anorthography.e-manager.site Open in urlscan Pro
2606:4700:3037::6815:4eba Public Scan

Go To Rescan
Add Verdict Report

URL:
http://anorthography.e-manager.site/pningstider/julius-baer-hong-kong-e-banking.php
Submission: On August 09 via manual (August 9th 2021, 11:11:46 am UTC) from CH

Summary HTTP 31 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 11 domains to perform 31 HTTP transactions. The main IP is 2606:4700:3037::6815:4eba, located in United States and belongs to CLOUDFLARENET, US. The main domain is anorthography.e-manager.site.

This is the only time anorthography.e-manager.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:303... 2606:4700:3037::6815:4eba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1 2	94.126.17.3 94.126.17.3	21069 (ASN-METAN...) (ASN-METANET Routingpeering issues: noc@metanet.ch)
1 3	194.38.241.33 194.38.241.33	207308 (BJB2-AS) (BJB2-AS)
9	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
31	13

9 2606:4700:3037::6815:4eba (United States)

ASN13335 (CLOUDFLARENET, US)

anorthography.e-manager.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.126.17.3 (Switzerland) 1 redirects

ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH)

www.finews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.finews.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 194.38.241.33 (Singapore) 1 redirects

ASN207308 (BJB2-AS, CH)

ebankinghk.juliusbaer.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	youtube.com www.youtube.com	664 KB
9	e-manager.site anorthography.e-manager.site	34 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	54 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net static.doubleclick.net	399 B
3	juliusbaer.asia 1 redirects ebankinghk.juliusbaer.asia	3 KB
1	ytimg.com i.ytimg.com	68 KB
1	ggpht.com yt3.ggpht.com	2 KB
1	google.com www.google.com	13 KB
1	finews.ch www.finews.ch	50 KB
1	finews.com 1 redirects www.finews.com	999 B
1	googleapis.com fonts.googleapis.com	3 KB
31	11

	Domain	Requested by
9	www.youtube.com	anorthography.e-manager.site www.youtube.com
9	anorthography.e-manager.site	anorthography.e-manager.site
3	fonts.gstatic.com	www.youtube.com fonts.googleapis.com
3	ebankinghk.juliusbaer.asia	1 redirects anorthography.e-manager.site
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
1	www.gstatic.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	www.finews.ch	anorthography.e-manager.site
1	www.finews.com	1 redirects
1	fonts.googleapis.com	anorthography.e-manager.site
31	13

This site contains links to these domains. Also see Links.

Domain
britzka.pofkapparel.xyz

Subject Issuer	Validity	Valid
finews.ch R3	`2021-06-17` - `2021-09-15`	3 months	crt.sh
ebankinghk.juliusbaer.asia DigiCert SHA2 Extended Validation Server CA	`2021-08-05` - `2022-08-05`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://anorthography.e-manager.site/pningstider/julius-baer-hong-kong-e-banking.php
Frame ID: AAA7934166098E47C68D2BEC81B21C18
Requests: 15 HTTP requests in this frame

Frame: https://www.youtube.com/embed/UI6PDQsyYVc
Frame ID: B02E4F82447E9645211B3236A795D305
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i
html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

html /<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com\/(?:v|embed)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

31
Requests

61 %
HTTPS

85 %
IPv6

11
Domains

13
Subdomains

13
IPs

4
Countries

890 kB
Transfer

2824 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://britzka.pofkapparel.xyz/hotel/wwwcarefirstcom-login.php
Title: www.carefirst.com login

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://www.finews.com/images/news/2019/02/Julius_Baer_HK_500.jpg HTTP 301
https://www.finews.ch/images/news/2019/02/Julius_Baer_HK_500.jpg

Request Chain 11

http://ebankinghk.juliusbaer.asia/Login-App/images/logos/baer_online.jpg;jsessionid=xwihTGRgHYF04D2dkkjPOzbO HTTP 302
https://ebankinghk.juliusbaer.asia/Login-App/images/logos/baer_online.jpg;jsessionid=xwihTGRgHYF04D2dkkjPOzbO

Request Chain 20

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

31 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request julius-baer-hong-kong-e-banking.php Show response
anorthography.e-manager.site/pningstider/ 12 KB
5 KB 66ms
48ms Document
text/html 2606:4700:3037::6815:4eba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://anorthography.e-manager.site/pningstider/julius-baer-hong-kong-e-banking.php
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2fcfcb58ae0b3ade1bdf85ab3ce10c87d3ac14415ae64943d921688640d1f6c

Request headers

Host: anorthography.e-manager.site
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 11:11:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ljodPPi24OAqjgHCxJH1tT6qvcQDk6I%2FLA1dc23LUmuO3aqx8U0i0yDpqC1KSdjYrecVRzo5tkCCP%2B%2BfEujDLyzwiBFCPHwdGaZ4qRxHHqRcD2wefFP2ltcF2uvh6TJ7%2Fht%2BUyN%2Fbc%2BtTJDzJZjZBdfWsYCyxnABtlh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 67c08b2f19d54a7f-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK 1new.css
anorthography.e-manager.site/ 2 KB
2 KB 42ms
41ms Stylesheet
text/css 2606:4700:3037::6815:4eba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://anorthography.e-manager.site/1new.css
Requested by: Host: anorthography.e-manager.site
URL: http://anorthography.e-manager.site/pningstider/julius-baer-hong-kong-e-banking.php
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f27b505f9c5d43f942564936f6e47a8b31c7b01f508b9ee467b59c52b28c75f7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: anorthography.e-manager.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://anorthography.e-manager.site/pningstider/julius-baer-hong-kong-e-banking.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://anorthography.e-manager.site/pningstider/julius-baer-hong-kong-e-banking.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 11:11:26 GMT
content-encoding: gzip
CF-Cache-Status: MISS
last-modified: Sat, 07 Aug 2021 14:27:38 GMT
Server: cloudflare
etag: W/"610e985a-862"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OI7W8T2v7WOMi7N7YR72e4%2FN%2FSC1VE1bYS6qg9l7KMpW9nwENERrjzsW9X%2Bdsrq%2FpCL1y%2FsvhYq3whTh3f6q18WbLw6TYVzotMrX1gOBGvQhF4acRNBXNxM%2BjjZo4Fd8PACmbeO%2BHEcWOq4vLaOKhSH%2BxoBYa2SHdwNk"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
cache-control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 67c08b2f7a994a7f-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK style.min.css
anorthography.e-manager.site/wp-includes/css/dist/block-library/ 40 KB
7 KB 46ms
40ms Stylesheet
text/css 2606:4700:3037::6815:4eba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://anorthography.e-manager.site/wp-includes/css/dist/block-library/style.min.css?ver=5.3
Requested by: Host: anorthography.e-manager.site
URL: http://anorthography.e-manager.site/pningstider/julius-baer-hong-kong-e-banking.php
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: anorthography.e-manager.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://anorthography.e-manager.site/pningstider/julius-baer-hong-kong-e-banking.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://anorthography.e-manager.site/pningstider/julius-baer-hong-kong-e-banking.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 11:11:26 GMT
content-encoding: gzip
CF-Cache-Status: MISS
last-modified: Sat, 07 Aug 2021 14:27:38 GMT
Server: cloudflare
etag: W/"610e985a-a1fb"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JgUhmLozd%2BlNKL%2F1SA45%2FVk7vRrBeHszY4uj7GAU%2Fy4bUVULKxq35umHB6q40Arl5qZaTBSjVNT3GoGhqXe6RQwjtIk%2FMQ6lmkfFtDCypHfK2NHhklUJaiAyq%2Fp9cq3fXuQhk6VVWAsRJLKkpxA%2BwwWMKmBMVPOKXgh0"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
cache-control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 67c08b2f7ddc1f35-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK style.css
anorthography.e-manager.site/wp-content/themes/skt-filmmaker/ 47 KB
10 KB 52ms
46ms Stylesheet
text/css 2606:4700:3037::6815:4eba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://anorthography.e-manager.site/wp-content/themes/skt-filmmaker/style.css?ver=5.3
Requested by: Host: anorthography.e-manager.site
URL: http://anorthography.e-manager.site/pningstider/julius-baer-hong-kong-e-banking.php
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32ff0c70e4bef1b465451fa4d6bcc51f111cf485732438e804aaeed1f432badb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: anorthography.e-manager.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://anorthography.e-manager.site/pningstider/julius-baer-hong-kong-e-banking.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://anorthography.e-manager.site/pningstider/julius-baer-hong-kong-e-banking.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 11:11:26 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sat, 07 Aug 2021 14:27:38 GMT
Server: cloudflare
ETag: W/"610e985a-bc1a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lyc%2FISwDlmp%2FhW7GodOlhpr%2B%2FH7KP01W8atyCn7t%2FIFMlQ3jxlqDQCxxh6X%2FU8s3AIguJaePdz4h9OnWFHp5PS1Cq6QDn2phAZNwpwef9QOtgywMujoSTYGFqJomtKGeJS1zSFQvg0l0tKhZiLwJbAGYNBOQ4mlaq2Fh"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 67c08b2f7c954eda-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK responsive.css
anorthography.e-manager.site/wp-content/themes/skt-filmmaker/css/ 16 KB
4 KB 57ms
50ms Stylesheet
text/css 2606:4700:3037::6815:4eba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://anorthography.e-manager.site/wp-content/themes/skt-filmmaker/css/responsive.css?ver=5.3
Requested by: Host: anorthography.e-manager.site
URL: http://anorthography.e-manager.site/pningstider/julius-baer-hong-kong-e-banking.php
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbe13c7fe2bd655e144ddcf500dd389d499cae03a784744c073ebad02ad23d16

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: anorthography.e-manager.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://anorthography.e-manager.site/pningstider/julius-baer-hong-kong-e-banking.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://anorthography.e-manager.site/pningstider/julius-baer-hong-kong-e-banking.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 11:11:26 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sat, 07 Aug 2021 14:27:38 GMT
Server: cloudflare
ETag: W/"610e985a-3f7c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxm4fpKxxUEHVVbvzQTrNs6okzhpZa0HLWwmc5I8NtrKUsvv5aYG7Gacrw0ZWVjBgWqOQXBLQWzqVZfakd4i3TuuIKfpQuwwaxM35PLH6xyAu7oel0GJLfYUTM0rqVyfM%2BLCGAz8tONxmRIjFneAg%2FkUGrAT%2FliInuXV"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 67c08b2f7d6b05f5-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 54 KB
3 KB 18ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i%7CAssistant%3A200%2C300%2C400%2C600%2C700%2C800%7CAnton%3A400%7CPlayfair+Display%3A400%2C400i%2C700%2C700i%2C900%2C900i%7COswald%3A200%2C300%2C400%2C500%2C600%2C700%7CSix+Caps%3A400&ver=5.3

Requested by

Host: anorthography.e-manager.site
URL: http://anorthography.e-manager.site/pningstider/julius-baer-hong-kong-e-banking.php

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

964964fcb9b138c3e1ee9c404f39b0ce4cc1b0175d2dba591a7d40109e71c9a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://anorthography.e-manager.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 11:11:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 09 Aug 2021 11:11:26 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Mon, 09 Aug 2021 11:11:26 GMT

GET
H/1.1 200
OK editor-style.css
anorthography.e-manager.site/wp-content/themes/skt-filmmaker/ 139 B
894 B 54ms
48ms Stylesheet
text/css 2606:4700:3037::6815:4eba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://anorthography.e-manager.site/wp-content/themes/skt-filmmaker/editor-style.css?ver=5.3
Requested by: Host: anorthography.e-manager.site
URL: http://anorthography.e-manager.site/pningstider/julius-baer-hong-kong-e-banking.php
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3db7d0589ac0ea178c38857837425f8c636023ce573b2ba0dd41c4de17d0cdd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: anorthography.e-manager.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://anorthography.e-manager.site/pningstider/julius-baer-hong-kong-e-banking.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://anorthography.e-manager.site/pningstider/julius-baer-hong-kong-e-banking.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 11:11:26 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
last-modified: Sat, 07 Aug 2021 14:27:38 GMT
Server: cloudflare
etag: W/"610e985a-8b"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CF6RsHq35CyJblC%2BPKqrr3NbSUjvDeLSEo9yjd2%2FQtSCGlsHupziyTfCnWheKIMNPCWU4OvioQgcJXdvXe%2BPK3IFxvjyKKBfZEpGB%2FQmUl%2BNjnoEu6xPQRGizqc430dO501J3gDSeYCecCju9t%2BzEt4wKAu2%2FU0DDxRA"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
cache-control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 67c08b2f78bb2c56-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK nivo-slider.css
anorthography.e-manager.site/wp-content/themes/skt-filmmaker/css/ 3 KB
2 KB 55ms
49ms Stylesheet
text/css 2606:4700:3037::6815:4eba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://anorthography.e-manager.site/wp-content/themes/skt-filmmaker/css/nivo-slider.css?ver=5.3
Requested by: Host: anorthography.e-manager.site
URL: http://anorthography.e-manager.site/pningstider/julius-baer-hong-kong-e-banking.php
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6759d183be5c44e80cc12b1fe1a003d11118055f608440288e138c2400b2fc7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: anorthography.e-manager.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://anorthography.e-manager.site/pningstider/julius-baer-hong-kong-e-banking.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://anorthography.e-manager.site/pningstider/julius-baer-hong-kong-e-banking.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 11:11:26 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sat, 07 Aug 2021 14:27:38 GMT
Server: cloudflare
ETag: W/"610e985a-b70"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MQsfUk10DfBIjWSmHp6shrqGR1BGdV7IO7w1TBj8CkEYKJmKufjoG9qz4yuiZpY%2BnshzefWmDZ%2BDLtE9NY3CbGg43wlyOMbIvnx3DbHMImJW44T6i12BCCszWQmdrllgWwUwpFkVN2wDlF%2FKj8ob6BGZUz1F9n0bk8KN"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 67c08b2f7bfb2c2a-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK style_base.css
anorthography.e-manager.site/wp-content/themes/skt-filmmaker/css/ 8 KB
3 KB 108ms
67ms Stylesheet
text/css 2606:4700:3037::6815:4eba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://anorthography.e-manager.site/wp-content/themes/skt-filmmaker/css/style_base.css?ver=5.3
Requested by: Host: anorthography.e-manager.site
URL: http://anorthography.e-manager.site/pningstider/julius-baer-hong-kong-e-banking.php
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e88e181c14b66b60fd77e076652e7cb4d77f0f77eda4f1805e4eb8773394028

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: anorthography.e-manager.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://anorthography.e-manager.site/pningstider/julius-baer-hong-kong-e-banking.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://anorthography.e-manager.site/pningstider/julius-baer-hong-kong-e-banking.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 11:11:26 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sat, 07 Aug 2021 14:27:38 GMT
Server: cloudflare
ETag: W/"610e985a-210c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QxWtJdmvrS6RjxuA3Ep9idozK7EKA6Zjjy1e7Ttoh%2FY4vw9GwjQGd6K%2BJOSnQ%2Bn62Oc1TsJPhePPqja1Za6sSLxHpZTFXDaYLcTg0gn6UbBYssqpLDU8vOoSDKCXoeAOJEIfjndKxAftz%2FlEom2%2BYKSzFtIDYaU6vEKH"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 67c08b2fbb444a7f-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK skt-filmmaker-custom-style.css
anorthography.e-manager.site/wp-content/themes/skt-filmmaker/css/ 1 B
741 B 75ms
29ms Stylesheet
text/css 2606:4700:3037::6815:4eba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://anorthography.e-manager.site/wp-content/themes/skt-filmmaker/css/skt-filmmaker-custom-style.css?ver=5.3
Requested by: Host: anorthography.e-manager.site
URL: http://anorthography.e-manager.site/pningstider/julius-baer-hong-kong-e-banking.php
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: anorthography.e-manager.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://anorthography.e-manager.site/pningstider/julius-baer-hong-kong-e-banking.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://anorthography.e-manager.site/pningstider/julius-baer-hong-kong-e-banking.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 11:11:26 GMT
CF-Cache-Status: MISS
last-modified: Sat, 07 Aug 2021 14:27:38 GMT
Server: cloudflare
etag: "610e985a-1"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kcuy%2F7k%2Bhe0DCrViiXDaZLkmIUVJBIgwamYuonQnvdNyIlQtE2ba8rr%2BtX7YUBFCrnuOxbDlVpxmNDhYlrK0gAw%2B56rQYvLge8HysZDuJi1hKxo7yco8vqhGLroQbaisQggbjMT9SLTIaLdkhd41JOL13rXb2s%2BT0TPW"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
cache-control: max-age=315360000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 67c08b2fbe5b1f35-FRA
Content-Length: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1

200
OK

Julius_Baer_HK_500.jpg
www.finews.ch/images/news/2019/02/
Redirect Chain

https://www.finews.com/images/news/2019/02/Julius_Baer_HK_500.jpg
https://www.finews.ch/images/news/2019/02/Julius_Baer_HK_500.jpg

49 KB
50 KB

348ms
32ms

Image
image/jpeg

94.126.17.3
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.finews.ch/images/news/2019/02/Julius_Baer_HK_500.jpg

Requested by

Host: anorthography.e-manager.site
URL: http://anorthography.e-manager.site/pningstider/julius-baer-hong-kong-e-banking.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.126.17.3 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),

Reverse DNS

Software

Apache / PleskLin

Resource Hash

11c652cf6dd61759083763a7f58789f9bdcba8ad468de3ec0c311b3b60ec0ea5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://anorthography.e-manager.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 11:11:27 GMT
X-Content-Type-Options: nosniff
X-Powered-By: PleskLin
Connection: Keep-Alive
Content-Length: 50338
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Headers: Authorization, Overwrite, Destination, Content-Type, Depth, User-Agent, Translate, Range, Content-Range, Timeout, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Location, Lock-Token, If
Last-Modified: Mon, 04 Feb 2019 09:57:15 GMT
Server: Apache
ETag: "c4a2-5810e84716367"
Access-Control-Allow-Methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
Content-Type: image/jpeg
Access-Control-Expose-Headers: DAV, content-length, Allow
Cache-Control: max-age=31536000, public
Access-Control-Allow-Credentials: true
Permissions-Policy: interest-cohort=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Tue, 09 Aug 2022 11:11:27 GMT

Redirect headers

Date: Mon, 09 Aug 2021 11:11:26 GMT
X-Content-Type-Options: nosniff
Server: Apache
Access-Control-Allow-Methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
Content-Type: text/html; charset=iso-8859-1
Location: https://www.finews.ch/images/news/2019/02/Julius_Baer_HK_500.jpg
Access-Control-Expose-Headers: DAV, content-length, Allow
Cache-Control: max-age=600
Access-Control-Allow-Credentials: true
Permissions-Policy: interest-cohort=()
Connection: Keep-Alive
Access-Control-Allow-Headers: Authorization, Overwrite, Destination, Content-Type, Depth, User-Agent, Translate, Range, Content-Range, Timeout, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Location, Lock-Token, If
Content-Length: 272
Keep-Alive: timeout=5, max=100
Expires: Mon, 09 Aug 2021 11:21:26 GMT

GET
H/1.1 200
OK button_print.gif;jsessionid=NzoL+mqhv-m6DkBgiMkUMyl9
ebankinghk.juliusbaer.asia/Login-App/images/icons_functional/ 127 B
471 B 1224ms
182ms Image
image/gif 194.38.241.33
BJB2-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ebankinghk.juliusbaer.asia/Login-App/images/icons_functional/button_print.gif;jsessionid=NzoL+mqhv-m6DkBgiMkUMyl9

Requested by

Host: anorthography.e-manager.site
URL: http://anorthography.e-manager.site/pningstider/julius-baer-hong-kong-e-banking.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.38.241.33 , Singapore, ASN207308 (BJB2-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

301c6ab43957f25d04a3df87ee5025571fa490dc3d5d1bcace9d5af1672bf882

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://anorthography.e-manager.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 11:11:27 GMT
Strict-Transport-Security: max-age=16070400;
Last-Modified: Thu, 28 Jan 2021 20:56:30 GMT
Server: Apache
ETag: W/"127-1611867390000"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9
Content-Length: 127

GET
H/1.1

200
OK

baer_online.jpg;jsessionid=xwihTGRgHYF04D2dkkjPOzbO
ebankinghk.juliusbaer.asia/Login-App/images/logos/
Redirect Chain

http://ebankinghk.juliusbaer.asia/Login-App/images/logos/baer_online.jpg;jsessionid=xwihTGRgHYF04D2dkkjPOzbO
https://ebankinghk.juliusbaer.asia/Login-App/images/logos/baer_online.jpg;jsessionid=xwihTGRgHYF04D2dkkjPOzbO

2 KB
2 KB

628ms
435ms

Image
image/jpeg

194.38.241.33
BJB2-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ebankinghk.juliusbaer.asia/Login-App/images/logos/baer_online.jpg;jsessionid=xwihTGRgHYF04D2dkkjPOzbO

Requested by

Host: anorthography.e-manager.site
URL: http://anorthography.e-manager.site/pningstider/julius-baer-hong-kong-e-banking.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.38.241.33 , Singapore, ASN207308 (BJB2-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

471fa67b6f77c2952d3742c8100046c290496429a26ab488c9c9cdf4449ab35e

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://anorthography.e-manager.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 11:11:27 GMT
Strict-Transport-Security: max-age=16070400;
Last-Modified: Thu, 28 Jan 2021 20:56:30 GMT
Server: Apache
ETag: W/"1954-1611867390000"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=10
Content-Length: 1954

Redirect headers

Pragma: no-cache
Date: Mon, 09 Aug 2021 11:11:26 GMT
Server: Apache
Content-Type: text/html; charset=utf-8
Location: https://ebankinghk.juliusbaer.asia/Login-App/images/logos/baer_online.jpg;jsessionid=xwihTGRgHYF04D2dkkjPOzbO
Cache-Control: no-cache
Connection: close
Content-Length: 382

GET
H2 200 UI6PDQsyYVc Show response
www.youtube.com/embed/ Frame B02E 55 KB
23 KB 64ms
64ms Document
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/UI6PDQsyYVc

Requested by

Host: anorthography.e-manager.site
URL: http://anorthography.e-manager.site/pningstider/julius-baer-hong-kong-e-banking.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

651ba212c34ceca888a643ab052bdcfa09beeab4b1ed7db55c52d4b62974af2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/UI6PDQsyYVc
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://anorthography.e-manager.site/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://anorthography.e-manager.site/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 09 Aug 2021 11:11:26 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
accept-ch-lifetime: 2592000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=M9bC8PzWSVw; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=fMJBfhc_cdg; Domain=.youtube.com; Expires=Sat, 05-Feb-2022 11:11:26 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+633; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/be9c9f3b/ Frame B02E 328 KB
45 KB 10ms
9ms Stylesheet
text/css 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/be9c9f3b/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/UI6PDQsyYVc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47175b1daa58725f19ffe6baa072761eeb7e1c80cb30e4c6ba0e58b0605915aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/UI6PDQsyYVc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 00:20:18 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 05 Aug 2021 00:19:06 GMT
server: sffe
age: 298268
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46099
x-xss-protection: 0
expires: Sat, 06 Aug 2022 00:20:18 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/be9c9f3b/www-embed-player.vflset/ Frame B02E 193 KB
64 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/be9c9f3b/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/UI6PDQsyYVc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35c7e9cbee8fcdec30edd3741fffa798276003e4fcf0608b7889b9bbb7f6d0de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/UI6PDQsyYVc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 07:19:39 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 05 Aug 2021 00:19:06 GMT
server: sffe
age: 13907
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65305
x-xss-protection: 0
expires: Tue, 09 Aug 2022 07:19:39 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/be9c9f3b/player_ias.vflset/en_US/ Frame B02E 2 MB
493 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/be9c9f3b/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/UI6PDQsyYVc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0c116bb2ceb337e80c52f38ebd68a35a5d5354e9c3d9158e83d9bae1074e0ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/UI6PDQsyYVc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 20:12:01 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 05 Aug 2021 00:19:06 GMT
server: sffe
age: 53965
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 504323
x-xss-protection: 0
expires: Mon, 08 Aug 2022 20:12:01 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/be9c9f3b/fetch-polyfill.vflset/ Frame B02E 8 KB
3 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/be9c9f3b/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/UI6PDQsyYVc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/UI6PDQsyYVc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 15:30:03 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 05 Aug 2021 00:19:06 GMT
server: sffe
age: 70883
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Mon, 08 Aug 2022 15:30:03 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B02E 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/UI6PDQsyYVc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 21:27:21 GMT
x-content-type-options: nosniff
age: 567845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 21:27:21 GMT

GET
H/1.1 200
OK KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i%7CAssistant%3A200%2C300%2C400%2C600%2C700%2C800%7CAnton%3A400%7CPlayfair+Display%3A400%2C400i%2C700%2C700i%2C900%2C900i%7COswald%3A200%2C300%2C400%2C500%2C600%2C700%7CSix+Caps%3A400&ver=5.3

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://anorthography.e-manager.site
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 07:04:29 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 05 Apr 2021 21:10:35 GMT
Server: sffe
Age: 533217
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 15688
X-XSS-Protection: 0
Expires: Wed, 03 Aug 2022 07:04:29 GMT

GET
H/1.1 200
OK 2sDcZGJYnIjSi6H75xkzaGW5.woff2
fonts.gstatic.com/s/assistant/v7/ 20 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/assistant/v7/2sDcZGJYnIjSi6H75xkzaGW5.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fdce601969d5ddcaf6a997e6843d92e5096e83b165ece04d907655b74945b21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://anorthography.e-manager.site
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 12:13:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 28 Jan 2021 22:56:13 GMT
Server: sffe
Age: 514680
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 20620
X-XSS-Protection: 0
Expires: Wed, 03 Aug 2022 12:13:26 GMT

GET
H3-29

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame B02E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
161 B

27ms
26ms

XHR
application/json

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/UI6PDQsyYVc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3f29de6b195ca0f618dd1dd8cb7f3bad91941b4db1209fb209887d71015474d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 11:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 09 Aug 2021 11:11:26 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame B02E 29 B
91 B 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/be9c9f3b/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 10:59:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 705
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Mon, 09 Aug 2021 11:14:41 GMT

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/be9c9f3b/player_ias.vflset/en_US/ Frame B02E 95 KB
29 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/be9c9f3b/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/be9c9f3b/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a377408f77f5dfb6daab2d93d5960f7ad19fc12cc3938c707868a84a2690d2ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/UI6PDQsyYVc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:58:54 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 05 Aug 2021 00:19:06 GMT
server: sffe
age: 7952
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29732
x-xss-protection: 0
expires: Tue, 09 Aug 2022 08:58:54 GMT

GET
H2 200 21jUtDV2ycCRAG0qnwS7Oa64PHuu-773XkWEkGEZlBU.js Show response
www.google.com/js/th/ Frame B02E 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/21jUtDV2ycCRAG0qnwS7Oa64PHuu-773XkWEkGEZlBU.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/be9c9f3b/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db58d4b43576c9c091006d2a9f04bb39aeb83c7baefbbef75e45849061199415

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 11:09:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13327
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 09:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 11:09:19 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/be9c9f3b/player_ias.vflset/en_US/ Frame B02E 25 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/be9c9f3b/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/be9c9f3b/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44c17a8271dba60524415db7229ae75c01e808c6605a0b5e2e925e2a498dbfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/UI6PDQsyYVc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 20:14:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 05 Aug 2021 00:19:06 GMT
server: sffe
age: 53840
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7441
x-xss-protection: 0
expires: Mon, 08 Aug 2022 20:14:06 GMT

GET
DATA 200
OK truncated
/ Frame B02E 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLRaom2I-i5dTTod_294f8v7sPQiRrUVn58UW1OcUA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame B02E 2 KB
2 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLRaom2I-i5dTTod_294f8v7sPQiRrUVn58UW1OcUA=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/UI6PDQsyYVc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

680a1ad31bb82ad235b5e74aeff37b62d2637c948353a4e0099c480a6fada7e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:16:06 GMT
x-content-type-options: nosniff
age: 10520
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1609
x-xss-protection: 0
server: fife
etag: "v12e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 07 Jul 2021 08:05:30 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/UI6PDQsyYVc/ Frame B02E 68 KB
68 KB 18ms
18ms Image
image/jpeg 2a00:1450:4001:801::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/UI6PDQsyYVc/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/UI6PDQsyYVc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fc9ae9090648554b9a228f0a9c0238a1026ad75b3977b44ed921ce51c271f9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 11:11:26 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1595598917"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69609
x-xss-protection: 0
expires: Mon, 09 Aug 2021 13:11:26 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame B02E 4 KB
2 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/be9c9f3b/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 11:11:26 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Mon, 09 Aug 2021 11:11:26 GMT

GET
H3-29 204 generate_204
www.youtube.com/ Frame B02E 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?r1ldjA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/UI6PDQsyYVc
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/UI6PDQsyYVc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 11:11:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3-29 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame B02E 28 B
56 B 20ms
20ms XHR
application/json 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/be9c9f3b/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/UI6PDQsyYVc
X-YouTube-Client-Version: 1.20210804.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtmTUpCZmhjX2NkZyjemsSIBg%3D%3D
X-YouTube-Ad-Signals: dt=1628507486803&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image&bid=ANyPxKrk8yl0tu9YpygxT4dYR2CnA2s1o5knTWVAo4R9UwKq8IqZ5CNgMObBDmVywimst1fUl-JIcP3vNO_j7DQM6_2mSYk_sg

Response headers

date: Mon, 09 Aug 2021 11:11:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 09 Aug 2021 11:11:29 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.youtube.com/	1970-01-20 00:40:59	Name: VISITOR_INFO1_LIVE Value: fMJBfhc_cdg
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: M9bC8PzWSVw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

anorthography.e-manager.site
ebankinghk.juliusbaer.asia
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
static.doubleclick.net
www.finews.ch
www.finews.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
194.38.241.33
2606:4700:3037::6815:4eba
2a00:1450:4001:800::2003
2a00:1450:4001:800::2004
2a00:1450:4001:801::2016
2a00:1450:4001:808::2006
2a00:1450:4001:808::200e
2a00:1450:4001:810::2002
2a00:1450:4001:813::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
94.126.17.3
0e88e181c14b66b60fd77e076652e7cb4d77f0f77eda4f1805e4eb8773394028
11c652cf6dd61759083763a7f58789f9bdcba8ad468de3ec0c311b3b60ec0ea5
301c6ab43957f25d04a3df87ee5025571fa490dc3d5d1bcace9d5af1672bf882
32ff0c70e4bef1b465451fa4d6bcc51f111cf485732438e804aaeed1f432badb
35c7e9cbee8fcdec30edd3741fffa798276003e4fcf0608b7889b9bbb7f6d0de
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44c17a8271dba60524415db7229ae75c01e808c6605a0b5e2e925e2a498dbfb8
47175b1daa58725f19ffe6baa072761eeb7e1c80cb30e4c6ba0e58b0605915aa
471fa67b6f77c2952d3742c8100046c290496429a26ab488c9c9cdf4449ab35e
651ba212c34ceca888a643ab052bdcfa09beeab4b1ed7db55c52d4b62974af2f
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
680a1ad31bb82ad235b5e74aeff37b62d2637c948353a4e0099c480a6fada7e2
964964fcb9b138c3e1ee9c404f39b0ce4cc1b0175d2dba591a7d40109e71c9a5
9fc9ae9090648554b9a228f0a9c0238a1026ad75b3977b44ed921ce51c271f9c
9fdce601969d5ddcaf6a997e6843d92e5096e83b165ece04d907655b74945b21
a0c116bb2ceb337e80c52f38ebd68a35a5d5354e9c3d9158e83d9bae1074e0ad
a377408f77f5dfb6daab2d93d5960f7ad19fc12cc3938c707868a84a2690d2ed
a6759d183be5c44e80cc12b1fe1a003d11118055f608440288e138c2400b2fc7
bbe13c7fe2bd655e144ddcf500dd389d499cae03a784744c073ebad02ad23d16
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d2fcfcb58ae0b3ade1bdf85ab3ce10c87d3ac14415ae64943d921688640d1f6c
d3db7d0589ac0ea178c38857837425f8c636023ce573b2ba0dd41c4de17d0cdd
d3f29de6b195ca0f618dd1dd8cb7f3bad91941b4db1209fb209887d71015474d
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
db58d4b43576c9c091006d2a9f04bb39aeb83c7baefbbef75e45849061199415
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f27b505f9c5d43f942564936f6e47a8b31c7b01f508b9ee467b59c52b28c75f7

anorthography.e-manager.site Open in urlscan Pro 2606:4700:3037::6815:4eba Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

31 Requests

61 %HTTPS

85 %IPv6

11 Domains

13 Subdomains

13 IPs

4 Countries

890 kBTransfer

2824 kBSize

2 Cookies

1 Outgoing links

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

anorthography.e-manager.site Open in urlscan Pro
2606:4700:3037::6815:4eba Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

61 %
HTTPS

85 %
IPv6

11
Domains

13
Subdomains

13
IPs

4
Countries

890 kB
Transfer

2824 kB
Size

2
Cookies

31 HTTP transactions
1 data transactions