R5Jk7EEp1W7sMRv0m_gU6CGbfvdqE1UQQ80Hvt1Ltdns4uyBNNxZblfksZbPIB4z3jA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXui6UyEVzcO1D1GxkCpg==

GET
H2 200 /
www.google.com/pagead/1p-user-list/440383784/ 42 B
548 B 45ms
22ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/440383784/?random=1669658422385&cv=11&fst=1669658400000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fresources.cigna.com%2Fc%2Fcigna-global-health-options-international-health-and-wellbeing%3Futm_campaign%3Dim0594-gih-offers-country-specific-email%26utm_medium%3Demail%26utm_source%3DEloqua%26e%3Dae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95%26x%3DWOc6FN%26elqTrackId%3Db0e095e36fb34acbb64cafde129299a7%26elq%3D670b7104e7364269b72077472d200869%26elqaid%3D7300%26elqat%3D1%26elqCampaignId%3D5621%26elqcst%3D272%26elqcsid%3D1284&tiba=Cigna%20Global%20Health%20Options%20-%20International%20Health%20%26%20Wellbeing&fmt=3&is_vtc=1&random=3838035190&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 18:00:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/440383784/ 42 B
548 B 42ms
19ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/440383784/?random=1669658422385&cv=11&fst=1669658400000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fresources.cigna.com%2Fc%2Fcigna-global-health-options-international-health-and-wellbeing%3Futm_campaign%3Dim0594-gih-offers-country-specific-email%26utm_medium%3Demail%26utm_source%3DEloqua%26e%3Dae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95%26x%3DWOc6FN%26elqTrackId%3Db0e095e36fb34acbb64cafde129299a7%26elq%3D670b7104e7364269b72077472d200869%26elqaid%3D7300%26elqat%3D1%26elqCampaignId%3D5621%26elqcst%3D272%26elqcsid%3D1284&tiba=Cigna%20Global%20Health%20Options%20-%20International%20Health%20%26%20Wellbeing&fmt=3&is_vtc=1&random=3838035190&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 18:00:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 230ms
81ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-19752341-2&cid=588265052.1669658423&jid=150547799&gjid=1987647935&_gid=962017250.1669658423&_u=YEBAAEAAAAAAACAEK~&z=1402640218

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 28 Nov 2022 18:00:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://resources.cigna.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
376 B 140ms
119ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=bf39052a-ca43-47cd-b740-e776062ac3ab&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f5deab8b-32a3-4f29-bf04-9c8b15fdf969&tw_document_href=https%3A%2F%2Fresources.cigna.com%2Fc%2Fcigna-global-health-options-international-health-and-wellbeing%3Futm_campaign%3Dim0594-gih-offers-country-specific-email%26utm_medium%3Demail%26utm_source%3DEloqua%26e%3Dae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95%26x%3DWOc6FN%26elqTrackId%3Db0e095e36fb34acbb64cafde129299a7%26elq%3D670b7104e7364269b72077472d200869%26elqaid%3D7300%26elqat%3D1%26elqCampaignId%3D5621%26elqcst%3D272%26elqcsid%3D1284&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o33uf&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-response-time: 112
date: Mon, 28 Nov 2022 18:00:22 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 5937b02ec24744b0
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 3e2d60dca552ee52191c3dfd44af208d59f29f8bea9cdf454ec905ffe5c52586
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
392 B 137ms
116ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=bf39052a-ca43-47cd-b740-e776062ac3ab&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f5deab8b-32a3-4f29-bf04-9c8b15fdf969&tw_document_href=https%3A%2F%2Fresources.cigna.com%2Fc%2Fcigna-global-health-options-international-health-and-wellbeing%3Futm_campaign%3Dim0594-gih-offers-country-specific-email%26utm_medium%3Demail%26utm_source%3DEloqua%26e%3Dae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95%26x%3DWOc6FN%26elqTrackId%3Db0e095e36fb34acbb64cafde129299a7%26elq%3D670b7104e7364269b72077472d200869%26elqaid%3D7300%26elqat%3D1%26elqCampaignId%3D5621%26elqcst%3D272%26elqcsid%3D1284&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o33uf&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-response-time: 109
date: Mon, 28 Nov 2022 18:00:22 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: dc5e2a040bcc503e
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 1e53641efe9f5459d3247e5004b1ae99561a72bca1d1628e43acd69e8709bf79
content-length: 43

OPTIONS
H/1.1 200
OK tp2
spcollector.pathfactory.com/com.snowplowanalytics.snowplow/ Frame 0
0 404ms
98ms Preflight 34.235.48.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://spcollector.pathfactory.com/com.snowplowanalytics.snowplow/tp2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.235.48.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-48-117.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://resources.cigna.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://resources.cigna.com
Access-Control-Max-Age: 5
Connection: keep-alive
Content-Length: 0
Date: Mon, 28 Nov 2022 18:00:23 GMT
Server: akka-http/10.0.9

OPTIONS
H2 200 tp2
jukebox.pathfactory.com/com.snowplowanalytics.snowplow/ Frame 0
0 212ms
102ms Preflight 34.202.57.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jukebox.pathfactory.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.57.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-57-97.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://resources.cigna.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://resources.cigna.com
access-control-expose-headers
access-control-max-age: 7200
date: Mon, 28 Nov 2022 18:00:22 GMT

POST
H/1.1 200
OK tp2 Show response
spcollector.pathfactory.com/com.snowplowanalytics.snowplow/ 2 B
464 B 392ms
99ms XHR
text/plain 34.235.48.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://spcollector.pathfactory.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/libraries/snowplow/2.17.3/sp.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.235.48.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-48-117.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Mon, 28 Nov 2022 18:00:23 GMT
Server: akka-http/10.0.9
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: https://resources.cigna.com
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2

POST
H2 200 tp2 Show response
jukebox.pathfactory.com/com.snowplowanalytics.snowplow/ 0
793 B 309ms
113ms XHR
text/html 34.202.57.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://jukebox.pathfactory.com/com.snowplowanalytics.snowplow/tp2

Requested by

Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/libraries/snowplow/2.17.3/sp.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.57.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-202-57-97.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
X-Content-Type-Options	nosniff

Request headers

Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

x-runtime: 0.010390
date: Mon, 28 Nov 2022 18:00:23 GMT
content-security-policy
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
content-type: text/html
access-control-allow-origin: https://resources.cigna.com
access-control-expose-headers
cache-control: no-cache
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
x-request-id: 673d5d88-76df-40c0-b312-ff9804f7d377

GET
H2 200 / Show response
www.facebook.com/tr/ 0
205 B 24ms
8ms XHR
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/?id=2207305502888256&ev=PageView&dl=https%3A%2F%2Fresources.cigna.com%2Fc%2Fcigna-global-health-options-international-health-and-wellbeing%3Futm_campaign%3Dim0594-gih-offers-country-specific-email%26utm_medium%3Demail%26utm_source%3DEloqua%26e%3Dae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95%26x%3DWOc6FN%26elqTrackId%3Db0e095e36fb34acbb64cafde129299a7%26elq%3D670b7104e7364269b72077472d200869%26elqaid%3D7300%26elqat%3D1%26elqCampaignId%3D5621%26elqcst%3D272%26elqcsid%3D1284&rl=&if=false&ts=1669658422715&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1669658422714.303350564&it=1669658422624&coo=false&tm=1&exp=b3&rqm=GET&cd[rex]=%7B%22uid%22%3A%2239fec5bs2-968c-44eb-a116-729a3a81c3da%22%2C%22retry%22%3A0%7D

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 28 Nov 2022 18:00:22 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin: https://resources.cigna.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 4861823337221949 Show response
connect.facebook.net/signals/config/ 293 KB
85 KB 67ms
67ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/4861823337221949?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ad0ba45d2e1f386dfd957528be6f59bafd511511dc782cce452c8b6da76a2671

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 28 Nov 2022 18:00:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: FYB5evPWwcKxa/aKTDXwQ5DMQe4BcvqyeIYUBy/dM3M716ZreTnOls7izY0rvtPhJdUr9D/N4SWGrlprmM59pA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 18ms
8ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2207305502888256&ev=PageView&dl=https%3A%2F%2Fresources.cigna.com%2Fc%2Fcigna-global-health-options-international-health-and-wellbeing%3Futm_campaign%3Dim0594-gih-offers-country-specific-email%26utm_medium%3Demail%26utm_source%3DEloqua%26e%3Dae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95%26x%3DWOc6FN%26elqTrackId%3Db0e095e36fb34acbb64cafde129299a7%26elq%3D670b7104e7364269b72077472d200869%26elqaid%3D7300%26elqat%3D1%26elqCampaignId%3D5621%26elqcst%3D272%26elqcsid%3D1284&rl=&if=false&ts=1669658422808&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1669658422714.303350564&it=1669658422624&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 28 Nov 2022 18:00:22 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 16ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=4861823337221949&ev=PageView&dl=https%3A%2F%2Fresources.cigna.com%2Fc%2Fcigna-global-health-options-international-health-and-wellbeing%3Futm_campaign%3Dim0594-gih-offers-country-specific-email%26utm_medium%3Demail%26utm_source%3DEloqua%26e%3Dae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95%26x%3DWOc6FN%26elqTrackId%3Db0e095e36fb34acbb64cafde129299a7%26elq%3D670b7104e7364269b72077472d200869%26elqaid%3D7300%26elqat%3D1%26elqCampaignId%3D5621%26elqcst%3D272%26elqcsid%3D1284&rl=&if=false&ts=1669658422812&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669658422714.303350564&it=1669658422624&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 28 Nov 2022 18:00:22 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 63ms
46ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-19752341-2&cid=588265052.1669658423&jid=150547799&_u=YEBAAEAAAAAAACAEK~&z=338906211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 18:00:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 66ms
47ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-19752341-2&cid=588265052.1669658423&jid=150547799&_u=YEBAAEAAAAAAACAEK~&z=338906211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 18:00:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
6ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2207305502888256&ev=Microdata&dl=https%3A%2F%2Fresources.cigna.com%2Fc%2Fcigna-global-health-options-international-health-and-wellbeing%3Futm_campaign%3Dim0594-gih-offers-country-specific-email%26utm_medium%3Demail%26utm_source%3DEloqua%26e%3Dae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95%26x%3DWOc6FN%26elqTrackId%3Db0e095e36fb34acbb64cafde129299a7%26elq%3D670b7104e7364269b72077472d200869%26elqaid%3D7300%26elqat%3D1%26elqCampaignId%3D5621%26elqcst%3D272%26elqcsid%3D1284&rl=&if=false&ts=1669658423218&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Cigna%20Global%20Health%20Options%20-%20International%20Health%20%26%20Wellbeing%22%2C%22meta%3Adescription%22%3A%22Find%20out%20more%20about%20our%20International%20Health%20and%20Wellbeing%20module.%20Available%20through%20our%20Cigna%20Global%20Health%20Options%20plan.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Cigna%20Global%20Health%20Options%20-%20International%20Health%20%26%20Wellbeing%22%2C%22og%3Adescription%22%3A%22Find%20out%20more%20about%20our%20International%20Health%20and%20Wellbeing%20module.%20Available%20through%20our%20Cigna%20Global%20Health%20Options%20plan.%22%2C%22og%3Asite_name%22%3A%22Cigna%20International%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fresources.cigna.com%2Fc%2Fcigna-global-health-options-international-health-and-wellbeing%3Fx%3Dwoc6fn%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fcdn.pathfactory.com%2Fassets%2F10721%2Fcontents%2F337401%2Fthumbnails%2F600x%2F0.jpg%22%2C%22og%3Aimage%3Aheight%22%3A%22384%22%2C%22og%3Aimage%3Awidth%22%3A%22576%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=30&fbp=fb.1.1669658422714.303350564&it=1669658422624&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 28 Nov 2022 18:00:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=4861823337221949&ev=Microdata&dl=https%3A%2F%2Fresources.cigna.com%2Fc%2Fcigna-global-health-options-international-health-and-wellbeing%3Futm_campaign%3Dim0594-gih-offers-country-specific-email%26utm_medium%3Demail%26utm_source%3DEloqua%26e%3Dae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95%26x%3DWOc6FN%26elqTrackId%3Db0e095e36fb34acbb64cafde129299a7%26elq%3D670b7104e7364269b72077472d200869%26elqaid%3D7300%26elqat%3D1%26elqCampaignId%3D5621%26elqcst%3D272%26elqcsid%3D1284&rl=&if=false&ts=1669658423313&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Cigna%20Global%20Health%20Options%20-%20International%20Health%20%26%20Wellbeing%22%2C%22meta%3Adescription%22%3A%22Find%20out%20more%20about%20our%20International%20Health%20and%20Wellbeing%20module.%20Available%20through%20our%20Cigna%20Global%20Health%20Options%20plan.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Cigna%20Global%20Health%20Options%20-%20International%20Health%20%26%20Wellbeing%22%2C%22og%3Adescription%22%3A%22Find%20out%20more%20about%20our%20International%20Health%20and%20Wellbeing%20module.%20Available%20through%20our%20Cigna%20Global%20Health%20Options%20plan.%22%2C%22og%3Asite_name%22%3A%22Cigna%20International%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fresources.cigna.com%2Fc%2Fcigna-global-health-options-international-health-and-wellbeing%3Fx%3Dwoc6fn%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fcdn.pathfactory.com%2Fassets%2F10721%2Fcontents%2F337401%2Fthumbnails%2F600x%2F0.jpg%22%2C%22og%3Aimage%3Aheight%22%3A%22384%22%2C%22og%3Aimage%3Awidth%22%3A%22576%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1669658422714.303350564&it=1669658422624&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 28 Nov 2022 18:00:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

OPTIONS
H2 200 create_event
jukebox.pathfactory.com/api/public/v1/page_views/ Frame 0
0 101ms
101ms Preflight 34.202.57.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jukebox.pathfactory.com/api/public/v1/page_views/create_event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.57.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-57-97.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://resources.cigna.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://resources.cigna.com
access-control-expose-headers
access-control-max-age: 7200
date: Mon, 28 Nov 2022 18:00:23 GMT

OPTIONS
H2 200 create_event
jukebox.pathfactory.com/api/public/v1/page_views/ Frame 0
0 102ms
101ms Preflight 34.202.57.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jukebox.pathfactory.com/api/public/v1/page_views/create_event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.57.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-57-97.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://resources.cigna.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://resources.cigna.com
access-control-expose-headers
access-control-max-age: 7200
date: Mon, 28 Nov 2022 18:00:23 GMT

OPTIONS
H2 200 create_event
jukebox.pathfactory.com/api/public/v1/page_views/ Frame 0
0 101ms
100ms Preflight 34.202.57.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jukebox.pathfactory.com/api/public/v1/page_views/create_event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.57.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-57-97.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://resources.cigna.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://resources.cigna.com
access-control-expose-headers
access-control-max-age: 7200
date: Mon, 28 Nov 2022 18:00:23 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/fonts/ 69 KB
70 KB 36ms
25ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/fonts/fontawesome-webfont.woff2?v=4.6.1

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
Origin: https://resources.cigna.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 18:00:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 860
age: 36658
cdn-cachedat: 08/25/2022 04:42:02
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70728
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: "926c93d201fe51c8f351e858468980c3"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: f95a668a5c3ab38c152ca143a61ee737
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 771500ba28ea9078-FRA
cdn-requestpullsuccess: True

POST
H2 204 create_event Show response
jukebox.pathfactory.com/api/public/v1/page_views/ 0
754 B 116ms
116ms XHR
text/plain 34.202.57.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://jukebox.pathfactory.com/api/public/v1/page_views/create_event

Requested by

Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox/current/tracks.js?x=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.57.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-202-57-97.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

x-runtime: 0.013819
date: Mon, 28 Nov 2022 18:00:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://resources.cigna.com
access-control-expose-headers
cache-control: no-cache
access-control-allow-credentials: true
vary: Origin
x-request-id: 548df01b-62eb-4de3-9046-67b61dfb8c1d

POST
H2 204 create_event Show response
jukebox.pathfactory.com/api/public/v1/page_views/ 0
750 B 114ms
113ms XHR
text/plain 34.202.57.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://jukebox.pathfactory.com/api/public/v1/page_views/create_event

Requested by

Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox/current/tracks.js?x=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.57.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-202-57-97.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

x-runtime: 0.011461
date: Mon, 28 Nov 2022 18:00:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://resources.cigna.com
access-control-expose-headers
cache-control: no-cache
access-control-allow-credentials: true
vary: Origin
x-request-id: 9c747d77-297b-4704-8f0d-d71c98fb2d79

POST
H2 204 create_event Show response
jukebox.pathfactory.com/api/public/v1/page_views/ 0
751 B 202ms
202ms XHR
text/plain 34.202.57.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://jukebox.pathfactory.com/api/public/v1/page_views/create_event

Requested by

Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox/current/tracks.js?x=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.57.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-202-57-97.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

x-runtime: 0.009020
date: Mon, 28 Nov 2022 18:00:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://resources.cigna.com
access-control-expose-headers
cache-control: no-cache
access-control-allow-credentials: true
vary: Origin
x-request-id: 9f4ae530-e699-4be3-9de1-72fb5f2c5753

GET
H2 200 iframe_api Show response
www.youtube.com/ 1 KB
2 KB 50ms
29ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox/current/tracks.js?x=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d88570992716a4ec3afa008e9e4162144e37ac9be5553ddf1ebb0f030d1b601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 18:00:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 28 Nov 2022 18:00:23 GMT

GET
H2 200 0.jpg
cdn.pathfactory.com/assets/10721/contents/337400/thumbnails/600x/ 15 KB
15 KB 518ms
517ms Image
image/ 13.225.78.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pathfactory.com/assets/10721/contents/337400/thumbnails/600x/0.jpg
Requested by: Host: resources.cigna.com
URL: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-46.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5ede70cfadefa2a0ca8691601150ec79009267e0964f554c11dd7b1732696e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 18:00:24 GMT
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
last-modified: Mon, 27 Sep 2021 12:59:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
etag: "5952939ad299eb241a2f582613509ad4"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/
accept-ranges: bytes
content-length: 15232
x-amz-cf-id: mYRWCrcOH84JGPu7tm67XVpK_rXCYdym3dO2RWy2SsXu5a8DSGc4Eg==
expires: Mon, 27 Sep 2021 12:59:55 GMT

GET
H2 200 08d0f04c-523c-485a-be2d-6d4d6f49ed7c.png
cdn.pathfactory.com/assets/10721/logos/282345/ 144 KB
145 KB 127ms
126ms Image
image/png 13.225.78.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pathfactory.com/assets/10721/logos/282345/08d0f04c-523c-485a-be2d-6d4d6f49ed7c.png
Requested by: Host: resources.cigna.com
URL: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-46.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1a2f4825c8e213c972ccf1448272d6949ad43cf6104eaa5ace0ecc0dabdf58d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 18:00:23 GMT
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
last-modified: Fri, 15 Jan 2021 05:35:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 1
x-amz-server-side-encryption: AES256
etag: "ebc3f4cef50c494936a448985a301a9e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=60, must-revalidate
accept-ranges: bytes
content-length: 147591
x-amz-cf-id: nK0WryWc8g9vkuya2RCa21FyCLVRC7AAyY_Z6UATFgaz-vEoMtePOQ==

POST
H/1.1 200
OK tp2
spcollector.pathfactory.com/com.snowplowanalytics.snowplow/ 2 B
464 B 100ms
99ms Ping
text/plain 34.235.48.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://spcollector.pathfactory.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/libraries/snowplow/2.17.3/sp.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.235.48.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-48-117.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 28 Nov 2022 18:00:23 GMT
Server: akka-http/10.0.9
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: https://resources.cigna.com
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2

OPTIONS
H/1.1 200
OK tp2
spcollector.pathfactory.com/com.snowplowanalytics.snowplow/ Frame 0
0 98ms
98ms Preflight 34.235.48.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://spcollector.pathfactory.com/com.snowplowanalytics.snowplow/tp2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.235.48.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-48-117.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://resources.cigna.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://resources.cigna.com
Access-Control-Max-Age: 5
Connection: keep-alive
Content-Length: 0
Date: Mon, 28 Nov 2022 18:00:23 GMT
Server: akka-http/10.0.9

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/4eb6b35d/www-widgetapi.vflset/ 161 KB
53 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eb6b35d/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47879e9a46a232ac6fa8931b17f3dbe8a09ea02497c2394abf2e45c431b9b5ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 17:58:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 107
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54014
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 01:17:16 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 28 Nov 2023 17:58:36 GMT

GET
H3 200 7CX6f68QVkc Show response
www.youtube.com/embed/ Frame 80B6 70 KB
28 KB 84ms
84ms Document
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/7CX6f68QVkc?autoplay=true&cc_load_policy=0&rel=0&start=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.cigna.com&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

474257ee3b4fe0a0713de11a04598a6dc15b8b5f92c7f83963f96d757c35cb95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 18:00:23 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 associate Show response
jukebox.pathfactory.com/api/public/v1/page_views/ 0
750 B 113ms
111ms XHR
text/plain 34.202.57.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://jukebox.pathfactory.com/api/public/v1/page_views/associate

Requested by

Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox/current/tracks.js?x=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.57.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-202-57-97.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://resources.cigna.com/c/cigna-global-health-options-international-health-and-wellbeing?utm_campaign=im0594-gih-offers-country-specific-email&utm_medium=email&utm_source=Eloqua&e=ae68893f3198ad42bb908300113d7f77e94c0dbf9fb0a64a6f0ad6f9952ccb95&x=WOc6FN&elqTrackId=b0e095e36fb34acbb64cafde129299a7&elq=670b7104e7364269b72077472d200869&elqaid=7300&elqat=1&elqCampaignId=5621&elqcst=272&elqcsid=1284
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

x-runtime: 0.010293
date: Mon, 28 Nov 2022 18:00:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://resources.cigna.com
access-control-expose-headers
cache-control: no-cache
access-control-allow-credentials: true
vary: Origin
x-request-id: 5cdee21c-a3e7-4ce1-a04b-9f802ceb9bbf

OPTIONS
H2 200 associate
jukebox.pathfactory.com/api/public/v1/page_views/ Frame 0
0 103ms
102ms Preflight 34.202.57.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jukebox.pathfactory.com/api/public/v1/page_views/associate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.57.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-57-97.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://resources.cigna.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://resources.cigna.com
access-control-expose-headers
access-control-max-age: 7200
date: Mon, 28 Nov 2022 18:00:23 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/4eb6b35d/ Frame 80B6 359 KB
49 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eb6b35d/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7CX6f68QVkc?autoplay=true&cc_load_policy=0&rel=0&start=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.cigna.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b47e5ab37362998b55b8d8eddca591867a23f45f2d8169f07e0d908463cd375c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7CX6f68QVkc?autoplay=true&cc_load_policy=0&rel=0&start=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.cigna.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 15:47:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7989
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49788
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 01:17:16 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 28 Nov 2023 15:47:14 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/4eb6b35d/www-embed-player.vflset/ Frame 80B6 312 KB
97 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eb6b35d/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2995690e9dfac900bebef6d09af2b89ddaa8a699ad19a0339d2938171b2d1ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7CX6f68QVkc?autoplay=true&cc_load_policy=0&rel=0&start=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.cigna.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 15:52:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7680
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99035
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 01:17:16 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 28 Nov 2023 15:52:23 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/ Frame 80B6 2 MB
580 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd95ed1dc6e84cac53ee409bfe80e6a985e0efbba98dcba010a5bf2b76fdd2f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7CX6f68QVkc?autoplay=true&cc_load_policy=0&rel=0&start=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.cigna.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 15:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 593364
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 01:17:16 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 28 Nov 2023 15:53:15 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4eb6b35d/fetch-polyfill.vflset/ Frame 80B6 9 KB
3 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eb6b35d/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7CX6f68QVkc?autoplay=true&cc_load_policy=0&rel=0&start=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.cigna.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 16:36:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5051
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 01:17:16 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 28 Nov 2023 16:36:12 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 80B6 15 KB
16 KB 39ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 11:55:05 GMT
x-content-type-options: nosniff
age: 281118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 11:55:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 80B6 15 KB
15 KB 41ms
10ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 589144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 22:21:19 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 80B6
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

15ms
14ms

XHR
application/json

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e377112ea53b1938ef5295e75c91080ea8ade8c8fb3642a0898a6ab1ceeb637c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 18:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 28 Nov 2022 18:00:23 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 80B6 29 B
588 B 30ms
7ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 17:50:09 GMT
x-content-type-options: nosniff
age: 614
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 28 Nov 2022 18:05:09 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 35ms
15ms Preflight
text/html 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 28 Nov 2022 18:00:23 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 80B6 66 KB
30 KB 35ms
21ms XHR
application/json+protobuf 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2c84e1ded68db4fc338c3d88604b62ed34fc7c2635a7ad27024f65d49b3f8730

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 28 Nov 2022 18:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31014
x-xss-protection: 0

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame 80B6 67 KB
22 KB 129ms
128ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

2edb990df0c7a958793fe26128c466dc90dfa81f1ce8f5442cb2c227924721fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/7CX6f68QVkc?autoplay=true&cc_load_policy=0&rel=0&start=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.cigna.com&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20221120.00.00
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
X-Goog-Visitor-Id: CgtrT2o4MFF3dzlwQSi37pOcBg%3D%3D
Content-Type: application/json

Response headers

date: Mon, 28 Nov 2022 18:00:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22385
x-xss-protection: 0
expires: Mon, 28 Nov 2022 18:00:23 GMT

GET
H3 200 _mW_2QmsfiHfHQzuwJJjeV3lvrJQS7bChqYqZLie29Q.js Show response
www.google.com/js/th/ Frame 80B6 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/_mW_2QmsfiHfHQzuwJJjeV3lvrJQS7bChqYqZLie29Q.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe65bfd909ac7e21df1d0ceec09263795de5beb2504bb6c286a62a64b89edbd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 22:22:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 329885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14302
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 22:22:18 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/ Frame 80B6 26 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b63ed4c3792f6acb0b70a6083ad090bbac092cfcf021106be33f5f73690363e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7CX6f68QVkc?autoplay=true&cc_load_policy=0&rel=0&start=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.cigna.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 15:53:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7634
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8297
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 01:17:16 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 28 Nov 2023 15:53:09 GMT

GET
DATA 200
OK truncated
/ Frame 80B6 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu-0S7e1Gvw6dWdJJ5zVZ-hM5alzGdbyi_BaduKA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 80B6 3 KB
3 KB 59ms
22ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu-0S7e1Gvw6dWdJJ5zVZ-hM5alzGdbyi_BaduKA=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

25071ca1e2ba0e5da1d3c13c37c5145c78f1f21b3f35ca131ca2bda714218a29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 18:00:23 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2689
x-xss-protection: 0
server: fife
etag: "v5c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 13 Nov 2022 14:58:10 GMT

GET
DATA 200
OK truncated
/ Frame 80B6 414 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68b45aae6ef7af08f3ef232ac69fba8e6f6372d8858798049b1e44bf70d3f13d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 80B6 90 B
134 B 20ms
20ms XHR
application/json+protobuf 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

96066ec3a3157d6eaa029d2096a741c962a13c753420b7adc325d20708c92c61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 28 Nov 2022 18:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 14ms
14ms Preflight
text/html 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 28 Nov 2022 18:00:23 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame 80B6 0
19 B 16ms
15ms XHR
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=244&afmt=251&cpn=c-ovOIdr-xM8UDO1&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24249176%2C24255165%2C24292955%2C24293803%2C24390013%2C24401290%2C24406605%2C24407200%2C24408610%2C24412676%2C24414162%2C24415865%2C24416291%2C24420781%2C24425860&cl=489849437&seq=1&docid=7CX6f68QVkc&ei=N_eEY_DnM8Si1gKL2IHoCQ&event=streamingstats&plid=AAXui6VA2Dvbqobs&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F7CX6f68QVkc%3Fautoplay%3Dtrue%26cc_load_policy%3D0%26rel%3D0%26start%3D0%26playsinline%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fresources.cigna.com%26widgetid%3D1&cbr=Chrome&cbrver=107.0.5304.121&c=WEB_EMBEDDED_PLAYER&cver=1.20221120.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.009:B,0.177:B,0.177:B&cmt=0.009:0.000,0.177:0.000&afs=0.177:251::i&vfs=0.177:244:247::r&view=0.177:1360:1200&bwe=0.177:130000&bat=0.177:1:1&vis=0.177:0&bh=0.177:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/7CX6f68QVkc?autoplay=true&cc_load_policy=0&rel=0&start=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.cigna.com&widgetid=1
X-YouTube-Client-Version: 1.20221120.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtrT2o4MFF3dzlwQSi37pOcBg%3D%3D
X-YouTube-Ad-Signals: dt=1669658423738&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1360%2C1200&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 18:00:24 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
rr6---sn-2gb7sn7z.googlevideo.com/ Frame 80B6 168 KB
169 KB 173ms
105ms Fetch
video/webm 2a00:1450:4014:1::c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr6---sn-2gb7sn7z.googlevideo.com/videoplayback?expire=1669680023&ei=N_eEY_DnM8Si1gKL2IHoCQ&ip=2001%3Aac8%3A20%3A3a00%3A1012%3A2891%3Ada3b%3A9a9f&id=o-ABlsKSwmVEu3BN-qaw3WSbm87KjXv_JteoFXAEjYM9ls&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=Nd&mm=31%2C29&mn=sn-2gb7sn7z%2Csn-aigzrn7l&ms=au%2Crdu&mv=m&mvi=6&pl=49&initcwndbps=190000&spc=SFxXNhPiS-rMJb_fF2KRa5IvFUTgW1c&vprv=1&mime=video%2Fwebm&ns=NBDw8_bkOa3eGP2qNJ7a4ccJ&gir=yes&clen=7354156&dur=125.520&lmt=1649380657287311&mt=1669658031&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=vgFALhntxYmD2w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgWrxVJZjadnuA_bNfia65ZAH3PKb4-k__9vB4KRBm9O8CIGa90JDhlGJkkqax4AfSQ2pwOhUMfHkIVZt_DbtyJSk6&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgQXJBo0ozkYSpgEomZp9WatEP5LuG8S1LOuJknKyOv3YCIQC8uYO66pivgg3E_s7wrzzE8cvZWgC-J1LS3Gw7OOn0gA%3D%3D&alr=yes&cpn=c-ovOIdr-xM8UDO1&cver=1.20221120.00.00&range=0-171707&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:1::c , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

4d1ffc8a1ac17c77bb53c5d0350cf74f8c6f726a89ad63da47e35bc908dce8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 18:00:24 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 171708
Last-Modified: Fri, 08 Apr 2022 01:17:37 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Mon, 28 Nov 2022 18:00:24 GMT

GET
H/1.1 200
OK videoplayback Show response
rr6---sn-2gb7sn7z.googlevideo.com/ Frame 80B6 1 KB
2 KB 81ms
15ms Fetch
text/plain 2a00:1450:4014:1::c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr6---sn-2gb7sn7z.googlevideo.com/videoplayback?expire=1669680023&ei=N_eEY_DnM8Si1gKL2IHoCQ&ip=2001%3Aac8%3A20%3A3a00%3A1012%3A2891%3Ada3b%3A9a9f&id=o-ABlsKSwmVEu3BN-qaw3WSbm87KjXv_JteoFXAEjYM9ls&itag=251&source=youtube&requiressl=yes&mh=Nd&mm=31%2C29&mn=sn-2gb7sn7z%2Csn-aigzrn7l&ms=au%2Crdu&mv=m&mvi=6&pl=49&initcwndbps=190000&spc=SFxXNhPiS-rMJb_fF2KRa5IvFUTgW1c&vprv=1&mime=audio%2Fwebm&ns=NBDw8_bkOa3eGP2qNJ7a4ccJ&gir=yes&clen=2014186&dur=125.541&lmt=1649380661289419&mt=1669658031&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=vgFALhntxYmD2w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgWjFCIZ-iVSxfaW48N3cwY97mzBnWX9n2pPFXMbwlK1kCICoD6trntCM65A8b3Yndx1KYqaokAVaqaRc_Fig8Wkcy&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgQXJBo0ozkYSpgEomZp9WatEP5LuG8S1LOuJknKyOv3YCIQC8uYO66pivgg3E_s7wrzzE8cvZWgC-J1LS3Gw7OOn0gA%3D%3D&alr=yes&cpn=c-ovOIdr-xM8UDO1&cver=1.20221120.00.00&range=0-66019&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:1::c , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

e273dad40433293a24424c560cf6e6899e6cc6ee0a2b1731e985543ba015196c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 18:00:24 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1058
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Mon, 28 Nov 2022 18:00:24 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/ Frame 80B6 119 KB
37 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

746c15d9337027224b013b04a70a580432f4422e5e409d919e9851ebf7291337

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7CX6f68QVkc?autoplay=true&cc_load_policy=0&rel=0&start=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.cigna.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 15:57:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7402
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37359
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 01:17:16 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 28 Nov 2023 15:57:02 GMT

GET
H3 200 captions.js Show response
www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/ Frame 80B6 66 KB
24 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37e9001ea962d0f577df82ef7744fb89ab3524251abbefde8d3a34177a8295a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7CX6f68QVkc?autoplay=true&cc_load_policy=0&rel=0&start=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.cigna.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 15:57:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7358
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24826
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 01:17:16 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 28 Nov 2023 15:57:46 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/ Frame 80B6 32 KB
9 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e4b1e5b7392127cd396407257fb87549778aa7eb7eec02b3b75e4d8862b6603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7CX6f68QVkc?autoplay=true&cc_load_policy=0&rel=0&start=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.cigna.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 16:00:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7174
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8825
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 01:17:16 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 28 Nov 2023 16:00:50 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame 80B6 7 KB
2 KB 195ms
195ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

5609bd45a314a65c3fc9798413d715a97645e86da4c6b101c9bac909443cbc29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/7CX6f68QVkc?autoplay=true&cc_load_policy=0&rel=0&start=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.cigna.com&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20221120.00.00
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
X-Goog-Visitor-Id: CgtrT2o4MFF3dzlwQSi37pOcBg%3D%3D
Content-Type: application/json

Response headers

date: Mon, 28 Nov 2022 18:00:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2234
x-xss-protection: 0
expires: Mon, 28 Nov 2022 18:00:24 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 80B6 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?LZU12A
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/7CX6f68QVkc?autoplay=true&cc_load_policy=0&rel=0&start=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.cigna.com&widgetid=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7CX6f68QVkc?autoplay=true&cc_load_policy=0&rel=0&start=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.cigna.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 18:00:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 videoplayback Show response
rr5---sn-4g5edndk.googlevideo.com/ Frame 80B6 64 KB
64 KB 73ms
33ms Fetch
audio/webm 2a00:1450:4001:23::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1669680023&ei=N_eEY_DnM8Si1gKL2IHoCQ&ip=2001%3Aac8%3A20%3A3a00%3A1012%3A2891%3Ada3b%3A9a9f&id=o-ABlsKSwmVEu3BN-qaw3WSbm87KjXv_JteoFXAEjYM9ls&itag=251&source=youtube&requiressl=yes&spc=SFxXNhPiS-rMJb_fF2KRa5IvFUTgW1c&vprv=1&mime=audio%2Fwebm&ns=NBDw8_bkOa3eGP2qNJ7a4ccJ&gir=yes&clen=2014186&dur=125.541&lmt=1649380661289419&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=vgFALhntxYmD2w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgWjFCIZ-iVSxfaW48N3cwY97mzBnWX9n2pPFXMbwlK1kCICoD6trntCM65A8b3Yndx1KYqaokAVaqaRc_Fig8Wkcy&alr=yes&cpn=c-ovOIdr-xM8UDO1&cver=1.20221120.00.00&redirect_counter=1&cm2rm=sn-2gbe67d&cms_redirect=yes&cmsv=e&mh=Nd&mm=34&mn=sn-4g5edndk&ms=ltu&mt=1669658231&mv=m&mvi=5&pl=49&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAPRzY75F-lp-md3VjWZ0jRhWgSr8GFKoNd8_grjljFqdAiAsID1jX6KIepkgS3fct9qjAeiLhiymPldpeedNaEy2DQ%3D%3D&range=0-66019&rn=3&rbuf=0&pot=D-qPGwbgWKOe6res4UsT3QAsAF8_pUV55KtuX2DF509nr8NQ-STnkXhnKQEhrFL4UevVk0o-HCwNvA2PBZnYVyN5X3SWn03faFdXbIfrB9cHEIXTzcBnZmzbxnjCJ9U2NjTjyZE=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:23::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

30203167cf63b54e8d7f55130b9caebc47b0ce38d1afa44e0614bc3ee47903b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

client-protocol: quic
date: Mon, 28 Nov 2022 18:00:24 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66020
last-modified: Fri, 08 Apr 2022 01:17:41 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 28 Nov 2022 18:00:24 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 80B6 4 KB
3 KB 629ms
604ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 18:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 18:00:24 GMT

GET
H3 200 videoplayback Show response
rr6---sn-2gb7sn7z.googlevideo.com/ Frame 80B6 1 KB
1 KB 32ms
15ms Fetch
text/plain 2a00:1450:4014:1::c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr6---sn-2gb7sn7z.googlevideo.com/videoplayback?expire=1669680023&ei=N_eEY_DnM8Si1gKL2IHoCQ&ip=2001%3Aac8%3A20%3A3a00%3A1012%3A2891%3Ada3b%3A9a9f&id=o-ABlsKSwmVEu3BN-qaw3WSbm87KjXv_JteoFXAEjYM9ls&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=Nd&mm=31%2C29&mn=sn-2gb7sn7z%2Csn-aigzrn7l&ms=au%2Crdu&mv=m&mvi=6&pl=49&initcwndbps=190000&spc=SFxXNhPiS-rMJb_fF2KRa5IvFUTgW1c&vprv=1&mime=video%2Fwebm&ns=NBDw8_bkOa3eGP2qNJ7a4ccJ&gir=yes&clen=12501039&dur=125.520&lmt=1649380657177802&mt=1669658031&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=vgFALhntxYmD2w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMq4M_4QlnToqzWTBLPxyzqoX9TA3s2IEWG9GxgQB3HbAiEA0raxcEUh9ZTENc8C8zj_QLEm2JAyWwEU5GXsiDiwmrQ%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgQXJBo0ozkYSpgEomZp9WatEP5LuG8S1LOuJknKyOv3YCIQC8uYO66pivgg3E_s7wrzzE8cvZWgC-J1LS3Gw7OOn0gA%3D%3D&alr=yes&cpn=c-ovOIdr-xM8UDO1&cver=1.20221120.00.00&range=0-635&rn=4&rbuf=0&pot=D-qPGwbgWKOe6res4UsT3QAsAF8_pUV55KtuX2DF509nr8NQ-STnkXhnKQEhrFL4UevVk0o-HCwNvA2PBZnYVyN5X3SWn03faFdXbIfrB9cHEIXTzcBnZmzbxnjCJ9U2NjTjyZE=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:1::c , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

842c4f990a100708deb27a52c6c453eb60cedd4902ebadbd8b8b985d79a2af90

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

client-protocol: quic
date: Mon, 28 Nov 2022 18:00:24 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1281
last-modified: Wed, 02 May 2007 10:26:10 GMT
server: gvs 1.0
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 28 Nov 2022 18:00:24 GMT

GET
H3 200 AMLnZu-0S7e1Gvw6dWdJJ5zVZ-hM5alzGdbyi_BaduKA=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 80B6 4 KB
4 KB 82ms
66ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu-0S7e1Gvw6dWdJJ5zVZ-hM5alzGdbyi_BaduKA=s88-c-k-c0x00ffffff-no-rj

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

37919b6057b25be73140078734123c3f97680ab60278b6abdcd6048486c189d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 18:00:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v5c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3708
x-xss-protection: 0
expires: Tue, 29 Nov 2022 18:00:24 GMT

GET
H3 200 videoplayback Show response
rr5---sn-4g5edndk.googlevideo.com/ Frame 80B6 636 B
662 B 51ms
50ms Fetch
video/webm 2a00:1450:4001:23::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1669680023&ei=N_eEY_DnM8Si1gKL2IHoCQ&ip=2001%3Aac8%3A20%3A3a00%3A1012%3A2891%3Ada3b%3A9a9f&id=o-ABlsKSwmVEu3BN-qaw3WSbm87KjXv_JteoFXAEjYM9ls&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=SFxXNhPiS-rMJb_fF2KRa5IvFUTgW1c&vprv=1&mime=video%2Fwebm&ns=NBDw8_bkOa3eGP2qNJ7a4ccJ&gir=yes&clen=12501039&dur=125.520&lmt=1649380657177802&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=vgFALhntxYmD2w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMq4M_4QlnToqzWTBLPxyzqoX9TA3s2IEWG9GxgQB3HbAiEA0raxcEUh9ZTENc8C8zj_QLEm2JAyWwEU5GXsiDiwmrQ%3D&alr=yes&cpn=c-ovOIdr-xM8UDO1&cver=1.20221120.00.00&redirect_counter=1&cm2rm=sn-2gbe67d&cms_redirect=yes&cmsv=e&mh=Nd&mm=34&mn=sn-4g5edndk&ms=ltu&mt=1669658231&mv=m&mvi=5&pl=49&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAMsm8nbvBgVnwS4WuxMd9kyU8LbFap0lOXgQUl4kX4YpAiEA3id7J8ug8H4GB1PjshGIn7L97I25pyBkFHbqzMfiGOo%3D&range=0-635&rn=5&rbuf=0&pot=D-qPGwbgWKOe6res4UsT3QAsAF8_pUV55KtuX2DF509nr8NQ-STnkXhnKQEhrFL4UevVk0o-HCwNvA2PBZnYVyN5X3SWn03faFdXbIfrB9cHEIXTzcBnZmzbxnjCJ9U2NjTjyZE=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:23::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

d52ab5e594a1a9735a81061a65f733ee85321e89bbd6737b04dc5c0c4792d762

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

client-protocol: quic
date: Mon, 28 Nov 2022 18:00:24 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 636
last-modified: Fri, 08 Apr 2022 01:17:37 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 28 Nov 2022 18:00:24 GMT

GET
H3 200 videoplayback Show response
rr6---sn-2gb7sn7z.googlevideo.com/ Frame 80B6 1 KB
1 KB 15ms
15ms Fetch
text/plain 2a00:1450:4014:1::c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr6---sn-2gb7sn7z.googlevideo.com/videoplayback?expire=1669680023&ei=N_eEY_DnM8Si1gKL2IHoCQ&ip=2001%3Aac8%3A20%3A3a00%3A1012%3A2891%3Ada3b%3A9a9f&id=o-ABlsKSwmVEu3BN-qaw3WSbm87KjXv_JteoFXAEjYM9ls&itag=251&source=youtube&requiressl=yes&mh=Nd&mm=31%2C29&mn=sn-2gb7sn7z%2Csn-aigzrn7l&ms=au%2Crdu&mv=m&mvi=6&pl=49&initcwndbps=190000&spc=SFxXNhPiS-rMJb_fF2KRa5IvFUTgW1c&vprv=1&mime=audio%2Fwebm&ns=NBDw8_bkOa3eGP2qNJ7a4ccJ&gir=yes&clen=2014186&dur=125.541&lmt=1649380661289419&mt=1669658031&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=vgFALhntxYmD2w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgWjFCIZ-iVSxfaW48N3cwY97mzBnWX9n2pPFXMbwlK1kCICoD6trntCM65A8b3Yndx1KYqaokAVaqaRc_Fig8Wkcy&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgQXJBo0ozkYSpgEomZp9WatEP5LuG8S1LOuJknKyOv3YCIQC8uYO66pivgg3E_s7wrzzE8cvZWgC-J1LS3Gw7OOn0gA%3D%3D&alr=yes&cpn=c-ovOIdr-xM8UDO1&cver=1.20221120.00.00&range=66020-131555&rn=6&rbuf=3559&pot=D-qPGwbgWKOe6res4UsT3QAsAF8_pUV55KtuX2DF509nr8NQ-STnkXhnKQEhrFL4UevVk0o-HCwNvA2PBZnYVyN5X3SWn03faFdXbIfrB9cHEIXTzcBnZmzbxnjCJ9U2NjTjyZE=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:1::c , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

fa3b7735c3a6917a5526173a700a924f5aad6e5530f0eb58788e38824762fa34

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

client-protocol: quic
date: Mon, 28 Nov 2022 18:00:24 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1207
last-modified: Wed, 02 May 2007 10:26:10 GMT
server: gvs 1.0
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 28 Nov 2022 18:00:24 GMT

GET
H3 200 videoplayback Show response
rr6---sn-2gb7sn7z.googlevideo.com/ Frame 80B6 37 KB
37 KB 14ms
14ms Fetch
video/webm 2a00:1450:4014:1::c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:1::c , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

b5e00cd158e57e94760d24eb2aea39362b591e07d406e7f22e19a6dab82c321a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

client-protocol: quic
date: Mon, 28 Nov 2022 18:00:24 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37866
last-modified: Fri, 08 Apr 2022 01:17:37 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 28 Nov 2022 18:00:24 GMT

GET
H3 204 playback Show response
www.youtube.com/api/stats/ Frame 80B6 0
17 B 17ms
17ms XHR
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=c-ovOIdr-xM8UDO1&ver=2&cmt=0.051&fmt=244&fs=0&rt=0.53&euri=https%3A%2F%2Fresources.cigna.com%2Fc%2Fcigna-global-health-options-international-health-and-wellbeing%3Futm_campaign%3Dim0594-gih-offers-coun&lact=558&cl=489849437&mos=1&volume=100&cbr=Chrome&cbrver=107.0.5304.121&c=WEB_EMBEDDED_PLAYER&cver=1.20221120.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&splay=1&hl=de_DE&cr=DE&len=125.541&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24249176%2C24255165%2C24292955%2C24293803%2C24390013%2C24401290%2C24406605%2C24407200%2C24408610%2C24412676%2C24414162%2C24415865%2C24416291%2C24420781%2C24425860&rtn=8&afmt=251&size=1360%3A1200&inview=0&muted=1&docid=7CX6f68QVkc&ei=N_eEY_DnM8Si1gKL2IHoCQ&plid=AAXui6VA2Dvbqobs&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F7CX6f68QVkc%3Fautoplay%3Dtrue%26cc_load_policy%3D0%26rel%3D0%26start%3D0%26playsinline%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fresources.cigna.com%26widgetid%3D1&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBUEV3RWxRNmJpdENJaVBMNTA0WndGSDhrSDlDTmhmZ3hNUFl3T3Q4VmJJWDJ3UnN4QWJPQVBta0tESXppLVVJdENqVHUxM01ZWG5RbldBSTdXYVRZaU1CeU9JOUszVkRWSFhPcnZCQmxERFBJYkwxbWJHUW1EQjJ1TE5mTTlDbWQzMGgB

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/7CX6f68QVkc?autoplay=true&cc_load_policy=0&rel=0&start=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.cigna.com&widgetid=1
X-YouTube-Client-Version: 1.20221120.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtrT2o4MFF3dzlwQSi37pOcBg%3D%3D
X-YouTube-Ad-Signals: dt=1669658423738&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1360%2C1200&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 18:00:24 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking Show response
www.youtube.com/ Frame 80B6 0
22 B 16ms
15ms XHR
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=7CX6f68QVkc&cpn=c-ovOIdr-xM8UDO1&ei=N_eEY_DnM8Si1gKL2IHoCQ&ptk=youtube_none&pltype=contentugc

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/7CX6f68QVkc?autoplay=true&cc_load_policy=0&rel=0&start=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.cigna.com&widgetid=1
X-YouTube-Client-Version: 1.20221120.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtrT2o4MFF3dzlwQSi37pOcBg%3D%3D
X-YouTube-Ad-Signals: dt=1669658423738&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1360%2C1200&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 18:00:24 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 80B6 28 B
56 B 25ms
25ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
X-Goog-Request-Time: 1669658424366
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/7CX6f68QVkc?autoplay=true&cc_load_policy=0&rel=0&start=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.cigna.com&widgetid=1
X-YouTube-Client-Version: 1.20221120.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtrT2o4MFF3dzlwQSi37pOcBg%3D%3D
X-YouTube-Ad-Signals: dt=1669658423646&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1360%2C1200&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 28 Nov 2022 18:00:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 28 Nov 2022 18:00:24 GMT

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame 80B6 0
19 B 17ms
15ms XHR
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=247&afmt=251&cpn=c-ovOIdr-xM8UDO1&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24249176%2C24255165%2C24292955%2C24293803%2C24390013%2C24401290%2C24406605%2C24407200%2C24408610%2C24412676%2C24414162%2C24415865%2C24416291%2C24420781%2C24425860&cl=489849437&seq=2&docid=7CX6f68QVkc&ei=N_eEY_DnM8Si1gKL2IHoCQ&event=streamingstats&plid=AAXui6VA2Dvbqobs&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F7CX6f68QVkc%3Fautoplay%3Dtrue%26cc_load_policy%3D0%26rel%3D0%26start%3D0%26playsinline%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fresources.cigna.com%26widgetid%3D1&cbr=Chrome&cbrver=107.0.5304.121&c=WEB_EMBEDDED_PLAYER&cver=1.20221120.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&user_intent=0&bh=0.526:3.120,0.547:3.120&cmt=0.526:0.051,0.547:0.073&vps=0.526:PL,0.547:PL,0.547:PL&vfs=0.547:247:247:244:r&view=0.547:1360:1200&bwm=0.547:279776:0.674&bwe=0.547:557132&bat=0.547:1:1&df=0.547:0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/7CX6f68QVkc?autoplay=true&cc_load_policy=0&rel=0&start=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.cigna.com&widgetid=1
X-YouTube-Client-Version: 1.20221120.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtrT2o4MFF3dzlwQSi37pOcBg%3D%3D
X-YouTube-Ad-Signals: dt=1669658423738&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1360%2C1200&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 18:00:24 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 videoplayback Show response
rr5---sn-4g5edndk.googlevideo.com/ Frame 80B6 746 KB
746 KB 8ms
6ms Fetch
video/webm 2a00:1450:4001:23::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1669680023&ei=N_eEY_DnM8Si1gKL2IHoCQ&ip=2001%3Aac8%3A20%3A3a00%3A1012%3A2891%3Ada3b%3A9a9f&id=o-ABlsKSwmVEu3BN-qaw3WSbm87KjXv_JteoFXAEjYM9ls&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=SFxXNhPiS-rMJb_fF2KRa5IvFUTgW1c&vprv=1&mime=video%2Fwebm&ns=NBDw8_bkOa3eGP2qNJ7a4ccJ&gir=yes&clen=12501039&dur=125.520&lmt=1649380657177802&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=vgFALhntxYmD2w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMq4M_4QlnToqzWTBLPxyzqoX9TA3s2IEWG9GxgQB3HbAiEA0raxcEUh9ZTENc8C8zj_QLEm2JAyWwEU5GXsiDiwmrQ%3D&alr=yes&cpn=c-ovOIdr-xM8UDO1&cver=1.20221120.00.00&redirect_counter=1&cm2rm=sn-2gbe67d&cms_redirect=yes&cmsv=e&mh=Nd&mm=34&mn=sn-4g5edndk&ms=ltu&mt=1669658231&mv=m&mvi=5&pl=49&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAMsm8nbvBgVnwS4WuxMd9kyU8LbFap0lOXgQUl4kX4YpAiEA3id7J8ug8H4GB1PjshGIn7L97I25pyBkFHbqzMfiGOo%3D&range=352779-1116832&rn=8&rbuf=5120&pot=D-qPGwbgWKOe6res4UsT3QAsAF8_pUV55KtuX2DF509nr8NQ-STnkXhnKQEhrFL4UevVk0o-HCwNvA2PBZnYVyN5X3SWn03faFdXbIfrB9cHEIXTzcBnZmzbxnjCJ9U2NjTjyZE=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:23::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

cd757ec757b813fd3edaa91ae56b745456dce7e11493b47f9b3859a53febc1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

client-protocol: quic
date: Mon, 28 Nov 2022 18:00:24 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 764054
last-modified: Fri, 08 Apr 2022 01:17:37 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 28 Nov 2022 18:00:24 GMT

GET
H3 200 videoplayback Show response
rr5---sn-4g5edndk.googlevideo.com/ Frame 80B6 64 KB
64 KB 7ms
7ms Fetch
audio/webm 2a00:1450:4001:23::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1669680023&ei=N_eEY_DnM8Si1gKL2IHoCQ&ip=2001%3Aac8%3A20%3A3a00%3A1012%3A2891%3Ada3b%3A9a9f&id=o-ABlsKSwmVEu3BN-qaw3WSbm87KjXv_JteoFXAEjYM9ls&itag=251&source=youtube&requiressl=yes&spc=SFxXNhPiS-rMJb_fF2KRa5IvFUTgW1c&vprv=1&mime=audio%2Fwebm&ns=NBDw8_bkOa3eGP2qNJ7a4ccJ&gir=yes&clen=2014186&dur=125.541&lmt=1649380661289419&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=vgFALhntxYmD2w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgWjFCIZ-iVSxfaW48N3cwY97mzBnWX9n2pPFXMbwlK1kCICoD6trntCM65A8b3Yndx1KYqaokAVaqaRc_Fig8Wkcy&alr=yes&cpn=c-ovOIdr-xM8UDO1&cver=1.20221120.00.00&redirect_counter=1&cm2rm=sn-2gbe67d&cms_redirect=yes&cmsv=e&mh=Nd&mm=34&mn=sn-4g5edndk&ms=ltu&mt=1669658231&mv=m&mvi=5&pl=49&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgcwZQG5xu3dsVaMWGkXny4E5J44-VXzBGXsp6CoICHPMCIQCDU2AfBLRMIH3lqzwlvlTFnypoWL8sJ85ys6C4ZeJH0A%3D%3D&range=66020-131555&rn=9&rbuf=3460&pot=D-qPGwbgWKOe6res4UsT3QAsAF8_pUV55KtuX2DF509nr8NQ-STnkXhnKQEhrFL4UevVk0o-HCwNvA2PBZnYVyN5X3SWn03faFdXbIfrB9cHEIXTzcBnZmzbxnjCJ9U2NjTjyZE=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:23::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

62521de39a0549e16043b1afcad45914f7acc40fd9642e0a2afb053b60a20e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

client-protocol: quic
date: Mon, 28 Nov 2022 18:00:24 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65536
last-modified: Fri, 08 Apr 2022 01:17:41 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 28 Nov 2022 18:00:24 GMT

GET
H3 200 videoplayback Show response
rr5---sn-4g5edndk.googlevideo.com/ Frame 80B6 127 KB
127 KB 7ms
7ms Fetch
audio/webm 2a00:1450:4001:23::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1669680023&ei=N_eEY_DnM8Si1gKL2IHoCQ&ip=2001%3Aac8%3A20%3A3a00%3A1012%3A2891%3Ada3b%3A9a9f&id=o-ABlsKSwmVEu3BN-qaw3WSbm87KjXv_JteoFXAEjYM9ls&itag=251&source=youtube&requiressl=yes&spc=SFxXNhPiS-rMJb_fF2KRa5IvFUTgW1c&vprv=1&mime=audio%2Fwebm&ns=NBDw8_bkOa3eGP2qNJ7a4ccJ&gir=yes&clen=2014186&dur=125.541&lmt=1649380661289419&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=vgFALhntxYmD2w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgWjFCIZ-iVSxfaW48N3cwY97mzBnWX9n2pPFXMbwlK1kCICoD6trntCM65A8b3Yndx1KYqaokAVaqaRc_Fig8Wkcy&alr=yes&cpn=c-ovOIdr-xM8UDO1&cver=1.20221120.00.00&redirect_counter=1&cm2rm=sn-2gbe67d&cms_redirect=yes&cmsv=e&mh=Nd&mm=34&mn=sn-4g5edndk&ms=ltu&mt=1669658231&mv=m&mvi=5&pl=49&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgcwZQG5xu3dsVaMWGkXny4E5J44-VXzBGXsp6CoICHPMCIQCDU2AfBLRMIH3lqzwlvlTFnypoWL8sJ85ys6C4ZeJH0A%3D%3D&range=131556-261147&rn=10&rbuf=7019&pot=D-qPGwbgWKOe6res4UsT3QAsAF8_pUV55KtuX2DF509nr8NQ-STnkXhnKQEhrFL4UevVk0o-HCwNvA2PBZnYVyN5X3SWn03faFdXbIfrB9cHEIXTzcBnZmzbxnjCJ9U2NjTjyZE=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:23::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c9b99786d6f3c6711a97536362e75e327e75ec25e926bc57911bf3798c156726

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

client-protocol: quic
date: Mon, 28 Nov 2022 18:00:24 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129592
last-modified: Fri, 08 Apr 2022 01:17:41 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 28 Nov 2022 18:00:24 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/107/ Frame 80B6 52 KB
15 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/107/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 09:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 15:03:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 29 Nov 2022 09:36:23 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 80B6 28 B
56 B 18ms
18ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
X-Goog-Request-Time: 1669658426184
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/7CX6f68QVkc?autoplay=true&cc_load_policy=0&rel=0&start=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.cigna.com&widgetid=1
X-YouTube-Client-Version: 1.20221120.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtrT2o4MFF3dzlwQSi37pOcBg%3D%3D
X-YouTube-Ad-Signals: dt=1669658423646&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1360%2C1200&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 28 Nov 2022 18:00:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 28 Nov 2022 18:00:26 GMT

GET
H3 200 videoplayback Show response
rr5---sn-4g5edndk.googlevideo.com/ Frame 80B6 221 KB
221 KB 10ms
9ms Fetch
audio/webm 2a00:1450:4001:23::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1669680023&ei=N_eEY_DnM8Si1gKL2IHoCQ&ip=2001%3Aac8%3A20%3A3a00%3A1012%3A2891%3Ada3b%3A9a9f&id=o-ABlsKSwmVEu3BN-qaw3WSbm87KjXv_JteoFXAEjYM9ls&itag=251&source=youtube&requiressl=yes&spc=SFxXNhPiS-rMJb_fF2KRa5IvFUTgW1c&vprv=1&mime=audio%2Fwebm&ns=NBDw8_bkOa3eGP2qNJ7a4ccJ&gir=yes&clen=2014186&dur=125.541&lmt=1649380661289419&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=vgFALhntxYmD2w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgWjFCIZ-iVSxfaW48N3cwY97mzBnWX9n2pPFXMbwlK1kCICoD6trntCM65A8b3Yndx1KYqaokAVaqaRc_Fig8Wkcy&alr=yes&cpn=c-ovOIdr-xM8UDO1&cver=1.20221120.00.00&redirect_counter=1&cm2rm=sn-2gbe67d&cms_redirect=yes&cmsv=e&mh=Nd&mm=34&mn=sn-4g5edndk&ms=ltu&mt=1669658231&mv=m&mvi=5&pl=49&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgcwZQG5xu3dsVaMWGkXny4E5J44-VXzBGXsp6CoICHPMCIQCDU2AfBLRMIH3lqzwlvlTFnypoWL8sJ85ys6C4ZeJH0A%3D%3D&range=261148-487710&rn=11&rbuf=12271&pot=D-qPGwbgWKOe6res4UsT3QAsAF8_pUV55KtuX2DF509nr8NQ-STnkXhnKQEhrFL4UevVk0o-HCwNvA2PBZnYVyN5X3SWn03faFdXbIfrB9cHEIXTzcBnZmzbxnjCJ9U2NjTjyZE=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:23::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

7dbcb93af2e218c465745046b236d5fc9eef41926e57263895aa31272a5f65b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

client-protocol: quic
date: Mon, 28 Nov 2022 18:00:26 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 226563
last-modified: Fri, 08 Apr 2022 01:17:41 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21297
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 28 Nov 2022 18:00:26 GMT

GET
H3 200 videoplayback Show response
rr5---sn-4g5edndk.googlevideo.com/ Frame 80B6 1 MB
1 MB 7ms
7ms Fetch
video/webm 2a00:1450:4001:23::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1669680023&ei=N_eEY_DnM8Si1gKL2IHoCQ&ip=2001%3Aac8%3A20%3A3a00%3A1012%3A2891%3Ada3b%3A9a9f&id=o-ABlsKSwmVEu3BN-qaw3WSbm87KjXv_JteoFXAEjYM9ls&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=SFxXNhPiS-rMJb_fF2KRa5IvFUTgW1c&vprv=1&mime=video%2Fwebm&ns=NBDw8_bkOa3eGP2qNJ7a4ccJ&gir=yes&clen=12501039&dur=125.520&lmt=1649380657177802&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=vgFALhntxYmD2w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMq4M_4QlnToqzWTBLPxyzqoX9TA3s2IEWG9GxgQB3HbAiEA0raxcEUh9ZTENc8C8zj_QLEm2JAyWwEU5GXsiDiwmrQ%3D&alr=yes&cpn=c-ovOIdr-xM8UDO1&cver=1.20221120.00.00&redirect_counter=1&cm2rm=sn-2gbe67d&cms_redirect=yes&cmsv=e&mh=Nd&mm=34&mn=sn-4g5edndk&ms=ltu&mt=1669658231&mv=m&mvi=5&pl=49&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAMsm8nbvBgVnwS4WuxMd9kyU8LbFap0lOXgQUl4kX4YpAiEA3id7J8ug8H4GB1PjshGIn7L97I25pyBkFHbqzMfiGOo%3D&range=1116833-2590061&rn=12&rbuf=11940&pot=D-qPGwbgWKOe6res4UsT3QAsAF8_pUV55KtuX2DF509nr8NQ-STnkXhnKQEhrFL4UevVk0o-HCwNvA2PBZnYVyN5X3SWn03faFdXbIfrB9cHEIXTzcBnZmzbxnjCJ9U2NjTjyZE=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:23::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

af958458b163cb49bf7890e674621595dc6b8d2141db900c231a32d8d0eac72a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

client-protocol: quic
date: Mon, 28 Nov 2022 18:00:27 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1473229
last-modified: Fri, 08 Apr 2022 01:17:37 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21296
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 28 Nov 2022 18:00:27 GMT

POST
H3 204 atr Show response
www.youtube.com/api/stats/ Frame 80B6 0
22 B 20ms
20ms XHR
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=c-ovOIdr-xM8UDO1&ver=2&cmt=4.589&fmt=247&fs=0&rt=5.063&euri=https%3A%2F%2Fresources.cigna.com%2Fc%2Fcigna-global-health-options-international-health-and-wellbeing%3Futm_campaign%3Dim0594-gih-offers-coun&lact=5091&cl=489849437&mos=1&volume=100&cbr=Chrome&cbrver=107.0.5304.121&c=WEB_EMBEDDED_PLAYER&cver=1.20221120.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&splay=1&hl=de_DE&cr=DE&len=125.541&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24249176%2C24255165%2C24292955%2C24293803%2C24390013%2C24401290%2C24406605%2C24407200%2C24408610%2C24412676%2C24414162%2C24415865%2C24416291%2C24420781%2C24425860&afmt=251&muted=1&docid=7CX6f68QVkc&ei=N_eEY_DnM8Si1gKL2IHoCQ&plid=AAXui6VA2Dvbqobs&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F7CX6f68QVkc%3Fautoplay%3Dtrue%26cc_load_policy%3D0%26rel%3D0%26start%3D0%26playsinline%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fresources.cigna.com%26widgetid%3D1&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBUEV3RWxRNmJpdENJaVBMNTA0WndGSDhrSDlDTmhmZ3hNUFl3T3Q4VmJJWDJ3UnN4QWJPQVBta0tESXppLVVJdENqVHUxM01ZWG5RbldBSTdXYVRZaU1CeU9JOUszVkRWSFhPcnZCQmxERFBJYkwxbWJHUW1EQjJ1TE5mTTlDbWQzMGgB

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/7CX6f68QVkc?autoplay=true&cc_load_policy=0&rel=0&start=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fresources.cigna.com&widgetid=1
X-YouTube-Client-Version: 1.20221120.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtrT2o4MFF3dzlwQSi37pOcBg%3D%3D
X-YouTube-Ad-Signals: dt=1669658423738&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1360%2C1200&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 18:00:28 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cigna.com/	1970-01-20 17:23:38	Name: vid Value: 7742bcb0-4faa-4c58-9b0d-49e2f4c8c493
resources.cigna.com/	1970-01-20 17:23:38	Name: _session_id Value: cjE4T3FkTEFQNDd4Wm05djdZRXdaaEVlYW1aZi9FVElubWxRdnVyQlFoUlZhazBTS29oQitpd3FGblE0YzBZZkdYaVlJbjlqa3ZVMWpzb1F5UitYaEpPMXdhQmdYWklmSXZoRk5FRXpOd2dsSDJrcTRHcVBwUHI5N0NYRHlwUmx3dDJ0eHVWZjZ6bTlWOHFkcWtLNEM2RnRSSU5IS0tJaE5lNCtNbGNkbDdGZDR3STRLclIweXJWYlhqREl1dVFJUnNRODJUMXlUdGFyQkY1WS8razZJQ2IrUDFpZ0FmSVVjRHcrS3hsM1B1R2FUQkJLT0pld242RTJtcjgzaSt6TXVDOHNSandrUGlYejN4M3BWWHhQV2JkV244VVQ3RmJuMnV0WWhRaDQ1UVU9LS1TeVNINzQwd0ZMZ0hrNnBmZ0VsWE9nPT0%3D--5b5d36907388895e79a1f7f60903ebe4301ddc3e
.cigna.com/	1970-01-20 09:57:14	Name: _gcl_au Value: 1.1.1742742672.1669658422
.eloqua.com/	1970-01-20 17:16:26	Name: ELOQUA Value: GUID=4B56650CBB464E9B880364E31ECB5E3A
.eloqua.com/	1970-01-20 17:16:26	Name: ELQSTATUS Value: OK
.doubleclick.net/	1970-01-20 07:47:39	Name: test_cookie Value: CheckForPermission
.cigna.com/	1970-01-20 17:23:38	Name: _ga Value: GA1.2.588265052.1669658423
.cigna.com/	1970-01-20 07:49:04	Name: _gid Value: GA1.2.962017250.1669658423
.cigna.com/	1970-01-20 07:47:38	Name: _gat_UA-19752341-2 Value: 1
.cigna.com/	1970-01-20 07:47:40	Name: _pf_ses.1a81 Value: *
.cigna.com/	1970-01-20 17:23:38	Name: _pf_id.1a81 Value: 7742bcb0-4faa-4c58-9b0d-49e2f4c8c493.1669658423.1.1669658423.1669658423.9aa5a59a-3dee-488d-acd6-9d3b61c93114
.resources.cigna.com/	1970-01-20 07:49:04	Name: ln_or Value: d
.cigna.com/	1970-01-20 09:57:14	Name: _fbp Value: fb.1.1669658422714.303350564
.linkedin.com/	1970-01-20 08:30:50	Name: UserMatchHistory Value: AQLeGmeeiTDidAAAAYS_Za2xO80caxgcoQINMQ7-ISS_9-WUi_rjCuHhq__Iqz-_6x0-rdUYw1OJcg
.linkedin.com/	1970-01-20 08:30:50	Name: AnalyticsSyncHistory Value: AQJlr3CBxChEqQAAAYS_Za2xg02g6HNvBGb3gayMccn0B0wixLhKbSDVduzTSXVpvrBfdaYW0FWQ2aQmmFFDgw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:33:14	Name: bcookie Value: "v=2&4bc94fb7-1eb6-41bd-8e9f-871a7849bb1d"
.linkedin.com/	1970-01-20 07:49:04	Name: lidc Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2435:u=1:x=1:i=1669658422:t=1669744822:v=2:sig=AQH7RYLTpAENrw7XOi-9DXmQNGdBUCm5"
.twitter.com/	1970-01-20 17:23:38	Name: personalization_id Value: "v1_m7XabtOk56rrT9p2hapvbQ=="
.t.co/	1970-01-20 17:23:38	Name: muc_ads Value: a209ef07-33e6-4fb3-8dc2-64d2676edc41
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 16:33:14	Name: bscookie Value: "v=1&202211281800229dcdf0b2-9205-4f4a-8619-708847cff452AQGssruzFljgPL0jNvp-e3uDZd7_lWCo"
.linkedin.com/	1970-01-20 12:06:50	Name: li_gc Value: MTswOzE2Njk2NTg0MjI7MjswMjGDXp47R+hHuCVBXHuic7mNDhc+kVkT/rCTEcO1Gpn9nA==
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 2Dr-_cYcQHw
.youtube.com/	1970-01-20 12:06:50	Name: VISITOR_INFO1_LIVE Value: kOj80Qww9pA
jukebox.pathfactory.com/	1970-01-20 17:23:38	Name: _session_id Value: bHFqK3B0S1ExOHM2Y2JIeCtZeFhpQ0lxRytlSVpxTmt4M0U5YzkrRGt5Myt0blducTZRcGlxMDdiYk1na3EyZnZ0N2xTd0pzVEVkVWZ3Y1lSQ2JPdE9KV0ZpaW9FMUxnSE9uR2htOHhHZCtNSXhnbmNYTTVPbmxJOWNMQW1pQnhKQnhIbG1PVit4d3RNWjVKRXhpQlBvQWYvbklTSjlLSFNvUVd5M0M3RHFTdzNXMk8rV21ycU1HYVB6ZXpNd2ZpLS1OVUhtWW50eUVsSE92R0hMOCsxMCtRPT0%3D--a4507e2db0faf65c790ff9050538021458c50ff7

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
cdn-app.pathfactory.com
cdn.linkedin.oribi.io
cdn.pathfactory.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
img.en25.com
jnn-pa.googleapis.com
jukebox.pathfactory.com
maxcdn.bootstrapcdn.com
overpass-30e2.kxcdn.com
px.ads.linkedin.com
px4.ads.linkedin.com
resources.cigna.com
rr5---sn-4g5edndk.googlevideo.com
rr6---sn-2gb7sn7z.googlevideo.com
s1325061471.t.eloqua.com
snap.licdn.com
spcollector.pathfactory.com
static.ads-twitter.com
static.doubleclick.net
stats.g.doubleclick.net
t.co
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.youtube.com
yt3.ggpht.com
104.244.42.197
104.244.42.3
13.107.42.14
13.224.189.61
13.225.78.46
146.75.116.157
192.29.202.153
2600:9000:20eb:d800:2:53b2:240:93a1
2606:4700::6812:bcf
2620:1ec:21::14
2a00:1450:4001:23::a
2a00:1450:4001:806::2002
2a00:1450:4001:806::200a
2a00:1450:4001:808::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::200a
2a00:1450:4001:813::2008
2a00:1450:4001:828::2003
2a00:1450:4001:829::2003
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2001
2a00:1450:4001:830::200e
2a00:1450:400c:c08::9a
2a00:1450:4014:1::c
2a02:26f0:3500:16::215:14a0
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a0b:4d07:101::1
34.193.254.111
34.202.57.97
34.235.48.117
96.16.149.96
1a2f4825c8e213c972ccf1448272d6949ad43cf6104eaa5ace0ecc0dabdf58d0
1bc20de172e3638583a479556fc7cde9419bfba68146e56a850361e6161cf9ee
226ed747aa9dba9ba2a76bb936e50f283e3d3c0a83a9a4bd6a8c6e53bf615014
25071ca1e2ba0e5da1d3c13c37c5145c78f1f21b3f35ca131ca2bda714218a29
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2c84e1ded68db4fc338c3d88604b62ed34fc7c2635a7ad27024f65d49b3f8730
2edb990df0c7a958793fe26128c466dc90dfa81f1ce8f5442cb2c227924721fe
30203167cf63b54e8d7f55130b9caebc47b0ce38d1afa44e0614bc3ee47903b6
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
37919b6057b25be73140078734123c3f97680ab60278b6abdcd6048486c189d7
37e9001ea962d0f577df82ef7744fb89ab3524251abbefde8d3a34177a8295a5
390aca4ba708128182c4802df7c4a1d3a85566b96bf2542caa3b4ea1f1507c1a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4293ab35acbfd272f5b1f556206a46be9671dedd0e7a6fffcf4d5340127d2d24
4648272207fa05ed93c9265280409cae81de1d13d38128f089f00ab5a9d99fe3
474257ee3b4fe0a0713de11a04598a6dc15b8b5f92c7f83963f96d757c35cb95
47879e9a46a232ac6fa8931b17f3dbe8a09ea02497c2394abf2e45c431b9b5ac
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4d1ffc8a1ac17c77bb53c5d0350cf74f8c6f726a89ad63da47e35bc908dce8b4
5609bd45a314a65c3fc9798413d715a97645e86da4c6b101c9bac909443cbc29
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e4b1e5b7392127cd396407257fb87549778aa7eb7eec02b3b75e4d8862b6603
62521de39a0549e16043b1afcad45914f7acc40fd9642e0a2afb053b60a20e93
641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c
66eef4de632b046f3c7decf11eb87ee10aba16a87f837d414eeb09b043aed338
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68b45aae6ef7af08f3ef232ac69fba8e6f6372d8858798049b1e44bf70d3f13d
746c15d9337027224b013b04a70a580432f4422e5e409d919e9851ebf7291337
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7dbcb93af2e218c465745046b236d5fc9eef41926e57263895aa31272a5f65b1
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
842c4f990a100708deb27a52c6c453eb60cedd4902ebadbd8b8b985d79a2af90
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8d88570992716a4ec3afa008e9e4162144e37ac9be5553ddf1ebb0f030d1b601
96066ec3a3157d6eaa029d2096a741c962a13c753420b7adc325d20708c92c61
a7524eebaf6c04d5e5ed8e12b5217e52649627c2d38b9c60e4dff44da0408e75
a876a773b46aea97d22c1f84dac918fbc98ee3c1e1729f21cef7911de52f141e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad0ba45d2e1f386dfd957528be6f59bafd511511dc782cce452c8b6da76a2671
af958458b163cb49bf7890e674621595dc6b8d2141db900c231a32d8d0eac72a
b25e835722ffbec8ab733d999dc194aa9ef7fcf00edc594e453f2823e0c65fb9
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b47e5ab37362998b55b8d8eddca591867a23f45f2d8169f07e0d908463cd375c
b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d
b5e00cd158e57e94760d24eb2aea39362b591e07d406e7f22e19a6dab82c321a
b63ed4c3792f6acb0b70a6083ad090bbac092cfcf021106be33f5f73690363e4
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
c2995690e9dfac900bebef6d09af2b89ddaa8a699ad19a0339d2938171b2d1ba
c9b99786d6f3c6711a97536362e75e327e75ec25e926bc57911bf3798c156726
cd757ec757b813fd3edaa91ae56b745456dce7e11493b47f9b3859a53febc1b7
cd95ed1dc6e84cac53ee409bfe80e6a985e0efbba98dcba010a5bf2b76fdd2f3
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
d52ab5e594a1a9735a81061a65f733ee85321e89bbd6737b04dc5c0c4792d762
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d5ede70cfadefa2a0ca8691601150ec79009267e0964f554c11dd7b1732696e9
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
daf81dbb695ef5ec2e72cef0cead0f8fa7bc322194655cd84a12271ae27f8a3d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e24d71c1baffc233161f458363d51605af4c6701940faa52af5003f59b7a90ba
e273dad40433293a24424c560cf6e6899e6cc6ee0a2b1731e985543ba015196c
e377112ea53b1938ef5295e75c91080ea8ade8c8fb3642a0898a6ab1ceeb637c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b0b4b58871f41650cb4963d0ff110bb2c209bcb6f12c7f3348d306329d4887
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
fa3b7735c3a6917a5526173a700a924f5aad6e5530f0eb58788e38824762fa34
fe65bfd909ac7e21df1d0ceec09263795de5beb2504bb6c286a62a64b89edbd4

resources.cigna.com Open in urlscan Pro 34.193.254.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

101 Requests

97 %HTTPS

67 %IPv6

24 Domains

34 Subdomains

33 IPs

6 Countries

5203 kBTransfer

10281 kBSize

26 Cookies

2 Outgoing links

Page URL History

Redirected requests

101 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

resources.cigna.com Open in urlscan Pro
34.193.254.111 Public Scan

Screenshot
Live screenshot

Full Image

101
Requests

97 %
HTTPS

67 %
IPv6

24
Domains

34
Subdomains

33
IPs

6
Countries

5203 kB
Transfer

10281 kB
Size

26
Cookies

101 HTTP transactions
2 data transactions