trumedsystems.com Open in urlscan Pro
162.159.134.42 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.trumedsystems.com/
Effective URL:
https://trumedsystems.com/
Submission: On February 08 via manual (February 8th 2023, 8:24:43 pm UTC) from US — Scanned from DE

Summary HTTP 107 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 38 IPs in 7 countries across 36 domains to perform 107 HTTP transactions. The main IP is 162.159.134.42, located in and belongs to CLOUDFLARENET, US. The main domain is trumedsystems.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 6th 2022. Valid for: a year.

This is the only time trumedsystems.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 23	162.159.134.42 162.159.134.42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.196.242.82 18.196.242.82	16509 (AMAZON-02) (AMAZON-02)
2	34.90.79.92 34.90.79.92	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	65.9.66.34 65.9.66.34	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c08::61	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:803::200e	15169 (GOOGLE) (GOOGLE)
1	34.195.36.112 34.195.36.112	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	18.66.22.149 18.66.22.149	16509 (AMAZON-02) (AMAZON-02)
18	2a00:1450:400... 2a00:1450:400d:807::200e	15169 (GOOGLE) (GOOGLE)
2 2	142.250.201.194 142.250.201.194	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:808::2003	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:400d:807::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c1b::5e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::95	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c04::5f	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c1b::84	15169 (GOOGLE) (GOOGLE)
2	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:400e:11::8	15169 (GOOGLE) (GOOGLE)
18 23	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4264:6ee2:887:1ab8:da64	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 1	52.213.137.74 52.213.137.74	16509 (AMAZON-02) (AMAZON-02)
1 1	18.192.88.32 18.192.88.32	16509 (AMAZON-02) (AMAZON-02)
2	13.32.110.128 13.32.110.128	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
1 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	18.213.131.195 18.213.131.195	14618 (AMAZON-AES) (AMAZON-AES)
1	23.35.209.176 23.35.209.176	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.51.234.85 52.51.234.85	16509 (AMAZON-02) (AMAZON-02)
1	209.191.163.210 209.191.163.210	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1 2	37.252.171.84 37.252.171.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	74.125.206.154 74.125.206.154	15169 (GOOGLE) (GOOGLE)
107	38

23 162.159.134.42 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.trumedsystems.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trumedsystems.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.242.82 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-242-82.eu-central-1.compute.amazonaws.com

app.ecwid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.90.79.92 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 92.79.90.34.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.66.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-34.fra56.r.cloudfront.net

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::61 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:807::2002 (Ireland) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.195.36.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-36-112.compute-1.amazonaws.com

cs.choozle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.22.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-22-149.vie50.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.201.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:807::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::5e (Brussels, Belgium)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::95 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c04::5f (Brussels, Belgium)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::84 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400e:11::8 (Ireland)

ASN15169 (GOOGLE, US)

rr3---sn-5hnednsz.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 34.91.62.186 (Groningen, Netherlands) 18 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:6ee2:887:1ab8:da64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.137.74 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-137-74.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.192.88.32 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-88-32.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.110.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-128.vie50.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.213.131.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-131-195.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.209.176 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-209-176.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.234.85 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-234-85.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.191.163.210 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.84 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.206.154 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: wk-in-f154.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	simpli.fi 18 redirects tag.simpli.fi — Cisco Umbrella Rank: 4212 i.simpli.fi — Cisco Umbrella Rank: 3502 um.simpli.fi — Cisco Umbrella Rank: 775	14 KB
23	trumedsystems.com 1 redirects www.trumedsystems.com trumedsystems.com	815 KB
18	youtube.com www.youtube.com — Cisco Umbrella Rank: 68	890 KB
8	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 stats.g.doubleclick.net — Cisco Umbrella Rank: 76 static.doubleclick.net — Cisco Umbrella Rank: 203 cm.g.doubleclick.net — Cisco Umbrella Rank: 207	3 KB
7	googlevideo.com rr3---sn-5hnednsz.googlevideo.com — Cisco Umbrella Rank: 54670	2 MB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 182	30 KB
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	15 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6211	870 B
4	gstatic.com www.gstatic.com fonts.gstatic.com	53 KB
4	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 2872	12 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 362	12 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 205	2 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 702	1 KB
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 1468	2 KB
2	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2213	876 B
2	intentiq.com sync.intentiq.com — Cisco Umbrella Rank: 1270
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 484 d.agkn.com — Cisco Umbrella Rank: 678	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 437	1 KB
2	vimeo.com vimeo.com — Cisco Umbrella Rank: 1648	4 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 224	6 KB
2	googleadservices.com 2 redirects www.googleadservices.com — Cisco Umbrella Rank: 164	722 B
2	adsrvr.org 1 redirects insight.adsrvr.org — Cisco Umbrella Rank: 587	408 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 23	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	111 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 423	273 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 316	239 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 351	98 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 892	311 B
1	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 899	265 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 493	454 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1688	421 B
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6276	183 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 340	140 B
1	cloudfront.net d1eoo1tco6rr5e.cloudfront.net	668 B
1	choozle.com cs.choozle.com — Cisco Umbrella Rank: 7600	123 B
1	ecwid.com app.ecwid.com — Cisco Umbrella Rank: 30510	20 KB
107	36

	Domain	Requested by
23	um.simpli.fi	18 redirects
22	trumedsystems.com	trumedsystems.com
18	www.youtube.com	trumedsystems.com www.youtube.com
7	rr3---sn-5hnednsz.googlevideo.com	www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
4	www.google.com	1 redirects trumedsystems.com www.youtube.com
4	www.google.de	trumedsystems.com
4	googleads.g.doubleclick.net	2 redirects www.googletagmanager.com www.youtube.com
4	nexus.ensighten.com	trumedsystems.com nexus.ensighten.com
3	bat.bing.com	trumedsystems.com bat.bing.com
2	cm.g.doubleclick.net	2 redirects
2	ib.adnxs.com	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	loadm.exelator.com	1 redirects
2	fei.pro-market.net	2 redirects
2	sync.intentiq.com
2	pixel.tapad.com	1 redirects
2	vimeo.com	trumedsystems.com
2	yt3.ggpht.com	www.youtube.com
2	fonts.gstatic.com	www.youtube.com
2	www.googleadservices.com	2 redirects
2	insight.adsrvr.org	1 redirects d1eoo1tco6rr5e.cloudfront.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.gstatic.com	www.googletagmanager.com www.gstatic.com
2	www.googletagmanager.com	trumedsystems.com
1	us-u.openx.net
1	pixel.rubiconproject.com
1	idsync.rlcdn.com
1	ce.lijit.com
1	bcp.crwdcntrl.net
1	stags.bluekai.com
1	sync.bfmio.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	eb2.3lift.com
1	i.simpli.fi	tag.simpli.fi
1	static.doubleclick.net	www.youtube.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	d1eoo1tco6rr5e.cloudfront.net	nexus.ensighten.com
1	cs.choozle.com	trumedsystems.com
1	tag.simpli.fi	trumedsystems.com
1	app.ecwid.com	trumedsystems.com
1	www.trumedsystems.com	1 redirects
107	44

This site contains links to these domains. Also see Links.

Domain
vimeo.com
www.gvhc.org
www.arcare.net
medlinkga.org
youtu.be
my.accusite.com
www.facebook.com
twitter.com
www.youtube.com
www.linkedin.com

Subject Issuer	Validity	Valid
trumedsystems.com Cloudflare Inc ECC CA-3	`2022-04-06` - `2023-04-05`	a year	crt.sh
*.ecwid.com Amazon	`2022-08-05` - `2023-09-03`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-07` - `2023-10-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.choozle.com Amazon	`2022-05-18` - `2023-06-16`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
vimeo.com Cloudflare Inc ECC CA-3	`2022-09-21` - `2023-09-20`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-01-31` - `2023-04-11`	2 months	crt.sh

This page contains 3 frames:

Primary Page: https://trumedsystems.com/
Frame ID: 9F4A62D571202B3787DB4B36AAE0BEC3
Requests: 84 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/6f3m5jc/r3wyc27/iframe
Frame ID: 90CB6E7FF17805057D10ADF2C1AFC954
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/aQQYc_GPniQ?autohide=1&autoplay=1&fs=0&showinfo=0&modestBranding=1&start=0&controls=0&rel=0&disablekb=1&iv_load_policy=3&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Ftrumedsystems.com&widgetid=1
Frame ID: 530243D27B50ED58CD1CF9F69B828616
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TruMed Systems - Vaccine Storage & Inventory Management Solutions

Page URL History Show full URLs

http://www.trumedsystems.com/ HTTP 301
https://trumedsystems.com/ Page URL

Detected technologies

Ecwid (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

https://app\.ecwid\.com/script\.js

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

107
Requests

81 %
HTTPS

38 %
IPv6

36
Domains

44
Subdomains

38
IPs

7
Countries

4138 kB
Transfer

8165 kB
Size

29
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://vimeo.com/619074780
Title: WATCH THE VIDEO

Search URL Search Domain Scan URL

URL: https://www.gvhc.org/

Search URL Search Domain Scan URL

URL: https://www.arcare.net/

Search URL Search Domain Scan URL

URL: https://medlinkga.org/

Search URL Search Domain Scan URL

URL: https://youtu.be/J24rdsXP4lI
Title: WATCH THE VIDEO

Search URL Search Domain Scan URL

URL: https://my.accusite.com/portal_logins/sign_in
Title: LOG-IN

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AccuVax

Search URL Search Domain Scan URL

URL: https://twitter.com/trumedsystems

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCFnwP_d0TBCQrzk65UrZfcQ

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/trumed

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.trumedsystems.com/ HTTP 301
https://trumedsystems.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://insight.adsrvr.org/tags/6f3m5jc/r3wyc27/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/6f3m5jc/r3wyc27/iframe

Request Chain 50

https://www.googleadservices.com/pagead/conversion/836828250/wcm?cc=ZZ&dn=8448786331&cl=htlSCI-O4ocBENr4g48D&ct_eid=2 HTTP 302
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8448786331&cl=htlSCI-O4ocBENr4g48D

Request Chain 68

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 88

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=A96C3AB59C1E4970A3A8D64CBF6FDCA2&dongle=yf3

Request Chain 89

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=A96C3AB59C1E4970A3A8D64CBF6FDCA2

Request Chain 90

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=A96C3AB59C1E4970A3A8D64CBF6FDCA2 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=A96C3AB59C1E4970A3A8D64CBF6FDCA2

Request Chain 91

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=A96C3AB59C1E4970A3A8D64CBF6FDCA2 HTTP 302
https://d.agkn.com/pixel/10751/?che=1675887878763&ip=185.213.155.168&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219013204421003657278 HTTP 302
https://um.simpli.fi/aa_px?sk=219013204421003657278 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 92

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=A96C3AB59C1E4970A3A8D64CBF6FDCA2

Request Chain 95

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=A96C3AB59C1E4970A3A8D64CBF6FDCA2;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=A96C3AB59C1E4970A3A8D64CBF6FDCA2;mimetype=img;sr HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-784901285353600722

Request Chain 96

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=A96C3AB59C1E4970A3A8D64CBF6FDCA2&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=A96C3AB59C1E4970A3A8D64CBF6FDCA2&j=0&xl8blockcheck=1

Request Chain 98

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=A96C3AB59C1E4970A3A8D64CBF6FDCA2

Request Chain 99

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=A96C3AB59C1E4970A3A8D64CBF6FDCA2

Request Chain 100

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=A96C3AB59C1E4970A3A8D64CBF6FDCA2

Request Chain 101

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=A96C3AB59C1E4970A3A8D64CBF6FDCA2

Request Chain 102

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=A96C3AB59C1E4970A3A8D64CBF6FDCA2

Request Chain 103

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1675887878395&cv=7&fst=1675887878395&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1348659623&cv=7&fst=1675887878395&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=BgXkY56JIOmomLAP9660iAY&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1348659623&cv=7&fst=1675887878395&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=BgXkY56JIOmomLAP9660iAY&cid=CAQSKQDUE5ymv9Pd5X_gRg-_F2zvcltT5VZIpI1bve1f5B_2lvXNBvRXlahP&random=346952637 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=1348659623&cv=7&fst=1675887878395&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=BgXkY56JIOmomLAP9660iAY&cid=CAQSKQDUE5ymv9Pd5X_gRg-_F2zvcltT5VZIpI1bve1f5B_2lvXNBvRXlahP&random=346952637&ipr=y&prhg=0

Request Chain 104

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=A96C3AB59C1E4970A3A8D64CBF6FDCA2 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=A96C3AB59C1E4970A3A8D64CBF6FDCA2&__user_check__=1&sync_id=9c6f8d14-a7ee-11ed-a3bf-1bf0cf250406

Request Chain 105

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=A96C3AB59C1E4970A3A8D64CBF6FDCA2 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DA96C3AB59C1E4970A3A8D64CBF6FDCA2

Request Chain 106

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=A96C3AB59C1E4970A3A8D64CBF6FDCA2&expires=365

Request Chain 107

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=A96C3AB59C1E4970A3A8D64CBF6FDCA2

Request Chain 108

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEGOpwMoJHDH38pSgugldXs4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A96C3AB59C1E4970A3A8D64CBF6FDCA2 HTTP 302
https://um.simpli.fi/g_match?id=

107 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
trumedsystems.com/
Redirect Chain

http://www.trumedsystems.com/
https://trumedsystems.com/

432 KB
36 KB

651ms
549ms

Document
text/html

162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trumedsystems.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6763a40bb3ca768090c74bd2f76be14628d033876a20bf929221d56736554c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 796716f7d96f2bc1-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 08 Feb 2023 20:24:36 GMT
ki-cache-type: None
ki-cf-cache-status: BYPASS
ki-edge: v=17.18
link: <https://trumedsystems.com/wp-json/>; rel="https://api.w.org/", <https://trumedsystems.com/wp-json/wp/v2/pages/4>; rel="alternate"; type="application/json", <https://trumedsystems.com/>; rel=shortlink
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZJa21oZMxDbauoCqwFMQgAyvXEDcQF%2Fd%2FHcNwYf4e8bD%2BhfsLHel0OzMpRNH772NrnRJRYQNPVrAKiwJxbcflJyzQ25os63l5gZur1UkDxzeiUiuGD3gBZl6%2FlTPsP3gxER"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-edge-location-klb: 1
x-kinsta-cache: HIT

Redirect headers

CF-Cache-Status: DYNAMIC
CF-Ray: 796716f48ea33834-FRA
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Wed, 08 Feb 2023 20:24:35 GMT
Ki-CF-Cache-Status: BYPASS
Location: https://trumedsystems.com/
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2B2eywzmbAlX5ht%2FNSXPotQ5ARC5%2B3ar%2BJhYTV1F%2F20BMZcmO%2FpdwXKodz%2BA8dWDDOIApDQdi9seBN1Qbo0sD1adS0cQIiOYCj0aeH1IKOub6UlTLullT9AKVon0Br5sxRbdHVjXhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Edge-Location-Klb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cache-type: None
ki-edge: v=17.18

GET
H2 200 classic-themes.min.css
trumedsystems.com/wp-includes/css/ 217 B
827 B 235ms
231ms Stylesheet
text/css 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trumedsystems.com/wp-includes/css/classic-themes.min.css?ver=1

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:36 GMT
content-encoding: br
ki-cache-tag: c9cac799-0048-420c-915f-e844d99d3645,ef7055169d2be2faee9314a251d8d5db71e635975ace27fd70f4f23b6f7fb3e7
cf-cache-status: HIT
ki-edge: v=17.18
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cache-tag: c9cac799-0048-420c-915f-e844d99d3645,ef7055169d2be2faee9314a251d8d5db71e635975ace27fd70f4f23b6f7fb3e7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 30 Jan 2023 21:20:38 GMT
server: cloudflare
etag: W/"63d834a6-d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DP5dEJmrZBY1kekee%2Byt7TpE1KuisJ%2FLx46aFRa%2Fm%2B1ZIYsQ7Ubsqz7ot1pE5AvOMzivglmSu96CVp2gDwkULJClcpotwJ2aCE8FwgPbXX8CaxAHSky8UmKMRXxNxZWHk5Bs"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
ki-cache-type: CDN
cf-ray: 796716fb5e942bc1-FRA
ki-cf-cache-status: HIT
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.css
trumedsystems.com/wp-content/plugins/ecwid-shopping-cart/css/ 2 KB
1 KB 227ms
223ms Stylesheet
text/css 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trumedsystems.com/wp-content/plugins/ecwid-shopping-cart/css/frontend.css?ver=6.11.4

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f81a04d77ab02696131c4dd052b2dcb2ce69a4babe1c2f75253788b59343c174

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:36 GMT
content-encoding: br
ki-cache-tag: c9cac799-0048-420c-915f-e844d99d3645,98b069f6fb29094407651a9d9b090c5d817688f3d166f13822ba657a46ce9516
cf-cache-status: HIT
ki-edge: v=17.18
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cache-tag: c9cac799-0048-420c-915f-e844d99d3645,98b069f6fb29094407651a9d9b090c5d817688f3d166f13822ba657a46ce9516
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 30 Jan 2023 21:22:05 GMT
server: cloudflare
etag: W/"63d834fd-885"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ENRvvBy%2Fuc7oYElDAPNbr2afedSeKstFUmdsYTAsKqDKNRgABgjTsFL8eDszSxFwzK%2Fw%2F%2BhUoBR4jkV7J%2BoNeIJIHWXuB7KHGNgN%2FyDMpHWHkCBBoOweGqhJqRMuJFEadif2"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
ki-cache-type: CDN
cf-ray: 796716fb5e992bc1-FRA
ki-cf-cache-status: HIT
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 c82cdb7ad324654ef41e5c249c9fb13b.min.css
trumedsystems.com/wp-content/uploads/fusion-styles/ 716 KB
96 KB 239ms
236ms Stylesheet
text/css 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trumedsystems.com/wp-content/uploads/fusion-styles/c82cdb7ad324654ef41e5c249c9fb13b.min.css?ver=3.7.1

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a44c72100a3c56963015a01c8845f8abe1240d54c7bac4606112ff7a1d3b5162

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:36 GMT
content-encoding: br
ki-cache-tag: c9cac799-0048-420c-915f-e844d99d3645,829a754407b474ef7baedd4e02f085759e6613b30c3735188e51bdcdd12caf10
cf-cache-status: HIT
ki-edge: v=17.18
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cache-tag: c9cac799-0048-420c-915f-e844d99d3645,829a754407b474ef7baedd4e02f085759e6613b30c3735188e51bdcdd12caf10
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 08 Feb 2023 01:04:04 GMT
server: cloudflare
etag: W/"63e2f504-b3146"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0aZyF%2BL%2Fj6LY2qbbWBmePlPWNiGcqA8c28MIr%2BUFYN1CSqhiaP4t8j2joBpZ%2BisactV%2Bf6B%2BpJ5nuNO%2BVhwYOQxBmROBfrXXt33Ib3EM8kMO0jcCBUXw6mdKetadIpF7lxem"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
ki-cache-type: CDN
cf-ray: 796716fb5e9a2bc1-FRA
ki-cf-cache-status: HIT
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 awb-icons.woff
trumedsystems.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/ 20 KB
13 KB 253ms
250ms Font
application/font-woff 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trumedsystems.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/awb-icons.woff

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

129b3422c0a2b9b6f08a19d8777f313ab28c5fb0aa050d1170c822443c8dc28c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://trumedsystems.com/
Origin: https://trumedsystems.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:36 GMT
content-encoding: br
ki-cache-tag: c9cac799-0048-420c-915f-e844d99d3645,661735b6025f0f3360d8a21b6cf4a7a03c52b2c6ff72a256ef0ed296555d91de
cf-cache-status: HIT
ki-edge: v=17.18
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cache-tag: c9cac799-0048-420c-915f-e844d99d3645,661735b6025f0f3360d8a21b6cf4a7a03c52b2c6ff72a256ef0ed296555d91de
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 20 Apr 2022 20:23:55 GMT
server: cloudflare
etag: W/"62606bdb-4e6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s9ovn%2BQBGHW%2B37Y%2BWq4sOOq2gA8VbZvsvBBR6MrTav0VEC3Ee1bFAGvK%2F2rD027ZpJ2ERmNP2dkvf87VPNsn1QzbI4GWwTOrM1TeJNiwBJWlsC6AUFRCNIIoElneFPRSCCRE"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
ki-cache-type: CDN
cf-ray: 796716fb5e9b2bc1-FRA
ki-cf-cache-status: HIT
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fa-brands-400.woff2
trumedsystems.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 75 KB
75 KB 257ms
254ms Font
application/font-woff2 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trumedsystems.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-brands-400.woff2

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83238a9c118b388bee1eede2f1c04b6441ac0c4a543f502457e3d2309a9d3e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://trumedsystems.com/
Origin: https://trumedsystems.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:36 GMT
ki-cache-tag: c9cac799-0048-420c-915f-e844d99d3645,dcce42410b5d2066a034db2a070ca94d4ae734523a42c90cbd453fcbce8f4319
cf-cache-status: HIT
ki-edge: v=17.18
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cache-tag: c9cac799-0048-420c-915f-e844d99d3645,dcce42410b5d2066a034db2a070ca94d4ae734523a42c90cbd453fcbce8f4319
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76736
last-modified: Wed, 20 Apr 2022 20:23:55 GMT
server: cloudflare
etag: "62606bdb-12bc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wBXxy%2BcVctfk6eL4SM2fwtFRK86JzTmUpnbEVBiWr3nG169b7NEg7m%2BHIz31vc7YL2pSUQR66LImel7Lg7aTwrt7AfImZ6MLfmhSdwFmwW%2FJ6yBin0g880zcgMs46QXaa0Ox"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
ki-cache-type: CDN
accept-ranges: bytes
cf-ray: 796716fb5e9c2bc1-FRA
ki-cf-cache-status: HIT
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fa-regular-400.woff2
trumedsystems.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 13 KB
14 KB 226ms
223ms Font
application/font-woff2 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trumedsystems.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-regular-400.woff2

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65ae05cb1187b6eacddcc464141af208d9c172aeed20c74c3bf7663b530c5c0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://trumedsystems.com/
Origin: https://trumedsystems.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:36 GMT
ki-cache-tag: c9cac799-0048-420c-915f-e844d99d3645,737c5b5d479e81ae67d09a70feb71afd8e04cba4019eb3bee0fb4e05b6a239d9
cf-cache-status: HIT
ki-edge: v=17.18
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cache-tag: c9cac799-0048-420c-915f-e844d99d3645,737c5b5d479e81ae67d09a70feb71afd8e04cba4019eb3bee0fb4e05b6a239d9
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13264
last-modified: Wed, 20 Apr 2022 20:23:55 GMT
server: cloudflare
etag: "62606bdb-33d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=162rN6GMJ7IqvDQh6FkHfFagt0xGyCQJtW79Tcq7DK3FmkLKYuyllmpFpXXKkQQj0XCYPwWbels08iUPp0%2FjtgtXzTJrtScZI2OHphK2ruttu%2FTQqkG5yfMyUnjsk%2Bm1j7jU"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
ki-cache-type: CDN
accept-ranges: bytes
cf-ray: 796716fb5e9d2bc1-FRA
ki-cf-cache-status: HIT
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fa-solid-900.woff2
trumedsystems.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 76 KB
77 KB 240ms
237ms Font
application/font-woff2 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trumedsystems.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://trumedsystems.com/
Origin: https://trumedsystems.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:36 GMT
ki-cache-tag: c9cac799-0048-420c-915f-e844d99d3645,b9613a083e9c810986c5909508978f3c9895b8f712cbf4b523a675aace0f3423
cf-cache-status: HIT
ki-edge: v=17.18
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cache-tag: c9cac799-0048-420c-915f-e844d99d3645,b9613a083e9c810986c5909508978f3c9895b8f712cbf4b523a675aace0f3423
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78212
last-modified: Wed, 20 Apr 2022 20:23:55 GMT
server: cloudflare
etag: "62606bdb-13184"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tJE8j%2FL9hlfdP%2By63uVrHYYpmN6rGx8HP%2BadvpWzeDU28nqqX1dge3CBv2Nz0HmtvD5TA2JUOr7cpyB%2B826iWUgXiyH7Ta0yAnQ646d0obRzGqMBkMqEtih07ScZ2BBhLroj"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
ki-cache-type: CDN
accept-ranges: bytes
cf-ray: 796716fb5e9e2bc1-FRA
ki-cf-cache-status: HIT
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Accountant-Pro.ttf
trumedsystems.com/wp-content/uploads/fusion-icons/Accountant-Pro-v2.0/fonts/ 7 KB
8 KB 245ms
243ms Font
application/x-font-ttf 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trumedsystems.com/wp-content/uploads/fusion-icons/Accountant-Pro-v2.0/fonts/Accountant-Pro.ttf?ym7fev

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

240d5e3812ab8e6e75533336f3afc26da97dac68e1d331ba70b6ec747bae55e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://trumedsystems.com/
Origin: https://trumedsystems.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:36 GMT
ki-cache-tag: c9cac799-0048-420c-915f-e844d99d3645,f54750dbcd3de7f004d3e0b9da1fb3900b2885b7d801e293267459401fbf9a0d
cf-cache-status: HIT
ki-edge: v=17.18
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cache-tag: c9cac799-0048-420c-915f-e844d99d3645,f54750dbcd3de7f004d3e0b9da1fb3900b2885b7d801e293267459401fbf9a0d
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 25 Aug 2021 17:59:32 GMT
server: cloudflare
etag: W/"61268504-1d64"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4hcRbQlP9c%2BoTkn%2F3chNoTUMlAktIXbf6pCWJTmZSO052Wniy%2BiTDGurABGQSSmIDC1iv2zFfCveEq%2FQSxom9rV5VcIZ%2F0bTcY6y68n4lDTVjOnrd5snXILdpuoVrff%2BeyN"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
ki-cache-type: CDN
cf-ray: 796716fb5ea02bc1-FRA
ki-cf-cache-status: HIT
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rP2Hp2ywxg089UriCZOIHQ.woff2
trumedsystems.com/wp-content/uploads/fusion-gfonts/ 18 KB
18 KB 233ms
231ms Font
application/font-woff2 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trumedsystems.com/wp-content/uploads/fusion-gfonts/rP2Hp2ywxg089UriCZOIHQ.woff2

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://trumedsystems.com/
Origin: https://trumedsystems.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:36 GMT
ki-cache-tag: c9cac799-0048-420c-915f-e844d99d3645,d5050c065910c7730419cf44307d35425a6666a5fcbd49b60b60e6af78ee0706
cf-cache-status: HIT
ki-edge: v=17.18
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cache-tag: c9cac799-0048-420c-915f-e844d99d3645,d5050c065910c7730419cf44307d35425a6666a5fcbd49b60b60e6af78ee0706
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18096
last-modified: Mon, 30 Jan 2023 23:55:40 GMT
server: cloudflare
etag: "63d858fc-46b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u8Rpi%2Fdg5TKid1DwgUfRh8Xv1vssnMPcwedghclfgtbVUoOfwYEG2WTOKbgGNDxTgZ4sZyZuDXw3rVZFIyr7hA88Jw2OkdBtwjlewVu4SxNTI8gweUUQCbhDFjkbyHCXJMBa"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
ki-cache-type: CDN
accept-ranges: bytes
cf-ray: 796716fb5ea12bc1-FRA
ki-cf-cache-status: HIT
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 xn7gYHE41ni1AdIRggexSg.woff2
trumedsystems.com/wp-content/uploads/fusion-gfonts/ 24 KB
24 KB 227ms
225ms Font
application/font-woff2 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trumedsystems.com/wp-content/uploads/fusion-gfonts/xn7gYHE41ni1AdIRggexSg.woff2

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3c9bb0126992129d561e6615234943f04520c69bdba33205c935ca70414c2ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://trumedsystems.com/
Origin: https://trumedsystems.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:36 GMT
ki-cache-tag: c9cac799-0048-420c-915f-e844d99d3645,66189cde396e971791ac9ca554561e2188fa4c992e616d3ae1bd02cb936108e3
cf-cache-status: HIT
ki-edge: v=17.18
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cache-tag: c9cac799-0048-420c-915f-e844d99d3645,66189cde396e971791ac9ca554561e2188fa4c992e616d3ae1bd02cb936108e3
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24328
last-modified: Mon, 30 Jan 2023 23:55:40 GMT
server: cloudflare
etag: "63d858fc-5f08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2BEU1Uun411bLuyzgWff3at5jLVE1jh5XRWD%2F6tFZvLUsr71s5ag4OcuONO74nm9BenuzAbKxiCbm8RqeumC%2BsWdYqkjKfY4X42Bf57AfhzfKCHhSogwsArAKnotHy2tTUKy"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
ki-cache-type: CDN
accept-ranges: bytes
cf-ray: 796716fb5ea42bc1-FRA
ki-cf-cache-status: HIT
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
trumedsystems.com/wp-content/uploads/fusion-gfonts/ 13 KB
13 KB 234ms
233ms Font
application/font-woff2 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trumedsystems.com/wp-content/uploads/fusion-gfonts/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://trumedsystems.com/
Origin: https://trumedsystems.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:36 GMT
ki-cache-tag: c9cac799-0048-420c-915f-e844d99d3645,a7d9c656a194ebeab72c440d671b7a86690329cc98eb45175d6c3dc442e0a123
cf-cache-status: HIT
ki-edge: v=17.18
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cache-tag: c9cac799-0048-420c-915f-e844d99d3645,a7d9c656a194ebeab72c440d671b7a86690329cc98eb45175d6c3dc442e0a123
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13036
last-modified: Mon, 30 Jan 2023 23:55:41 GMT
server: cloudflare
etag: "63d858fd-32ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Oib8A76j5TNzIugYPmwvqt5zY1gglhH%2BqQqgwt23q1caZdY84KHXEHZR6Izz3NXz4oRMFvlKLUyWnBtPMVROEpeQgPqkK6UIvjdfth%2BvtRKPMP6krZnJbvRm%2BJAzNU%2FncQU"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
ki-cache-type: CDN
accept-ranges: bytes
cf-ray: 796716fb6ec72bc1-FRA
ki-cf-cache-status: HIT
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK script.js
app.ecwid.com/ 0
20 KB 247ms
208ms Other
text/javascript 18.196.242.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.ecwid.com/script.js?82953779&data_platform=wporg&lang=en
Requested by: Host: trumedsystems.com
URL: https://trumedsystems.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.242.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-242-82.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Wed, 08 Feb 2023 20:24:36 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"-1194538765"
Transfer-Encoding: chunked
Access-Control-Max-Age: 600
Content-Type: text/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private,must-revalidate,max-age:3
Vary: Accept-Encoding
Connection: keep-alive
Access-Control-Allow-Headers: Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement

GET
H2 200 d9783fd0-11f8-0137-5916-067f653fa718 Show response
tag.simpli.fi/sifitag/ 3 KB
4 KB 90ms
18ms Script
application/javascript 34.90.79.92
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/d9783fd0-11f8-0137-5916-067f653fa718

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.90.79.92 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

92.79.90.34.bc.googleusercontent.com

Software

Resource Hash

715f09e0e73a38bae12d62b93dc34df0b3f690a56ba3a50e65dc2cda174d6365

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Wed, 08 Feb 2023 20:24:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3100
x-request-id: F0HzJQhH0zDifkJRWRMB
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/choozle/12767/ 28 KB
9 KB 63ms
9ms Script
application/javascript 65.9.66.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/12767/Bootstrap.js
Requested by: Host: trumedsystems.com
URL: https://trumedsystems.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-34.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: bed409fb187931c095c4bc0b0b9c02a47dfa762e9949f8dc55721a11f9a79309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:16:18 GMT
x-amz-version-id: f7uDTeBfmrYRi3MZq5D64DMu5TVPiCj4
content-encoding: br
via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 583699
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 12 Aug 2021 16:27:55 GMT
server: CloudFront
etag: W/"b2d10475fb577492f56a7ff7d683a6ad"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: 5-nb7UAG0vUf8EgVnV0TuCNFPLMflDP6a56-Faqv1Ivdkovvt70VNw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 129 KB
50 KB 75ms
26ms Script
application/javascript 2a00:1450:400c:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-836828250

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::61 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3073307486ae75d06b204a0f6d0ec2fd248b2f12bba4f9e67cf713cf5b815a65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50816
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 18:39:10 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Feb 2023 20:24:36 GMT

GET
H3 200 trumed-logo-01-1.png
trumedsystems.com/wp-content/uploads/2021/10/ 4 KB
5 KB 238ms
236ms Image
image/png 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trumedsystems.com/wp-content/uploads/2021/10/trumed-logo-01-1.png

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02149e6af6c173522d95f58986682c2537b3395dac6c72a3d8ae412e8bd59b61

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:36 GMT
ki-cache-tag: c9cac799-0048-420c-915f-e844d99d3645,34a8d0fcfecd09a4c3c04be04785d00a52d0c7c26bd0433971724e0402f8486c
cf-cache-status: HIT
ki-edge: v=17.18
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cache-tag: c9cac799-0048-420c-915f-e844d99d3645,34a8d0fcfecd09a4c3c04be04785d00a52d0c7c26bd0433971724e0402f8486c
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4165
last-modified: Thu, 07 Oct 2021 16:31:37 GMT
server: cloudflare
etag: "615f20e9-1045"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZ8TBujxyBEy8s7gQGnljmmVycir3xrX5A1k13rP36tcoGThjvr1w9PZ9vM5QrLoMs6seTkfRReygUhI0qAMKEMhnMFYTDSvuarzLaqtkn%2B%2FgKurFnNmz5g%2BQmEyKNeix5Sf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
ki-cache-type: CDN
accept-ranges: bytes
cf-ray: 796716fd2a563a4a-FRA
ki-cf-cache-status: HIT
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 trumed-logo-01.png
trumedsystems.com/wp-content/uploads/2021/09/ 4 KB
5 KB 705ms
703ms Image
image/png 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trumedsystems.com/wp-content/uploads/2021/09/trumed-logo-01.png

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02149e6af6c173522d95f58986682c2537b3395dac6c72a3d8ae412e8bd59b61

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:37 GMT
ki-cache-tag: c9cac799-0048-420c-915f-e844d99d3645,dbe2da9a6e0ff7cc350289e5d21af82ae471f68fc5d0dd2d0758027389ea6acf
cf-cache-status: HIT
ki-edge: v=17.18
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cache-tag: c9cac799-0048-420c-915f-e844d99d3645,dbe2da9a6e0ff7cc350289e5d21af82ae471f68fc5d0dd2d0758027389ea6acf
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4165
last-modified: Wed, 08 Sep 2021 18:28:57 GMT
server: cloudflare
etag: "613900e9-1045"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JS6oQ6vtaUu7BQVGte%2FDc4%2FJeLyp4LHY1pQ%2FWAPrrv6%2FIBP2Cd07JtAJlW46T1RItjBkkNTjXC3xZwJMFXbP8kDMDTU50jQU5TqSMSsN0T2nQsBqwnbXfyeEEHR1rdqQZYuW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
ki-cache-type: CDN
accept-ranges: bytes
cf-ray: 796716fd2a573a4a-FRA
ki-cf-cache-status: HIT
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 168 KB
61 KB 95ms
52ms Script
application/javascript 2a00:1450:400c:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MWBK58F

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::61 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b140c5fb08754d995dbfa7adf0fcc3bda240ecdf928f58de0d5e6ff6b1bc1d1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62797
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 18:39:10 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Feb 2023 20:24:36 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 72ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 08 Feb 2023 20:24:36 GMT
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C9E7310510984CCBAB4BC67C90D3B6B5 Ref B: FRAEDGE1407 Ref C: 2023-02-08T20:24:36Z
etag: "076bc30652fd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11552

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69dd3e106b70cdfb1a993ba98348ce4ad0cf329a007cd3526dcd12a85e9dfe04

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
trumedsystems.com/wp-content/uploads/fusion-gfonts/ 13 KB
13 KB 213ms
212ms Font
application/font-woff2 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trumedsystems.com/wp-content/uploads/fusion-gfonts/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/wp-content/uploads/fusion-styles/c82cdb7ad324654ef41e5c249c9fb13b.min.css?ver=3.7.1

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://trumedsystems.com/wp-content/uploads/fusion-styles/c82cdb7ad324654ef41e5c249c9fb13b.min.css?ver=3.7.1
Origin: https://trumedsystems.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:36 GMT
ki-cache-tag: c9cac799-0048-420c-915f-e844d99d3645,27f671e8c7a15d6128df01dee1a546d4a00cef4f93c85e4ae1b6396ac836a942
cf-cache-status: HIT
ki-edge: v=17.18
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cache-tag: c9cac799-0048-420c-915f-e844d99d3645,27f671e8c7a15d6128df01dee1a546d4a00cef4f93c85e4ae1b6396ac836a942
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12956
last-modified: Mon, 30 Jan 2023 23:55:41 GMT
server: cloudflare
etag: "63d858fd-329c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=btI6t%2B77HGmgVOGSXq4BGdBthvfk4mRK%2FPxzcsICm2zrmX3bL8vDK4t2T3cp9ILpRq67l2mSd7UN6jqub2WIKAw%2BwxYAZnslecSI5MG8CXvPrHAawCLHFSjnMi%2FKmqcnet1P"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
ki-cache-type: CDN
accept-ranges: bytes
cf-ray: 796716fd5a9f3a4a-FRA
ki-cf-cache-status: HIT
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/choozle/12767/ 409 B
716 B 27ms
27ms Script
text/javascript 65.9.66.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/12767/serverComponent.php?r=4984213466.515997&namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/choozle/12767/code/&publishedOn=Tue%20Nov%2017%2000:20:42%20GMT%202020&ClientID=923&PageID=https%3A%2F%2Ftrumedsystems.com%2F
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/12767/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-34.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: c4544c7de50a4c99ee436592a19efeb71da2abc11827bde8f1eb239693bac860

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:36 GMT
via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
content-length: 409
x-amz-cf-id: 5aBjEI7cHkD6U6Mjf2LodMbfHn6uwQQHXr60jqp9u-Po4kpkt1wrVQ==
expires: Wed, 08 Feb 2023 20:24:35 GMT

GET
DATA 200
OK truncated
/ 145 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 454cdc4ab0bdda1b374181308c2bb0898cdb2ad289dc6af5aaca70f8e90bc6fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 781ff8bedf26ca2a211e640f5ca902b4acc6637626f42e7a98caeff51da6bddd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eff8827de9144af1cc320d8ffe85d634f3465d80f7203906c67c002025ecf3a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2531c4c644b971ac85b561c43f4863d9d9263be60daa241c4e7a90d86919c9c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 148 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: feeedf3af554b79ecf6df6cb4e7e4eb2674dc36aba933bd5fbda4db954724d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 148 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ed6171c219554c009209b79c996580824071c8c34e48c472f537eb7a711ebec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 148 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 010d2f248544698a577f67bd22d10c16aa2c62c4ccaf1feabcdaa7c5ee8e3b80

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 148 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff5497e11a347b8e75a17fad4c35c51b0a77f2c08cb659cfd951bfdb2119833e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 139 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68cec3c432196cc966ea727adc07495b3945a14bba33024f9e7a11db84d8faa8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 145 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 116018d6cd601941f98095e678a937cefcbe9fcbb6a05dac61f33f6c1b3adb31

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e573b9c3550c6392c08dede0e432dcc52f9d39d24330f827e2b51b5fef070ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 145 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e4cf194b7135e818efe700f71fd4930387c03f2e157e7d954a37d8b7c173c96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 jquery.min.js Show response
trumedsystems.com/wp-includes/js/jquery/ 88 KB
32 KB 242ms
242ms Script
application/javascript 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trumedsystems.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:36 GMT
content-encoding: br
ki-cache-tag: c9cac799-0048-420c-915f-e844d99d3645,5e194d6a4cb75dda76b4a06a873ff390f814aa10b5a81305882ac32bdcdf3efe
cf-cache-status: HIT
ki-edge: v=17.18
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cache-tag: c9cac799-0048-420c-915f-e844d99d3645,5e194d6a4cb75dda76b4a06a873ff390f814aa10b5a81305882ac32bdcdf3efe
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 30 Jan 2023 21:20:39 GMT
server: cloudflare
etag: W/"63d834a7-15e54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8FWW%2B26GrYcsrKPLG9R7j5doLhz7PfDQaBk1b%2FJyynoh2v4J8ZqBuEzkafIUTazFCDNtGb2g3I5Rhh20hyU2cvwNup67Ac8lJL4XX0i23Z9lHNw%2Bif898a26FGGtojWnXVDo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
ki-cache-type: CDN
cf-ray: 796716fdcb343a4a-FRA
ki-cf-cache-status: HIT
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 frontend.js Show response
trumedsystems.com/wp-content/plugins/ecwid-shopping-cart/js/ 2 KB
1 KB 206ms
206ms Script
application/javascript 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trumedsystems.com/wp-content/plugins/ecwid-shopping-cart/js/frontend.js?ver=6.11.4

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bc16be07e2276e82fc1ca0d89f873d0b5a5f72b58a1691ba141817eaddbc884

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:36 GMT
content-encoding: br
ki-cache-tag: c9cac799-0048-420c-915f-e844d99d3645,e32086d5d9b05714850c6a452fe8d1c8436d690742836f40e67044ef0c66e1f0
cf-cache-status: HIT
ki-edge: v=17.18
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cache-tag: c9cac799-0048-420c-915f-e844d99d3645,e32086d5d9b05714850c6a452fe8d1c8436d690742836f40e67044ef0c66e1f0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 30 Jan 2023 21:22:06 GMT
server: cloudflare
etag: W/"63d834fe-7ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZS4Uk%2BkYzb5xVjUiDGjRoJA8jAflHpvRNcH%2FjYjF2eXGexfPma12vEdD4uzSBS3ydJyFRig6sCreUrIVrlW%2Bj2rY%2BIPeGS3e9dQ06tUMQxofwnOTZKh4h1gPoud%2BqqbRC6M"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
ki-cache-type: CDN
cf-ray: 796716fdcb373a4a-FRA
ki-cf-cache-status: HIT
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 bd7f8912f55d995e2a8dbd9f9c2c5fcf.min.js Show response
trumedsystems.com/wp-content/uploads/fusion-scripts/ 386 KB
112 KB 240ms
240ms Script
application/javascript 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trumedsystems.com/wp-content/uploads/fusion-scripts/bd7f8912f55d995e2a8dbd9f9c2c5fcf.min.js?ver=3.7.1

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b82db9f3f936df434ca2f03498546a78c1a8bf3afde0349c11e0a4e05100f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:36 GMT
content-encoding: br
ki-cache-tag: c9cac799-0048-420c-915f-e844d99d3645,2c02f548e1c0ea2889c2d5cf6f9121692c01d0fc4676a705e56d503c26c01058
cf-cache-status: HIT
ki-edge: v=17.18
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cache-tag: c9cac799-0048-420c-915f-e844d99d3645,2c02f548e1c0ea2889c2d5cf6f9121692c01d0fc4676a705e56d503c26c01058
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 30 Jan 2023 23:55:41 GMT
server: cloudflare
etag: W/"63d858fd-6070d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0dYW1wwrm6kH1tc2EebzKWbFX8uZAdJ8iNJYQRmsInU%2FVmD8Yoab57TUm3jZt%2B00nTMalOqVB9GedmUy3%2FvqjxaPwk3udGZWo5jobnz5uexwu7oPRYFYQh6vuiqsHiVVX5x"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
ki-cache-type: CDN
cf-ray: 796716fdcb393a4a-FRA
ki-cf-cache-status: HIT
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 lazyload.min.js Show response
trumedsystems.com/wp-content/plugins/rocket-lazy-load/assets/js/16.1/ 8 KB
3 KB 211ms
211ms Script
application/javascript 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trumedsystems.com/wp-content/plugins/rocket-lazy-load/assets/js/16.1/lazyload.min.js

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:36 GMT
content-encoding: br
ki-cache-tag: c9cac799-0048-420c-915f-e844d99d3645,1bec1bfe2f851ca47c804b8382f23e35694a0ef58a4cdbe246c51a525a34657f
cf-cache-status: HIT
ki-edge: v=17.18
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cache-tag: c9cac799-0048-420c-915f-e844d99d3645,1bec1bfe2f851ca47c804b8382f23e35694a0ef58a4cdbe246c51a525a34657f
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 30 Jan 2023 21:22:10 GMT
server: cloudflare
etag: W/"63d83502-1ed2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2FxNoA2lk%2BV%2BptDUhh%2BBF3L3onp3r7TpAE8V3RVa7s3Z8xlL7rQTwYdtHyXRgkmm3omNBBSnvRuXSMDOynLFfveekwYSj1%2B4YeOt2BSJK765BCMoJlyEXDKBFavjKToQN8t2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
ki-cache-type: CDN
cf-ray: 796716fdcb3c3a4a-FRA
ki-cf-cache-status: HIT
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 e706875e831a7a6c95162fb26d0fd700.js Show response
nexus.ensighten.com/choozle/12767/code/ 1 KB
1 KB 9ms
8ms Script
application/javascript 65.9.66.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/12767/code/e706875e831a7a6c95162fb26d0fd700.js?conditionId0=4894254&conditionId1=4894253
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/12767/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-34.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 9e8957c0dd182905a5e84fd354a6e83a49f4849a6753e0730caecbcaa0faf5ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 19:36:24 GMT
x-amz-version-id: WnDYyvXMy62iStwxnllmPTK8NPI7zcdB
content-encoding: br
via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 1903693
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 12 Aug 2021 16:28:00 GMT
server: CloudFront
etag: W/"c52439f59469dc1ba981c63ae157e02f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: FawDzaJ2C9Pt0NXxA8FFGc3EvsVTSOvqLZYRcaH6pm5VmUPdzKA_Mw==

GET
H2 200 b91deb381a983463890df766160d0db7.js Show response
nexus.ensighten.com/choozle/12767/code/ 2 KB
764 B 9ms
9ms Script
application/javascript 65.9.66.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/12767/code/b91deb381a983463890df766160d0db7.js?conditionId0=421905
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/12767/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-34.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: d9b18edccc6d6cdd3eb64d1835d42046cc84cdd8681ec26da7b6b3e7e3ab8875

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 07:34:42 GMT
x-amz-version-id: kcnuNL5Z.GHSMTDIfj8GB6j4iaT8KEf3
content-encoding: br
via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 1514995
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 12 Aug 2021 16:27:59 GMT
server: CloudFront
etag: W/"2ca037140d800c8ae9bee955e7637c28"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: -qr1QCnKf3INlzybX8I23LkJtCya_Si3K-I1nXVC_cXbizNpFpGppA==

GET
H2 204 26000943.js Show response
bat.bing.com/p/action/ 0
117 B 103ms
103ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/26000943.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 08 Feb 2023 20:24:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 341C56CB9EE642A68D7B18A9B5DEFB97 Ref B: FRAEDGE1407 Ref C: 2023-02-08T20:24:36Z
x-cache: CONFIG_NOCACHE

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/836828250/ 2 KB
1 KB 241ms
113ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/836828250/?random=1675887876854&cv=11&fst=1675887876854&bg=ffffff&guid=ON&async=1&gtm=45be3260&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ftrumedsystems.com%2F&tiba=TruMed%20Systems%20-%20Vaccine%20Storage%20%26%20Inventory%20Management%20Solutions&auid=650192765.1675887877&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-836828250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f939b1d4ca612e58030280a79c6ac420e2b8b2cc6a79d7d6e3d603caa6e78dbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 20:24:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 915
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.js Show response
www.gstatic.com/wcm/ 3 KB
2 KB 166ms
49ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-836828250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 19:49:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1339
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 16:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 08 Feb 2023 20:49:52 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 192ms
47ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MWBK58F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Feb 2023 19:12:08 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4349
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 08 Feb 2023 21:12:08 GMT

GET
H/1.1 200
OK 21190
cs.choozle.com/dp/chz/ 35 B
123 B 480ms
110ms Image
image/gif 34.195.36.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.choozle.com/dp/chz/21190?d=trumedsystems.com&cb=6972869632
Requested by: Host: trumedsystems.com
URL: https://trumedsystems.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.36.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-36-112.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 call-tracking_7.js Show response
www.gstatic.com/call-tracking/ 54 KB
21 KB 48ms
48ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/call-tracking/call-tracking_7.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 00:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21020
x-xss-protection: 0
last-modified: Wed, 03 Feb 2021 22:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-telephony"
vary: Accept-Encoding
report-to: {"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Feb 2024 00:19:21 GMT

GET
H2 204 0
bat.bing.com/action/ 0
285 B 33ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26000943&Ver=2&mid=2caf0113-de5c-473b-a0e5-6aa5116c2638&sid=9b82a920a7ee11edbafc13d1733a53da&vid=9b82bfd0a7ee11ed8201299297aec6f1&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=TruMed%20Systems%20-%20Vaccine%20Storage%20%26%20Inventory%20Management%20Solutions&p=https%3A%2F%2Ftrumedsystems.com%2F&r=&lt=1890&evt=pageLoad&sv=1&rn=180425

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 08 Feb 2023 20:24:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0151AEBCF44248458D27916331B0F2C8 Ref B: FRAEDGE1407 Ref C: 2023-02-08T20:24:37Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/6f3m5jc/r3wyc27/ Frame 90CB
Redirect Chain

https://insight.adsrvr.org/tags/6f3m5jc/r3wyc27/iframe
https://d1eoo1tco6rr5e.cloudfront.net/6f3m5jc/r3wyc27/iframe

138 B
668 B

97ms
19ms

Document
text/html

18.66.22.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/6f3m5jc/r3wyc27/iframe
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/12767/code/e706875e831a7a6c95162fb26d0fd700.js?conditionId0=4894254&conditionId1=4894253
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.22.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-22-149.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7d78fdf085de13f88c4bc7d1acd83fbf3edb9d36d0fff605aa2d05547f8cb500

Request headers

Referer: https://trumedsystems.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 53374
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 138
Content-Type: text/html
Date: Wed, 08 Feb 2023 05:35:04 GMT
ETag: "c8f5078de7f8e904f35124567afa91ba"
Last-Modified: Fri, 01 Oct 2021 23:50:43 GMT
Server: AmazonS3
Via: 1.1 af4c7c5690ef99c2d2945817a4e41504.cloudfront.net (CloudFront)
X-Amz-Cf-Id: yteuy05OaNHDd0pVWSZdNXAmuGEKulqwJj9i5hQ9NNUpItMRvuYLuw==
X-Amz-Cf-Pop: VIE50-P1
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 183
content-type: text/html; charset=UTF-8
date: Wed, 08 Feb 2023 20:24:37 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/6f3m5jc/r3wyc27/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 202ms
84ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/wp-content/uploads/fusion-scripts/bd7f8912f55d995e2a8dbd9f9c2c5fcf.min.js?ver=3.7.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3bbfd5809ca9c520b3565dad1b49bebe6da051f31d29db91c24711ccd98dfdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 08 Feb 2023 20:24:37 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 68ms
67ms XHR
text/plain 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1043882930&t=pageview&_s=1&dl=https%3A%2F%2Ftrumedsystems.com%2F&ul=en-us&de=UTF-8&dt=TruMed%20Systems%20-%20Vaccine%20Storage%20%26%20Inventory%20Management%20Solutions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=993733617&gjid=1874663381&cid=351634659.1675887877&tid=UA-97483009-1&_gid=1943569378.1675887877&_r=1&_slc=1&gtm=45He3260n81MWBK58F&z=1250752487

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://trumedsystems.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 20:24:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://trumedsystems.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

wcm Show response
www.google.de/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/836828250/wcm?cc=ZZ&dn=8448786331&cl=htlSCI-O4ocBENr4g48D&ct_eid=2
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8448786331&cl=htlSCI-O4ocBENr4g48D

80 B
244 B

73ms
71ms

XHR
application/json

2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8448786331&cl=htlSCI-O4ocBENr4g48D

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/

Protocol

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: null
content-type: application/json; charset=UTF-8
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87
x-xss-protection: 0

Redirect headers

date: Wed, 08 Feb 2023 20:24:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8448786331&cl=htlSCI-O4ocBENr4g48D
access-control-allow-origin: https://trumedsystems.com
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/836828250/ 42 B
154 B 224ms
91ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/836828250/?random=1675887876854&cv=11&fst=1675886400000&bg=ffffff&guid=ON&async=1&gtm=45be3260&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ftrumedsystems.com%2F&tiba=TruMed%20Systems%20-%20Vaccine%20Storage%20%26%20Inventory%20Management%20Solutions&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3986217726&rmt_tld=0&ipr=y

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 20:24:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/836828250/ 42 B
455 B 195ms
72ms Image
image/gif 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/836828250/?random=1675887876854&cv=11&fst=1675886400000&bg=ffffff&guid=ON&async=1&gtm=45be3260&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ftrumedsystems.com%2F&tiba=TruMed%20Systems%20-%20Vaccine%20Storage%20%26%20Inventory%20Management%20Solutions&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3986217726&rmt_tld=1&ipr=y

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 20:24:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 61ms
20ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-97483009-1&cid=351634659.1675887877&jid=993733617&gjid=1874663381&_gid=1943569378.1675887877&_u=YEBAAEAAAAAAACAAI~&z=820193992

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://trumedsystems.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 08 Feb 2023 20:24:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://trumedsystems.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 trumed-products-02-400x400.png
trumedsystems.com/wp-content/uploads/2021/09/ 93 KB
94 KB 258ms
256ms Image
image/png 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trumedsystems.com/wp-content/uploads/2021/09/trumed-products-02-400x400.png

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d123d751f91f7bf659ad3a9c583e44c2a127f96ff0c5c1c48113b7e6223e61b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:37 GMT
ki-cache-tag: c9cac799-0048-420c-915f-e844d99d3645,6e18c6c5ef69e9b6f1ca322c55456caa10a9228b6d7b0a88f90354d1fb02fa17
cf-cache-status: HIT
ki-edge: v=17.18
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cache-tag: c9cac799-0048-420c-915f-e844d99d3645,6e18c6c5ef69e9b6f1ca322c55456caa10a9228b6d7b0a88f90354d1fb02fa17
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94996
last-modified: Thu, 14 Oct 2021 17:34:31 GMT
server: cloudflare
etag: "61686a27-17314"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vd0Dq2f1XqaMj39RfnfzVqg4TkDjASEXmRiDkEmA9q4fGW8Ev8qi62q8zy48f3mM3HD%2Bx9lH%2BNHDhlopbIdKVYGhhYXSd3hXG%2FBy%2BtHsvTymrBK8cUTMkzFcJPyFdwjDiBvO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
ki-cache-type: CDN
accept-ranges: bytes
cf-ray: 7967170148ea3a4a-FRA
ki-cf-cache-status: HIT
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 trumed-products-01-400x400.png
trumedsystems.com/wp-content/uploads/2021/09/ 147 KB
148 KB 220ms
217ms Image
image/png 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trumedsystems.com/wp-content/uploads/2021/09/trumed-products-01-400x400.png

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81903c66d3a5964fc173fe95f5c24939229336fe3d1afb22ad25ab71fd085c07

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:37 GMT
ki-cache-tag: c9cac799-0048-420c-915f-e844d99d3645,077732f7b640b84cff33d348f53965f09bd6a8f61d37375798058b3d475a5ce4
cf-cache-status: HIT
ki-edge: v=17.18
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cache-tag: c9cac799-0048-420c-915f-e844d99d3645,077732f7b640b84cff33d348f53965f09bd6a8f61d37375798058b3d475a5ce4
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 150440
last-modified: Thu, 14 Oct 2021 17:34:32 GMT
server: cloudflare
etag: "61686a28-24ba8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3qUCld9h8XUibqbyCdg04WLbHtF5RhS%2Bgd6TR9jjiRcnPUv2vR2cX9e0DJhsKthhcV%2FXduGXQw9Y%2BooKDnRmFNJYWGpC%2BRltGBk1XvKXlcWinyWBB6Q7l2zm5U2rHLlmhHU"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
ki-cache-type: CDN
accept-ranges: bytes
cf-ray: 7967170158ef3a4a-FRA
ki-cf-cache-status: HIT
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 accusite-product-image-03-400x399.png
trumedsystems.com/wp-content/uploads/2021/10/ 23 KB
24 KB 234ms
232ms Image
image/png 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trumedsystems.com/wp-content/uploads/2021/10/accusite-product-image-03-400x399.png

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

594c587c8e0a8806a25bb5e4fb505096d9d38c50d902a121c960658ed32a6d62

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:37 GMT
ki-cache-tag: c9cac799-0048-420c-915f-e844d99d3645,9125f701760d19b5ed8dac8f23df62e99c073f9d5501e49c136c85b5c37c5126
cf-cache-status: HIT
ki-edge: v=17.18
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cache-tag: c9cac799-0048-420c-915f-e844d99d3645,9125f701760d19b5ed8dac8f23df62e99c073f9d5501e49c136c85b5c37c5126
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23825
last-modified: Wed, 20 Oct 2021 21:19:26 GMT
server: cloudflare
etag: "617087de-5d11"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZlmmalGMQQMTzs7BQ3PpdJai6g6lIGac14WJIsvojZDyAu9JoMGKAYnUECyZSOYGaDnKu9%2F2S%2BZxPJaNzk%2FJbN%2BOUAaJhBh5CDL03fjQ0VJnzhB9i697zyzsfxR8tpX4L9w"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
ki-cache-type: CDN
accept-ranges: bytes
cf-ray: 7967170158f13a4a-FRA
ki-cf-cache-status: HIT
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 92ms
82ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-97483009-1&cid=351634659.1675887877&jid=993733617&_u=YEBAAEAAAAAAACAAI~&z=718035435

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 20:24:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 83ms
82ms Image
image/gif 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-97483009-1&cid=351634659.1675887877&jid=993733617&_u=YEBAAEAAAAAAACAAI~&z=718035435

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 20:24:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame 90CB 70 B
260 B 42ms
42ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=6f3m5jc&ct=0:r3wyc27&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/6f3m5jc/r3wyc27/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 08 Feb 2023 20:24:37 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/97ea7458/www-widgetapi.vflset/ 184 KB
62 KB 49ms
48ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/97ea7458/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60c10e8ee50e4bf9b31339e9806ede6d08cfffeb40165e0c49553482fe710066

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 19:07:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4650
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63074
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 08 Feb 2024 19:07:07 GMT

GET
H3 200 aQQYc_GPniQ Show response
www.youtube.com/embed/ Frame 5302 68 KB
28 KB 136ms
135ms Document
text/html 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/aQQYc_GPniQ?autohide=1&autoplay=1&fs=0&showinfo=0&modestBranding=1&start=0&controls=0&rel=0&disablekb=1&iv_load_policy=3&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Ftrumedsystems.com&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b057b6e9edaebb50c78504d0db9e0d7b7bdc6ecabb5c4acc2864e78c37fde468

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://trumedsystems.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 20:24:37 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/97ea7458/ Frame 5302 360 KB
49 KB 49ms
48ms Stylesheet
text/css 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/97ea7458/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/aQQYc_GPniQ?autohide=1&autoplay=1&fs=0&showinfo=0&modestBranding=1&start=0&controls=0&rel=0&disablekb=1&iv_load_policy=3&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Ftrumedsystems.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b95164237b524353d235fd03cdc0ddf54a489315c59ee4e744cf120657a1ee33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/aQQYc_GPniQ?autohide=1&autoplay=1&fs=0&showinfo=0&modestBranding=1&start=0&controls=0&rel=0&disablekb=1&iv_load_policy=3&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Ftrumedsystems.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:29:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 93281
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49954
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 07 Feb 2024 18:29:56 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/97ea7458/www-embed-player.vflset/ Frame 5302 344 KB
108 KB 79ms
77ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/97ea7458/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aedf6cfea0cab0b1f40f53ec29e95bd9f6fa480a13050e877e2a29bc3875ded

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/aQQYc_GPniQ?autohide=1&autoplay=1&fs=0&showinfo=0&modestBranding=1&start=0&controls=0&rel=0&disablekb=1&iv_load_policy=3&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Ftrumedsystems.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 10:22:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 208945
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110070
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Feb 2024 10:22:12 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/ Frame 5302 2 MB
599 KB 93ms
91ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b169400c72045d965aac2010ff973d4184849800eac9e3ced121b38cabf8317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/aQQYc_GPniQ?autohide=1&autoplay=1&fs=0&showinfo=0&modestBranding=1&start=0&controls=0&rel=0&disablekb=1&iv_load_policy=3&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Ftrumedsystems.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 03:56:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59312
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613648
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 08 Feb 2024 03:56:05 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/97ea7458/fetch-polyfill.vflset/ Frame 5302 9 KB
3 KB 90ms
89ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/97ea7458/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/aQQYc_GPniQ?autohide=1&autoplay=1&fs=0&showinfo=0&modestBranding=1&start=0&controls=0&rel=0&disablekb=1&iv_load_policy=3&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Ftrumedsystems.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 03:37:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60401
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 08 Feb 2024 03:37:56 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5302 15 KB
16 KB 62ms
18ms Font
font/woff2 2a00:1450:400c:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::5e Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 08:06:52 GMT
x-content-type-options: nosniff
age: 476265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 08:06:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5302 15 KB
15 KB 66ms
23ms Font
font/woff2 2a00:1450:400c:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::5e Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 10:48:24 GMT
x-content-type-options: nosniff
age: 466573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 10:48:24 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 5302
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

68ms
68ms

XHR
application/json

2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59f4302304bf176f5180ee1f45d1488a10c831f3131cd4f29d1c3f08efcd0556

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 08 Feb 2023 20:24:38 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 5302 29 B
495 B 84ms
18ms Script
text/javascript 2a00:1450:400c:c08::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::95 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:18:33 GMT
x-content-type-options: nosniff
age: 365
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Feb 2023 20:33:33 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 65ms
26ms Preflight
text/html 2a00:1450:400c:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::5f Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 08 Feb 2023 20:24:38 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 5302 66 KB
30 KB 26ms
25ms XHR
application/json+protobuf 2a00:1450:400c:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::5f Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1504258b70504f58b07d2d15831a8af53d4466c33e4140ff88487f0ff92f377

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 08 Feb 2023 20:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30704
x-xss-protection: 0

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame 5302 60 KB
20 KB 159ms
159ms XHR
application/json 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

7e4d451912dd5ed3eae75180bb80408c5558a1105fd5559fa86fa901ff19331a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/aQQYc_GPniQ?autohide=1&autoplay=1&fs=0&showinfo=0&modestBranding=1&start=0&controls=0&rel=0&disablekb=1&iv_load_policy=3&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Ftrumedsystems.com&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230131.01.00
X-Goog-Visitor-Id: CgtZc1MyeEQyaDVtdyiFipCfBg%3D%3D

Response headers

date: Wed, 08 Feb 2023 20:24:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20901
x-xss-protection: 0
expires: Wed, 08 Feb 2023 20:24:38 GMT

GET
H2 200 qKJUGOP6x5h8rmPmHT60bnV16o_en-8xXoUTesAF5PA.js Show response
www.google.com/js/th/ Frame 5302 36 KB
14 KB 48ms
47ms Script
text/javascript 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/qKJUGOP6x5h8rmPmHT60bnV16o_en-8xXoUTesAF5PA.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8a25418e3fac7987cae63e61d3eb46e7575ea8fde9fef315e85137ac005e4f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 03:36:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 12:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Feb 2024 03:36:25 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/ Frame 5302 26 KB
8 KB 48ms
48ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29cc91344fa42a2ddf205c2d26b851ae379f940eb5c0e321cc274d32bc629ced

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/aQQYc_GPniQ?autohide=1&autoplay=1&fs=0&showinfo=0&modestBranding=1&start=0&controls=0&rel=0&disablekb=1&iv_load_policy=3&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Ftrumedsystems.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 03:28:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60942
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8403
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 08 Feb 2024 03:28:56 GMT

GET
DATA 200
OK truncated
/ Frame 5302 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AL5GRJWB-9FB-rOsPE9HrlEvVe9X6UKu6EpBj-j9fR2_Cg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 5302 3 KB
3 KB 64ms
26ms Image
image/jpeg 2a00:1450:400c:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AL5GRJWB-9FB-rOsPE9HrlEvVe9X6UKu6EpBj-j9fR2_Cg=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::84 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9ca6c27baeaeb3ccdb82eb99cb0f6d736eb93fd220d351f7be4093e3c51b8c9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v8f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2797
x-xss-protection: 0
expires: Thu, 09 Feb 2023 20:24:38 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 5302 90 B
134 B 23ms
23ms XHR
application/json+protobuf 2a00:1450:400c:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::5f Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ae0c5d7b64256d94acdaf65cb6b1adaf30552d0147e644c6d92dfcf08b549bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 08 Feb 2023 20:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 20ms
20ms Preflight
text/html 2a00:1450:400c:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::5f Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 08 Feb 2023 20:24:38 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 p Show response
i.simpli.fi/ 761 B
1 KB 54ms
17ms Script
application/javascript 34.90.79.92
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=50112&cb=sifi_att_3023808394732589._hp

Requested by

Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/d9783fd0-11f8-0137-5916-067f653fa718

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.90.79.92 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

92.79.90.34.bc.googleusercontent.com

Software

Resource Hash

e9b218873b8139683ccfe3a2c4362c067c20b6bd0b5f5345407294546d87add9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Wed, 08 Feb 2023 20:24:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK oembed.json Show response
vimeo.com/api/ 2 KB
2 KB 267ms
236ms XHR
application/json 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/api/oembed.json?url=https://vimeo.com/619074780&format=json

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf4653fab7651273862396880ad69c2804948c28c8dfe9cbf7b615a7cd121e76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://trumedsystems.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-varnish-cache: 1
Date: Wed, 08 Feb 2023 20:24:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Content-Encoding: gzip
Age: 0
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
x-vserver: webproxy-rollout-prod-varnish-2
Content-Length: 807
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
X-Served-By: cache-iad-kcgs7200059-IAD, cache-hhn-etou8220052-HHN
last-modified: Wed, 08 Feb 2023 19:57:33 GMT
Server: cloudflare
X-Timer: S1675887878.406322,VS0,VE212
etag: "1f72bcb0671ec819e36d2511c3042fac82aad95e"
x-backend-proxy: webproxy3
x-frame-options: sameorigin
Vary: Accept-Encoding
Content-Type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: pweb-ff498c66d-xvwqd
Accept-Ranges: bytes
CF-RAY: 79671707edd49176-FRA
access-control-allow-headers: X-Requested-With
X-Cache-Hits: 0, 0

GET
H/1.1 200
OK oembed.json Show response
vimeo.com/api/ 2 KB
2 KB 264ms
236ms XHR
application/json 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/api/oembed.json?url=https://vimeo.com/619074780&format=json

Requested by

Host: trumedsystems.com
URL: https://trumedsystems.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf4653fab7651273862396880ad69c2804948c28c8dfe9cbf7b615a7cd121e76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://trumedsystems.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-varnish-cache: 1
Date: Wed, 08 Feb 2023 20:24:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Content-Encoding: gzip
Age: 0
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
x-vserver: webproxy-rollout-prod-varnish-2
Content-Length: 807
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
X-Served-By: cache-iad-kcgs7200059-IAD, cache-hhn-etou8220068-HHN
last-modified: Wed, 08 Feb 2023 19:57:33 GMT
Server: cloudflare
X-Timer: S1675887878.404762,VS0,VE215
etag: "1f72bcb0671ec819e36d2511c3042fac82aad95e"
x-backend-proxy: webproxy3
x-frame-options: sameorigin
Vary: Accept-Encoding
Content-Type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: pweb-ff498c66d-xvwqd
Accept-Ranges: bytes
CF-RAY: 79671707fb926907-FRA
access-control-allow-headers: X-Requested-With
X-Cache-Hits: 0, 0

GET
H3 204 generate_204
www.youtube.com/ Frame 5302 0
10 B 47ms
46ms Image
text/plain 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?GB3SSw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/aQQYc_GPniQ?autohide=1&autoplay=1&fs=0&showinfo=0&modestBranding=1&start=0&controls=0&rel=0&disablekb=1&iv_load_policy=3&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Ftrumedsystems.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame 5302 0
19 B 70ms
70ms XHR
text/html 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=247&afmt=251&cpn=YMZehuvdfVdvq50u&el=embedded&ns=yt&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24255165%2C24415864%2C24416291%2C24416442%2C24430381%2C24439360%2C24441240%2C24450367%2C24451033%2C24457655%2C24458635%2C24463912&cl=506103060&seq=1&docid=aQQYc_GPniQ&ei=BgXkY5fGDZKF1gKpiTY&event=streamingstats&plid=AAX0Ng2q4FYnShsx&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FaQQYc_GPniQ%3Fautohide%3D1%26autoplay%3D1%26fs%3D0%26showinfo%3D0%26modestBranding%3D1%26start%3D0%26controls%3D0%26rel%3D0%26disablekb%3D1%26iv_load_policy%3D3%26wmode%3Dtransparent%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Ftrumedsystems.com%26widgetid%3D1&cbr=Chrome&cbrver=110.0.5481.77&c=WEB_EMBEDDED_PLAYER&cver=1.20230131.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.015:B,0.286:B,0.286:B&cmt=0.015:0.000,0.286:0.000&afs=0.286:251::i&vfs=0.286:247:247::r&view=0.286:1600:900&bwe=0.286:130000&bat=0.286:1:1&vis=0.286:0&bh=0.286:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/aQQYc_GPniQ?autohide=1&autoplay=1&fs=0&showinfo=0&modestBranding=1&start=0&controls=0&rel=0&disablekb=1&iv_load_policy=3&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Ftrumedsystems.com&widgetid=1
X-YouTube-Client-Version: 1.20230131.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtZc1MyeEQyaDVtdyiFipCfBg%3D%3D
X-YouTube-Ad-Signals: dt=1675887878055&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C900&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 20:24:38 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK videoplayback Show response
rr3---sn-5hnednsz.googlevideo.com/ Frame 5302 196 KB
197 KB 171ms
57ms Fetch
video/webm 2a00:1450:400e:11::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-5hnednsz.googlevideo.com/videoplayback?expire=1675909478&ei=BgXkY5fGDZKF1gKpiTY&ip=2a03%3A1b20%3A6%3Af011%3A%3A8e&id=o-AEn9_fBtNW2ArIpwabiuD4_tN8MDwgzqmQu02sqFQihK&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313&source=youtube&requiressl=yes&mh=86&mm=31%2C29&mn=sn-5hnednsz%2Csn-5hne6nsz&ms=au%2Crdu&mv=m&mvi=3&pl=48&initcwndbps=1726250&spc=H3gIhgnWsZBajokdXRpJ5if9VLGUdVw&vprv=1&mime=video%2Fwebm&ns=5QInBTaXV5xMxvzmQrlZiNkL&gir=yes&clen=3235904&dur=60.142&lmt=1653564514162071&mt=1675887706&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=eJfmOaVJYM7Uig&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgajZ62-ciuwtBP-3Bp7ZduuHVF8XTuEFCPvzipNaB3fQCID1o-X6Jg1QWqesWvOY0gfHUQMvSR0uTfitBQadpnPTO&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAOQGcsk7xUJcNhuOUEBROwguNmg4j0cOGdcpY5C285wzAiEAppy_yXP7uSUvKo3lhiDv7_yioPDQBmITIP7w07hFC7k%3D&alr=yes&cpn=YMZehuvdfVdvq50u&cver=1.20230131.01.00&range=0-200338&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:11::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

336d0f13697900521e7f470d828fec9ec8b1bb8b2cdee9a93da507b48ad41ecb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Wed, 08 Feb 2023 20:24:38 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 200339
Last-Modified: Thu, 26 May 2022 11:28:34 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Wed, 08 Feb 2023 20:24:38 GMT

POST
H/1.1 200
OK videoplayback Show response
rr3---sn-5hnednsz.googlevideo.com/ Frame 5302 64 KB
65 KB 140ms
27ms Fetch
audio/webm 2a00:1450:400e:11::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-5hnednsz.googlevideo.com/videoplayback?expire=1675909478&ei=BgXkY5fGDZKF1gKpiTY&ip=2a03%3A1b20%3A6%3Af011%3A%3A8e&id=o-AEn9_fBtNW2ArIpwabiuD4_tN8MDwgzqmQu02sqFQihK&itag=251&source=youtube&requiressl=yes&mh=86&mm=31%2C29&mn=sn-5hnednsz%2Csn-5hne6nsz&ms=au%2Crdu&mv=m&mvi=3&pl=48&initcwndbps=1726250&spc=H3gIhgnWsZBajokdXRpJ5if9VLGUdVw&vprv=1&mime=audio%2Fwebm&ns=5QInBTaXV5xMxvzmQrlZiNkL&gir=yes&clen=1086309&dur=60.161&lmt=1653564511046046&mt=1675887706&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=eJfmOaVJYM7Uig&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgDdNn-zfKiwjllHTMQkMdw_Z9nEX4BxDgwsg__v0AmD8CIAygWqczOq_DV7kOxIdnM6yV_Z4CF1BfRhjI8gQfVeZX&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAOQGcsk7xUJcNhuOUEBROwguNmg4j0cOGdcpY5C285wzAiEAppy_yXP7uSUvKo3lhiDv7_yioPDQBmITIP7w07hFC7k%3D&alr=yes&cpn=YMZehuvdfVdvq50u&cver=1.20230131.01.00&range=0-65909&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:11::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

aa55dbcd6d6b759e2c15b5075e05cea88e9e4d69ea990c14e7b8ccde2c40c406

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Wed, 08 Feb 2023 20:24:38 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 65910
Last-Modified: Thu, 26 May 2022 11:28:31 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Wed, 08 Feb 2023 20:24:38 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/ Frame 5302 32 KB
9 KB 48ms
47ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7baf267fdad9fc5969767a4de850caddefd027a0d9446c0886e14b68b936f768

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/aQQYc_GPniQ?autohide=1&autoplay=1&fs=0&showinfo=0&modestBranding=1&start=0&controls=0&rel=0&disablekb=1&iv_load_policy=3&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Ftrumedsystems.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 03:05:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 407932
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8952
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 04 Feb 2024 03:05:46 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame 5302 11 KB
3 KB 300ms
300ms XHR
application/json 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

5fe9814834ea892088d887c91000624b8f501dac546e8ba8520701c5a26f0f2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/aQQYc_GPniQ?autohide=1&autoplay=1&fs=0&showinfo=0&modestBranding=1&start=0&controls=0&rel=0&disablekb=1&iv_load_policy=3&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Ftrumedsystems.com&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230131.01.00
X-Goog-Visitor-Id: CgtZc1MyeEQyaDVtdyiFipCfBg%3D%3D

Response headers

date: Wed, 08 Feb 2023 20:24:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2992
x-xss-protection: 0
expires: Wed, 08 Feb 2023 20:24:38 GMT

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=A96C3AB59C1E4970A3A8D64CBF6FDCA2&dongle=yf3

37 B
140 B

48ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=A96C3AB59C1E4970A3A8D64CBF6FDCA2&dongle=yf3
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

date: Wed, 08 Feb 2023 20:24:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://eb2.3lift.com/xuid?mid=7969&xuid=A96C3AB59C1E4970A3A8D64CBF6FDCA2&dongle=yf3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 07 Feb 2023 20:24:38 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=A96C3AB59C1E4970A3A8D64CBF6FDCA2

43 B
183 B

335ms
101ms

Image
image/gif

2600:1f18:612b:4264:6ee2:887:1ab8:da64
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=A96C3AB59C1E4970A3A8D64CBF6FDCA2
Protocol: H2
Server: 2600:1f18:612b:4264:6ee2:887:1ab8:da64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 08 Feb 2023 20:24:38 GMT
server: Apache-Coyote/1.1
content-type: image/gif

Redirect headers

date: Wed, 08 Feb 2023 20:24:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://simplifi.partners.tremorhub.com/sync?UISF=A96C3AB59C1E4970A3A8D64CBF6FDCA2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 07 Feb 2023 20:24:38 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=A96C3AB59C1E4970A3A8D64CBF6FDCA2
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=A96C3AB59C1E4970A3A8D64CBF6FDCA2

95 B
437 B

24ms
20ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=A96C3AB59C1E4970A3A8D64CBF6FDCA2

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:38 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Wed, 08 Feb 2023 20:24:38 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=A96C3AB59C1E4970A3A8D64CBF6FDCA2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

empty.gif
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=A96C3AB59C1E4970A3A8D64CBF6FDCA2
https://d.agkn.com/pixel/10751/?che=1675887878763&ip=185.213.155.168&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219013204421003657278
https://um.simpli.fi/aa_px?sk=219013204421003657278
https://um.simpli.fi/empty.gif

43 B
361 B

18ms
17ms

Image
image/gif

34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Protocol

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

date: Wed, 08 Feb 2023 20:24:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: /empty.gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=A96C3AB59C1E4970A3A8D64CBF6FDCA2

0
0

70ms
17ms

Image
text/html

13.32.110.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=A96C3AB59C1E4970A3A8D64CBF6FDCA2
Protocol: H2
Server: 13.32.110.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-128.vie50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Redirect headers

date: Wed, 08 Feb 2023 20:24:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=A96C3AB59C1E4970A3A8D64CBF6FDCA2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 07 Feb 2023 20:24:38 GMT

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 78ms
18ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 07 Feb 2023 20:24:38 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 22ms
20ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 07 Feb 2023 20:24:38 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=A96C3AB59C1E4970A3A8D64CBF6FDCA2;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=A96C3AB59C1E4970A3A8D64CBF6FDCA2;mimetype=img;sr
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-784901285353600722

0
0

17ms
17ms

Image
text/html

13.32.110.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-784901285353600722
Protocol: H2
Server: 13.32.110.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-128.vie50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Wed, 08 Feb 2023 20:24:37 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-5.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-784901285353600722
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=A96C3AB59C1E4970A3A8D64CBF6FDCA2&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=A96C3AB59C1E4970A3A8D64CBF6FDCA2&j=0&xl8blockcheck=1

0
771 B

37ms
36ms

Image
text/plain

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=A96C3AB59C1E4970A3A8D64CBF6FDCA2&j=0&xl8blockcheck=1
Protocol: H2
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:38 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Wed, 08 Feb 2023 20:24:38 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=A96C3AB59C1E4970A3A8D64CBF6FDCA2&j=0&xl8blockcheck=1
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 23ms
21ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 07 Feb 2023 20:24:38 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=A96C3AB59C1E4970A3A8D64CBF6FDCA2

0
421 B

512ms
104ms

Image
text/plain

18.213.131.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=A96C3AB59C1E4970A3A8D64CBF6FDCA2
Protocol: HTTP/1.1
Server: 18.213.131.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-131-195.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Connection: keep-alive
Date: Wed, 08 Feb 2023 20:24:38 GMT

Redirect headers

date: Wed, 08 Feb 2023 20:24:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.bfmio.com/sync?pid=141&uid=A96C3AB59C1E4970A3A8D64CBF6FDCA2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 07 Feb 2023 20:24:38 GMT

GET
H2

200

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=A96C3AB59C1E4970A3A8D64CBF6FDCA2

62 B
454 B

263ms
179ms

Image
image/gif

23.35.209.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=A96C3AB59C1E4970A3A8D64CBF6FDCA2
Protocol: H2
Server: 23.35.209.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-209-176.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 08 Feb 2023 20:24:38 GMT
content-length: 62
content-type: image/gif

Redirect headers

date: Wed, 08 Feb 2023 20:24:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://stags.bluekai.com/site/29931?id=A96C3AB59C1E4970A3A8D64CBF6FDCA2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 07 Feb 2023 20:24:38 GMT

GET
H2

404

tpid=A96C3AB59C1E4970A3A8D64CBF6FDCA2
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=A96C3AB59C1E4970A3A8D64CBF6FDCA2

49 B
265 B

108ms
29ms

Image
image/gif

52.51.234.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=A96C3AB59C1E4970A3A8D64CBF6FDCA2
Protocol: H2
Server: 52.51.234.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-234-85.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 20:24:38 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.16.16
content-length: 49
expires: 0

Redirect headers

date: Wed, 08 Feb 2023 20:24:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=A96C3AB59C1E4970A3A8D64CBF6FDCA2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 07 Feb 2023 20:24:38 GMT

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=A96C3AB59C1E4970A3A8D64CBF6FDCA2

0
311 B

528ms
170ms

Image
text/plain

209.191.163.210
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=A96C3AB59C1E4970A3A8D64CBF6FDCA2
Protocol: HTTP/1.1
Server: 209.191.163.210 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Expires: Fri, 20 Mar 2009 00:00:00 GMT
Pragma: no-cache
Date: Wed, 08 Feb 2023 20:24:39 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4sfo1
P3P: CP="CUR ADM OUR NOR STA NID"

Redirect headers

date: Wed, 08 Feb 2023 20:24:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=A96C3AB59C1E4970A3A8D64CBF6FDCA2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 07 Feb 2023 20:24:38 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=A96C3AB59C1E4970A3A8D64CBF6FDCA2

0
98 B

93ms
20ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=A96C3AB59C1E4970A3A8D64CBF6FDCA2
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:38 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Wed, 08 Feb 2023 20:24:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://idsync.rlcdn.com/419566.gif?partner_uid=A96C3AB59C1E4970A3A8D64CBF6FDCA2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 07 Feb 2023 20:24:38 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1675887878395&cv=7&fst=1675887878395&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1348659623&cv=7&fst=1675887878395&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cook...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1348659623&cv=7&fst=1675887878395&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ssct...
https://www.google.de/pagead/1p-conversion/1026675585/?random=1348659623&cv=7&fst=1675887878395&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...

42 B
64 B

88ms
87ms

Image
image/gif

2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=1348659623&cv=7&fst=1675887878395&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=BgXkY56JIOmomLAP9660iAY&cid=CAQSKQDUE5ymv9Pd5X_gRg-_F2zvcltT5VZIpI1bve1f5B_2lvXNBvRXlahP&random=346952637&ipr=y&prhg=0

Protocol

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 20:24:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Feb 2023 20:24:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=1348659623&cv=7&fst=1675887878395&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=BgXkY56JIOmomLAP9660iAY&cid=CAQSKQDUE5ymv9Pd5X_gRg-_F2zvcltT5VZIpI1bve1f5B_2lvXNBvRXlahP&random=346952637&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=A96C3AB59C1E4970A3A8D64CBF6FDCA2
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=A96C3AB59C1E4970A3A8D64CBF6FDCA2&__user_check__=1&sync_id=9c6f8d14-a7ee-11ed-a3bf-1bf0cf250406

43 B
549 B

25ms
25ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=A96C3AB59C1E4970A3A8D64CBF6FDCA2&__user_check__=1&sync_id=9c6f8d14-a7ee-11ed-a3bf-1bf0cf250406
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Wed, 08 Feb 2023 20:24:38 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 131
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 08 Feb 2023 20:24:38 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=7797&uid=A96C3AB59C1E4970A3A8D64CBF6FDCA2&__user_check__=1&sync_id=9c6f8d14-a7ee-11ed-a3bf-1bf0cf250406
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 13
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=A96C3AB59C1E4970A3A8D64CBF6FDCA2
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DA96C3AB59C1E4970A3A8D64CBF6FDCA2

43 B
1 KB

8ms
8ms

Image
image/gif

37.252.171.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DA96C3AB59C1E4970A3A8D64CBF6FDCA2

Protocol

HTTP/1.1

Server

37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Feb 2023 20:24:38 GMT
AN-X-Request-Uuid: c52de0b5-4576-4e6a-87af-4f9be46a56c9
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 08 Feb 2023 20:24:38 GMT
AN-X-Request-Uuid: 00984838-2b1b-4e3e-ae9e-3ee95afd22e8
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DA96C3AB59C1E4970A3A8D64CBF6FDCA2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=A96C3AB59C1E4970A3A8D64CBF6FDCA2&expires=365

0
239 B

67ms
7ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=A96C3AB59C1E4970A3A8D64CBF6FDCA2&expires=365
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Wed, 08 Feb 2023 20:24:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=A96C3AB59C1E4970A3A8D64CBF6FDCA2&expires=365
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 07 Feb 2023 20:24:38 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=A96C3AB59C1E4970A3A8D64CBF6FDCA2

43 B
273 B

58ms
20ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=A96C3AB59C1E4970A3A8D64CBF6FDCA2
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 20:24:38 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Wed, 08 Feb 2023 20:24:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=A96C3AB59C1E4970A3A8D64CBF6FDCA2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 07 Feb 2023 20:24:38 GMT

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESEGOpwMoJHDH38pSgugldXs4&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A96C3AB59C1E4970A3A8D64CBF6FDCA2
https://um.simpli.fi/g_match?id=

0
320 B

19ms
18ms

Image
text/plain

34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trumedsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Tue, 07 Feb 2023 20:24:38 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Feb 2023 20:24:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://um.simpli.fi/g_match?id=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 playback Show response
www.youtube.com/api/stats/ Frame 5302 0
17 B 74ms
73ms XHR
text/html 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=YMZehuvdfVdvq50u&ver=2&cmt=0.039&fmt=247&fs=0&rt=0.591&euri=https%3A%2F%2Ftrumedsystems.com%2F&lact=276&cl=506103060&mos=1&volume=100&cbr=Chrome&cbrver=110.0.5481.77&c=WEB_EMBEDDED_PLAYER&cver=1.20230131.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&splay=1&hl=de_DE&cr=DE&len=60.161&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24255165%2C24415864%2C24416291%2C24416442%2C24430381%2C24439360%2C24441240%2C24450367%2C24451033%2C24457655%2C24458635%2C24463912&rtn=3&afmt=251&size=1600%3A900&inview=0&muted=1&docid=aQQYc_GPniQ&ei=BgXkY5fGDZKF1gKpiTY&plid=AAX0Ng2q4FYnShsx&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FaQQYc_GPniQ%3Fautohide%3D1%26autoplay%3D1%26fs%3D0%26showinfo%3D0%26modestBranding%3D1%26start%3D0%26controls%3D0%26rel%3D0%26disablekb%3D1%26iv_load_policy%3D3%26wmode%3Dtransparent%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Ftrumedsystems.com%26widgetid%3D1&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBRlNkMkZ1MFJnRTNQbjlBNVZMdkQ2UkV0V0NuaFYzNTcyWms4R3lXQUZ4QWgxN2oyZ2JfQVBta0tESS1tWHBfUzN0RExjOVF0T3hkNndUTkJtaEFUS2ZvOUNNNVl6TmNHMEVyLUhYbUNldkR2NDktMGZqX1haSl9mVUhfOUF5bndLYUxTaW0wUU9OQUZZMi1QUGtoAQ

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/aQQYc_GPniQ?autohide=1&autoplay=1&fs=0&showinfo=0&modestBranding=1&start=0&controls=0&rel=0&disablekb=1&iv_load_policy=3&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Ftrumedsystems.com&widgetid=1
X-YouTube-Client-Version: 1.20230131.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtZc1MyeEQyaDVtdyiFipCfBg%3D%3D
X-YouTube-Ad-Signals: dt=1675887878055&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C900&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 20:24:38 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking Show response
www.youtube.com/ Frame 5302 0
20 B 72ms
72ms XHR
text/html 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=aQQYc_GPniQ&cpn=YMZehuvdfVdvq50u&ei=BgXkY5fGDZKF1gKpiTY&ptk=youtube_none&pltype=contentugc

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/aQQYc_GPniQ?autohide=1&autoplay=1&fs=0&showinfo=0&modestBranding=1&start=0&controls=0&rel=0&disablekb=1&iv_load_policy=3&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Ftrumedsystems.com&widgetid=1
X-YouTube-Client-Version: 1.20230131.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtZc1MyeEQyaDVtdyiFipCfBg%3D%3D
X-YouTube-Ad-Signals: dt=1675887878055&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C900&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 20:24:38 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 videoplayback Show response
rr3---sn-5hnednsz.googlevideo.com/ Frame 5302 64 KB
64 KB 37ms
18ms Fetch
audio/webm 2a00:1450:400e:11::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-5hnednsz.googlevideo.com/videoplayback?expire=1675909478&ei=BgXkY5fGDZKF1gKpiTY&ip=2a03%3A1b20%3A6%3Af011%3A%3A8e&id=o-AEn9_fBtNW2ArIpwabiuD4_tN8MDwgzqmQu02sqFQihK&itag=251&source=youtube&requiressl=yes&mh=86&mm=31%2C29&mn=sn-5hnednsz%2Csn-5hne6nsz&ms=au%2Crdu&mv=m&mvi=3&pl=48&initcwndbps=1726250&spc=H3gIhgnWsZBajokdXRpJ5if9VLGUdVw&vprv=1&mime=audio%2Fwebm&ns=5QInBTaXV5xMxvzmQrlZiNkL&gir=yes&clen=1086309&dur=60.161&lmt=1653564511046046&mt=1675887706&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=eJfmOaVJYM7Uig&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgDdNn-zfKiwjllHTMQkMdw_Z9nEX4BxDgwsg__v0AmD8CIAygWqczOq_DV7kOxIdnM6yV_Z4CF1BfRhjI8gQfVeZX&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAOQGcsk7xUJcNhuOUEBROwguNmg4j0cOGdcpY5C285wzAiEAppy_yXP7uSUvKo3lhiDv7_yioPDQBmITIP7w07hFC7k%3D&alr=yes&cpn=YMZehuvdfVdvq50u&cver=1.20230131.01.00&range=65910-131445&rn=3&rbuf=3747&pot=D8LN4FQaItmLwvVZMXwvGMoowIea7p6Z7rYVoMYoRnb9LiHflBpgdpEVZbxCo1NCqVnA4sCGYqywLc5khKlzXT-VYu6X0yV8ia9qaQ99JNM0eb6chIpJ-PNwRyqEQuxmurIUk2M=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:11::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

abba0693c27102682e0d38a83cdc72fbea627051c119c1b8f49e43cb2e0b0684

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

client-protocol: quic
date: Wed, 08 Feb 2023 20:24:38 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65536
last-modified: Thu, 26 May 2022 11:28:31 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 08 Feb 2023 20:24:38 GMT

GET
H2 200 AL5GRJWB-9FB-rOsPE9HrlEvVe9X6UKu6EpBj-j9fR2_Cg=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 5302 3 KB
3 KB 30ms
26ms Image
image/jpeg 2a00:1450:400c:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AL5GRJWB-9FB-rOsPE9HrlEvVe9X6UKu6EpBj-j9fR2_Cg=s88-c-k-c0x00ffffff-no-rj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::84 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f61aabe30ae6844c4d379fe58f2abfe5f74c8d3a30479fb5f00b7c47016d9cfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:24:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v8f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3411
x-xss-protection: 0
expires: Thu, 09 Feb 2023 20:24:38 GMT

POST
H3 200 videoplayback Show response
rr3---sn-5hnednsz.googlevideo.com/ Frame 5302 459 KB
459 KB 16ms
16ms Fetch
video/webm 2a00:1450:400e:11::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:11::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

d226cd5057110d95fdd4c442e411e0d1852b0fb29868ffadd15603c4b3ed847f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

client-protocol: quic
date: Wed, 08 Feb 2023 20:24:38 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469637
last-modified: Thu, 26 May 2022 11:28:34 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 08 Feb 2023 20:24:38 GMT

POST
H3 200 videoplayback Show response
rr3---sn-5hnednsz.googlevideo.com/ Frame 5302 137 KB
137 KB 16ms
16ms Fetch
audio/webm 2a00:1450:400e:11::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-5hnednsz.googlevideo.com/videoplayback?expire=1675909478&ei=BgXkY5fGDZKF1gKpiTY&ip=2a03%3A1b20%3A6%3Af011%3A%3A8e&id=o-AEn9_fBtNW2ArIpwabiuD4_tN8MDwgzqmQu02sqFQihK&itag=251&source=youtube&requiressl=yes&mh=86&mm=31%2C29&mn=sn-5hnednsz%2Csn-5hne6nsz&ms=au%2Crdu&mv=m&mvi=3&pl=48&initcwndbps=1726250&spc=H3gIhgnWsZBajokdXRpJ5if9VLGUdVw&vprv=1&mime=audio%2Fwebm&ns=5QInBTaXV5xMxvzmQrlZiNkL&gir=yes&clen=1086309&dur=60.161&lmt=1653564511046046&mt=1675887706&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=eJfmOaVJYM7Uig&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgDdNn-zfKiwjllHTMQkMdw_Z9nEX4BxDgwsg__v0AmD8CIAygWqczOq_DV7kOxIdnM6yV_Z4CF1BfRhjI8gQfVeZX&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAOQGcsk7xUJcNhuOUEBROwguNmg4j0cOGdcpY5C285wzAiEAppy_yXP7uSUvKo3lhiDv7_yioPDQBmITIP7w07hFC7k%3D&alr=yes&cpn=YMZehuvdfVdvq50u&cver=1.20230131.01.00&range=131446-271245&rn=5&rbuf=7370&pot=D8LN4FQaItmLwvVZMXwvGMoowIea7p6Z7rYVoMYoRnb9LiHflBpgdpEVZbxCo1NCqVnA4sCGYqywLc5khKlzXT-VYu6X0yV8ia9qaQ99JNM0eb6chIpJ-PNwRyqEQuxmurIUk2M=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:11::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

bde43ebd7b6c6d9041a96cebfb75eb75978d11c9b3533bd72f72d668c90b71d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

client-protocol: quic
date: Wed, 08 Feb 2023 20:24:38 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139800
last-modified: Thu, 26 May 2022 11:28:31 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 08 Feb 2023 20:24:38 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 5302 28 B
54 B 79ms
76ms XHR
application/json 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
X-Goog-Request-Time: 1675887880491
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/aQQYc_GPniQ?autohide=1&autoplay=1&fs=0&showinfo=0&modestBranding=1&start=0&controls=0&rel=0&disablekb=1&iv_load_policy=3&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Ftrumedsystems.com&widgetid=1
X-YouTube-Client-Version: 1.20230131.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtZc1MyeEQyaDVtdyiFipCfBg%3D%3D
X-YouTube-Ad-Signals: dt=1675887877931&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C900&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 08 Feb 2023 20:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Wed, 08 Feb 2023 20:24:40 GMT

GET
H3 204 watchtime Show response
www.youtube.com/api/stats/ Frame 5302 0
18 B 71ms
70ms XHR
text/html 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=YMZehuvdfVdvq50u&ver=2&cmt=2.454&fmt=247&fs=0&rt=3.002&euri=https%3A%2F%2Ftrumedsystems.com%2F&lact=2687&cl=506103060&state=playing&volume=100%2C100&cbr=Chrome&cbrver=110.0.5481.77&c=WEB_EMBEDDED_PLAYER&cver=1.20230131.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&splay=1&hl=de_DE&cr=DE&len=61&rtn=13&afmt=251&idpj=-8&ldpj=-34&rti=3&size=1600%3A900&inview=0&st=0%2C0.123&et=0.039%2C2.454&muted=1%2C1&docid=aQQYc_GPniQ&ei=BgXkY5fGDZKF1gKpiTY&plid=AAX0Ng2q4FYnShsx&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FaQQYc_GPniQ%3Fautohide%3D1%26autoplay%3D1%26fs%3D0%26showinfo%3D0%26modestBranding%3D1%26start%3D0%26controls%3D0%26rel%3D0%26disablekb%3D1%26iv_load_policy%3D3%26wmode%3Dtransparent%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Ftrumedsystems.com%26widgetid%3D1&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBRlNkMkZ1MFJnRTNQbjlBNVZMdkQ2UkV0V0NuaFYzNTcyWms4R3lXQUZ4QWgxN2oyZ2JfQVBta0tESS1tWHBfUzN0RExjOVF0T3hkNndUTkJtaEFUS2ZvOUNNNVl6TmNHMEVyLUhYbUNldkR2NDktMGZqX1haSl9mVUhfOUF5bndLYUxTaW0wUU9OQUZZMi1QUGtoAQ

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/aQQYc_GPniQ?autohide=1&autoplay=1&fs=0&showinfo=0&modestBranding=1&start=0&controls=0&rel=0&disablekb=1&iv_load_policy=3&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Ftrumedsystems.com&widgetid=1
X-YouTube-Client-Version: 1.20230131.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtZc1MyeEQyaDVtdyiFipCfBg%3D%3D
X-YouTube-Ad-Signals: dt=1675887878055&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C900&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 20:24:41 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 videoplayback Show response
rr3---sn-5hnednsz.googlevideo.com/ Frame 5302 226 KB
226 KB 15ms
14ms Fetch
audio/webm 2a00:1450:400e:11::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-5hnednsz.googlevideo.com/videoplayback?expire=1675909478&ei=BgXkY5fGDZKF1gKpiTY&ip=2a03%3A1b20%3A6%3Af011%3A%3A8e&id=o-AEn9_fBtNW2ArIpwabiuD4_tN8MDwgzqmQu02sqFQihK&itag=251&source=youtube&requiressl=yes&mh=86&mm=31%2C29&mn=sn-5hnednsz%2Csn-5hne6nsz&ms=au%2Crdu&mv=m&mvi=3&pl=48&initcwndbps=1726250&spc=H3gIhgnWsZBajokdXRpJ5if9VLGUdVw&vprv=1&mime=audio%2Fwebm&ns=5QInBTaXV5xMxvzmQrlZiNkL&gir=yes&clen=1086309&dur=60.161&lmt=1653564511046046&mt=1675887706&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=eJfmOaVJYM7Uig&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgDdNn-zfKiwjllHTMQkMdw_Z9nEX4BxDgwsg__v0AmD8CIAygWqczOq_DV7kOxIdnM6yV_Z4CF1BfRhjI8gQfVeZX&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAOQGcsk7xUJcNhuOUEBROwguNmg4j0cOGdcpY5C285wzAiEAppy_yXP7uSUvKo3lhiDv7_yioPDQBmITIP7w07hFC7k%3D&alr=yes&cpn=YMZehuvdfVdvq50u&cver=1.20230131.01.00&range=271246-503102&rn=6&rbuf=12224&pot=D8LN4FQaItmLwvVZMXwvGMoowIea7p6Z7rYVoMYoRnb9LiHflBpgdpEVZbxCo1NCqVnA4sCGYqywLc5khKlzXT-VYu6X0yV8ia9qaQ99JNM0eb6chIpJ-PNwRyqEQuxmurIUk2M=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:11::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

d6da9d42da27615f060a0e59b4342cbcb401e0321b997efb66eec3643b53e272

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

client-protocol: quic
date: Wed, 08 Feb 2023 20:24:42 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 231857
last-modified: Thu, 26 May 2022 11:28:31 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21296
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 08 Feb 2023 20:24:42 GMT

POST
H3 200 videoplayback Show response
rr3---sn-5hnednsz.googlevideo.com/ Frame 5302 985 KB
985 KB 20ms
20ms Fetch
video/webm 2a00:1450:400e:11::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:11::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

76e30dab291b19706a5bd1b9928369b73b1aaf9880bd34903f761647751231cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

client-protocol: quic
date: Wed, 08 Feb 2023 20:24:42 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1008172
last-modified: Thu, 26 May 2022 11:28:34 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21296
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 08 Feb 2023 20:24:42 GMT

POST
H3 204 atr Show response
www.youtube.com/api/stats/ Frame 5302 0
20 B 75ms
74ms XHR
text/html 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=YMZehuvdfVdvq50u&ver=2&cmt=4.574&fmt=247&fs=0&rt=5.12&euri=https%3A%2F%2Ftrumedsystems.com%2F&lact=4805&cl=506103060&mos=1&volume=100&cbr=Chrome&cbrver=110.0.5481.77&c=WEB_EMBEDDED_PLAYER&cver=1.20230131.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&splay=1&hl=de_DE&cr=DE&len=61&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24255165%2C24415864%2C24416291%2C24416442%2C24430381%2C24439360%2C24441240%2C24450367%2C24451033%2C24457655%2C24458635%2C24463912&afmt=251&muted=1&docid=aQQYc_GPniQ&ei=BgXkY5fGDZKF1gKpiTY&plid=AAX0Ng2q4FYnShsx&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FaQQYc_GPniQ%3Fautohide%3D1%26autoplay%3D1%26fs%3D0%26showinfo%3D0%26modestBranding%3D1%26start%3D0%26controls%3D0%26rel%3D0%26disablekb%3D1%26iv_load_policy%3D3%26wmode%3Dtransparent%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Ftrumedsystems.com%26widgetid%3D1&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBRlNkMkZ1MFJnRTNQbjlBNVZMdkQ2UkV0V0NuaFYzNTcyWms4R3lXQUZ4QWgxN2oyZ2JfQVBta0tESS1tWHBfUzN0RExjOVF0T3hkNndUTkJtaEFUS2ZvOUNNNVl6TmNHMEVyLUhYbUNldkR2NDktMGZqX1haSl9mVUhfOUF5bndLYUxTaW0wUU9OQUZZMi1QUGtoAQ

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/aQQYc_GPniQ?autohide=1&autoplay=1&fs=0&showinfo=0&modestBranding=1&start=0&controls=0&rel=0&disablekb=1&iv_load_policy=3&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Ftrumedsystems.com&widgetid=1
X-YouTube-Client-Version: 1.20230131.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtZc1MyeEQyaDVtdyiFipCfBg%3D%3D
X-YouTube-Ad-Signals: dt=1675887878055&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C900&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 20:24:43 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

186 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.simpli.fi/	1970-01-20 18:18:30	Name: suid Value: A96C3AB59C1E4970A3A8D64CBF6FDCA2
.trumedsystems.com/	1970-01-20 11:41:03	Name: _gcl_au Value: 1.1.650192765.1675887877
.trumedsystems.com/	1970-01-20 09:32:54	Name: _uetsid Value: 9b82a920a7ee11edbafc13d1733a53da
.trumedsystems.com/	1970-01-20 18:53:03	Name: _uetvid Value: 9b82bfd0a7ee11ed8201299297aec6f1
.bing.com/	1970-01-20 18:53:03	Name: MUID Value: 2DC7E1F3A8A76BEB0885F341A9CC6AEE
.trumedsystems.com/	1970-01-20 19:07:27	Name: _ga Value: GA1.2.351634659.1675887877
.trumedsystems.com/	1970-01-20 09:32:54	Name: _gid Value: GA1.2.1943569378.1675887877
.trumedsystems.com/	1970-01-20 09:31:27	Name: _gat_UA-97483009-1 Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: N9oWsdXBHAM
.youtube.com/	1970-01-20 13:50:39	Name: DEVICE_INFO Value: ChxOekU1TnpnNE16WXlNelkyTnpjNE9USTNNZz09EIWKkJ8GGIWKkJ8G
.youtube.com/	1970-01-20 13:50:39	Name: VISITOR_INFO1_LIVE Value: YsS2xD2h5mw
.simpli.fi/	1970-01-20 09:41:32	Name: uid_syncd_secure Value: true
.adnxs.com/	1970-01-20 11:41:03	Name: uuid2 Value: 3840324249552444771
.tapad.com/	1970-01-20 10:57:51	Name: TapAd_TS Value: 1675887878631
.tapad.com/	1970-01-20 10:57:51	Name: TapAd_DID Value: bcfa9917-3908-44f7-8746-09f93138d824
.adnxs.com/	1970-01-20 11:41:03	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2H`eEalTS!@wnfH8KW.dG5<#Z?U%%p'xHNE<>DJpaAVDH[$6uFb6I7nuBe@p5y`nFMxY51<a@#DI2Z#DIgl#Xse9Ybzw
.doubleclick.net/	1970-01-20 18:53:03	Name: IDE Value: AHWqTUmTxlp23ngvvt8AOHwH6JjHM5h_5bpX2wq5cRnqPCzafAd5uFR4Et2pnCov
.tapad.com/	1970-01-20 10:57:51	Name: TapAd_3WAY_SYNCS Value:
.pro-market.net/	1970-01-20 13:50:39	Name: anProfile Value: "-5yoga8n8w8gi+1+1f=1+1g=1+1j=41+rs=s+rt=2A031B200006F011000000000000008E+s2=(rps3d2)+vm=24-A96C3AB59C1E4970A3A8D64CBF6FDCA2"
.pro-market.net/	1970-01-20 10:14:39	Name: anHistory Value: "-5yoga8n8w8gi+2+!#7')!J!)9K"
.spotxchange.com/	1970-01-20 10:11:47	Name: audience Value: 9c6f8cb8-a7ee-11ed-a3bf-1bf0cf250406
.agkn.com/	1970-01-20 18:17:03	Name: ab Value: 0001%3ApHx5j%2B9t8tSdRIgxzAzV540AJm3QEtAp
.bluekai.com/	1970-01-20 13:52:06	Name: bku Value: blx999Ra8sweNxG6
.bluekai.com/	1970-01-20 13:52:06	Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwDW8BA1pxD/NmD1hHEx8BpOO16WTHeR6x6JsBAjWx6W09y9gMyFk
.exelator.com/	1970-01-20 12:24:15	Name: EE Value: "4f379580fed308a673f0236c32c53497"
.agkn.com/	1970-01-20 18:17:03	Name: u Value: C\|0AAAAAAAAK3bBhgAAAAAA
.exelator.com/	1970-01-20 12:24:15	Name: ud Value: "eJxrXxzq6XKLQcEkzdjc0tTCIC01xdjAItHM3DjNwMjYLNnYKNnU2MTSfHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQYEl%252BUWb6IhfXxUUpaQyLSopPBR%252BWjAIAZlEpEg%253D%253D"
.bfmio.com/	1970-01-20 18:17:03	Name: __141_cid Value: A96C3AB59C1E4970A3A8D64CBF6FDCA2
.bfmio.com/	1970-01-20 18:17:03	Name: __io_cid Value: 73157976261d11e86098c99bd132a2b1b525f050

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.youtube.com/s/player/97ea7458/www-widgetapi.vflset/www-widgetapi.js(Line 1116) Message: Unrecognized feature: 'web-share'.
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=A96C3AB59C1E4970A3A8D64CBF6FDCA2 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=A96C3AB59C1E4970A3A8D64CBF6FDCA2 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-784901285353600722 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=A96C3AB59C1E4970A3A8D64CBF6FDCA2 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
app.ecwid.com
bat.bing.com
bcp.crwdcntrl.net
ce.lijit.com
cm.g.doubleclick.net
cs.choozle.com
d.agkn.com
d1eoo1tco6rr5e.cloudfront.net
eb2.3lift.com
fei.pro-market.net
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
insight.adsrvr.org
jnn-pa.googleapis.com
loadm.exelator.com
nexus.ensighten.com
pixel.rubiconproject.com
pixel.tapad.com
rr3---sn-5hnednsz.googlevideo.com
simplifi.partners.tremorhub.com
stags.bluekai.com
static.doubleclick.net
stats.g.doubleclick.net
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
tag.simpli.fi
trumedsystems.com
um.simpli.fi
us-u.openx.net
vimeo.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.trumedsystems.com
www.youtube.com
yt3.ggpht.com
13.32.110.128
142.250.201.194
162.159.134.42
162.159.138.60
18.192.88.32
18.196.242.82
18.213.131.195
18.66.22.149
185.94.180.126
209.191.163.210
23.35.209.176
2600:1901:0:8eee::
2600:1f18:612b:4264:6ee2:887:1ab8:da64
2620:1ec:c11::200
2a00:1450:400c:c04::5f
2a00:1450:400c:c08::61
2a00:1450:400c:c08::95
2a00:1450:400c:c08::9a
2a00:1450:400c:c1b::5e
2a00:1450:400c:c1b::84
2a00:1450:400d:803::200e
2a00:1450:400d:807::2002
2a00:1450:400d:807::2004
2a00:1450:400d:807::200e
2a00:1450:400d:808::2003
2a00:1450:400d:80a::2003
2a00:1450:400e:11::8
34.195.36.112
34.90.79.92
34.91.62.186
34.98.64.218
35.227.248.159
35.244.174.68
35.71.131.137
37.252.171.84
52.213.137.74
52.51.234.85
54.78.254.47
65.9.66.34
69.173.144.138
74.125.206.154
76.223.111.18
010d2f248544698a577f67bd22d10c16aa2c62c4ccaf1feabcdaa7c5ee8e3b80
02149e6af6c173522d95f58986682c2537b3395dac6c72a3d8ae412e8bd59b61
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
116018d6cd601941f98095e678a937cefcbe9fcbb6a05dac61f33f6c1b3adb31
122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade
129b3422c0a2b9b6f08a19d8777f313ab28c5fb0aa050d1170c822443c8dc28c
1b82db9f3f936df434ca2f03498546a78c1a8bf3afde0349c11e0a4e05100f28
1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f
240d5e3812ab8e6e75533336f3afc26da97dac68e1d331ba70b6ec747bae55e1
29cc91344fa42a2ddf205c2d26b851ae379f940eb5c0e321cc274d32bc629ced
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3073307486ae75d06b204a0f6d0ec2fd248b2f12bba4f9e67cf713cf5b815a65
336d0f13697900521e7f470d828fec9ec8b1bb8b2cdee9a93da507b48ad41ecb
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
454cdc4ab0bdda1b374181308c2bb0898cdb2ad289dc6af5aaca70f8e90bc6fa
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bc16be07e2276e82fc1ca0d89f873d0b5a5f72b58a1691ba141817eaddbc884
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e573b9c3550c6392c08dede0e432dcc52f9d39d24330f827e2b51b5fef070ab
4ed6171c219554c009209b79c996580824071c8c34e48c472f537eb7a711ebec
594c587c8e0a8806a25bb5e4fb505096d9d38c50d902a121c960658ed32a6d62
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59f4302304bf176f5180ee1f45d1488a10c831f3131cd4f29d1c3f08efcd0556
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ae0c5d7b64256d94acdaf65cb6b1adaf30552d0147e644c6d92dfcf08b549bc
5b169400c72045d965aac2010ff973d4184849800eac9e3ced121b38cabf8317
5fe9814834ea892088d887c91000624b8f501dac546e8ba8520701c5a26f0f2d
60c10e8ee50e4bf9b31339e9806ede6d08cfffeb40165e0c49553482fe710066
65ae05cb1187b6eacddcc464141af208d9c172aeed20c74c3bf7663b530c5c0d
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68cec3c432196cc966ea727adc07495b3945a14bba33024f9e7a11db84d8faa8
69dd3e106b70cdfb1a993ba98348ce4ad0cf329a007cd3526dcd12a85e9dfe04
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e4cf194b7135e818efe700f71fd4930387c03f2e157e7d954a37d8b7c173c96
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
715f09e0e73a38bae12d62b93dc34df0b3f690a56ba3a50e65dc2cda174d6365
7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821
76e30dab291b19706a5bd1b9928369b73b1aaf9880bd34903f761647751231cb
781ff8bedf26ca2a211e640f5ca902b4acc6637626f42e7a98caeff51da6bddd
7baf267fdad9fc5969767a4de850caddefd027a0d9446c0886e14b68b936f768
7d78fdf085de13f88c4bc7d1acd83fbf3edb9d36d0fff605aa2d05547f8cb500
7e4d451912dd5ed3eae75180bb80408c5558a1105fd5559fa86fa901ff19331a
81903c66d3a5964fc173fe95f5c24939229336fe3d1afb22ad25ab71fd085c07
83238a9c118b388bee1eede2f1c04b6441ac0c4a543f502457e3d2309a9d3e99
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8aedf6cfea0cab0b1f40f53ec29e95bd9f6fa480a13050e877e2a29bc3875ded
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9ca6c27baeaeb3ccdb82eb99cb0f6d736eb93fd220d351f7be4093e3c51b8c9d
9e8957c0dd182905a5e84fd354a6e83a49f4849a6753e0730caecbcaa0faf5ad
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3c9bb0126992129d561e6615234943f04520c69bdba33205c935ca70414c2ef
a44c72100a3c56963015a01c8845f8abe1240d54c7bac4606112ff7a1d3b5162
a8a25418e3fac7987cae63e61d3eb46e7575ea8fde9fef315e85137ac005e4f0
aa55dbcd6d6b759e2c15b5075e05cea88e9e4d69ea990c14e7b8ccde2c40c406
abba0693c27102682e0d38a83cdc72fbea627051c119c1b8f49e43cb2e0b0684
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b057b6e9edaebb50c78504d0db9e0d7b7bdc6ecabb5c4acc2864e78c37fde468
b140c5fb08754d995dbfa7adf0fcc3bda240ecdf928f58de0d5e6ff6b1bc1d1b
b1504258b70504f58b07d2d15831a8af53d4466c33e4140ff88487f0ff92f377
b95164237b524353d235fd03cdc0ddf54a489315c59ee4e744cf120657a1ee33
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bde43ebd7b6c6d9041a96cebfb75eb75978d11c9b3533bd72f72d668c90b71d3
bed409fb187931c095c4bc0b0b9c02a47dfa762e9949f8dc55721a11f9a79309
bf4653fab7651273862396880ad69c2804948c28c8dfe9cbf7b615a7cd121e76
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c4544c7de50a4c99ee436592a19efeb71da2abc11827bde8f1eb239693bac860
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d123d751f91f7bf659ad3a9c583e44c2a127f96ff0c5c1c48113b7e6223e61b0
d226cd5057110d95fdd4c442e411e0d1852b0fb29868ffadd15603c4b3ed847f
d3bbfd5809ca9c520b3565dad1b49bebe6da051f31d29db91c24711ccd98dfdc
d6763a40bb3ca768090c74bd2f76be14628d033876a20bf929221d56736554c2
d6da9d42da27615f060a0e59b4342cbcb401e0321b997efb66eec3643b53e272
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
d9b18edccc6d6cdd3eb64d1835d42046cc84cdd8681ec26da7b6b3e7e3ab8875
e2531c4c644b971ac85b561c43f4863d9d9263be60daa241c4e7a90d86919c9c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e9b218873b8139683ccfe3a2c4362c067c20b6bd0b5f5345407294546d87add9
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441
eff8827de9144af1cc320d8ffe85d634f3465d80f7203906c67c002025ecf3a6
f61aabe30ae6844c4d379fe58f2abfe5f74c8d3a30479fb5f00b7c47016d9cfc
f81a04d77ab02696131c4dd052b2dcb2ce69a4babe1c2f75253788b59343c174
f939b1d4ca612e58030280a79c6ac420e2b8b2cc6a79d7d6e3d603caa6e78dbc
feeedf3af554b79ecf6df6cb4e7e4eb2674dc36aba933bd5fbda4db954724d1d
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df
ff5497e11a347b8e75a17fad4c35c51b0a77f2c08cb659cfd951bfdb2119833e

trumedsystems.com Open in urlscan Pro 162.159.134.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

107 Requests

81 %HTTPS

38 %IPv6

36 Domains

44 Subdomains

38 IPs

7 Countries

4138 kBTransfer

8165 kBSize

29 Cookies

10 Outgoing links

Page URL History

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

trumedsystems.com Open in urlscan Pro
162.159.134.42 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

81 %
HTTPS

38 %
IPv6

36
Domains

44
Subdomains

38
IPs

7
Countries

4138 kB
Transfer

8165 kB
Size

29
Cookies

107 HTTP transactions
14 data transactions