URL: https://rates.medicarenationwide.com/
Submission: On March 17 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 20 IPs in 2 countries across 16 domains to perform 57 HTTP transactions. The main IP is 18.205.222.128, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is rates.medicarenationwide.com.
TLS certificate: Issued by R3 on January 15th 2023. Valid for: 3 months.
This is the only time rates.medicarenationwide.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
15 medicarenationwide.com
rates.medicarenationwide.com
279 KB
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 82
845 KB
8 leadid.com
create.leadid.com — Cisco Umbrella Rank: 13466
5 KB
6 trustedform.com
api.trustedform.com — Cisco Umbrella Rank: 23805
cdn.trustedform.com — Cisco Umbrella Rank: 26762
42 KB
4 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 215
30 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
48 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 32
static.doubleclick.net — Cisco Umbrella Rank: 241
1 KB
2 smartlook.com
web-sdk.smartlook.com — Cisco Umbrella Rank: 22804
17 KB
1 trueleadid.com
deviceid.trueleadid.com — Cisco Umbrella Rank: 14386
2 KB
1 cloudfront.net
d2m2wsoho8qq12.cloudfront.net
2 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 226
3 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 102
40 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
14 KB
1 lidstatic.com
create.lidstatic.com — Cisco Umbrella Rank: 21383
38 KB
1 medicareshop.com
ss.medicareshop.com
1 trustpilot.com
widget.trustpilot.com — Cisco Umbrella Rank: 4700
6 KB
57 16
Domain Requested by
15 rates.medicarenationwide.com rates.medicarenationwide.com
cdn.trustedform.com
9 www.youtube.com rates.medicarenationwide.com
www.youtube.com
8 create.leadid.com create.lidstatic.com
deviceid.trueleadid.com
4 jnn-pa.googleapis.com www.youtube.com
4 api.trustedform.com 1 redirects api.trustedform.com
cdn.trustedform.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 fonts.gstatic.com www.youtube.com
2 cdn.trustedform.com rates.medicarenationwide.com
api.trustedform.com
2 web-sdk.smartlook.com rates.medicarenationwide.com
web-sdk.smartlook.com
1 deviceid.trueleadid.com d2m2wsoho8qq12.cloudfront.net
1 d2m2wsoho8qq12.cloudfront.net create.lidstatic.com
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 create.lidstatic.com rates.medicarenationwide.com
1 ss.medicareshop.com rates.medicarenationwide.com
1 widget.trustpilot.com rates.medicarenationwide.com
57 19

This site contains no links.

Subject Issuer Validity Valid
rates.medicarenationwide.com
R3
2023-01-15 -
2023-04-15
3 months crt.sh
*.trustpilot.com
Amazon RSA 2048 M02
2023-02-02 -
2024-03-02
a year crt.sh
TRAEFIK DEFAULT CERT
TRAEFIK DEFAULT CERT
2023-03-16 -
2024-03-15
a year crt.sh
1688964705.rsc.cdn77.org
R3
2023-03-09 -
2023-06-07
3 months crt.sh
lidstatic.com
Cloudflare Inc ECC CA-3
2023-02-28 -
2024-02-28
a year crt.sh
*.google.com
GTS CA 1C3
2023-03-02 -
2023-05-25
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-03-02 -
2023-05-25
3 months crt.sh
create.leadid.com
Amazon RSA 2048 M02
2023-02-23 -
2023-10-19
8 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-03-02 -
2023-05-25
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-03-02 -
2023-05-25
3 months crt.sh
www.google.com
GTS CA 1C3
2023-03-02 -
2023-05-25
3 months crt.sh
edgestatic.com
GTS CA 1C3
2023-03-02 -
2023-05-25
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2023-03-02 -
2023-05-25
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh
deviceid.trueleadid.com
Amazon RSA 2048 M02
2023-02-24 -
2024-01-06
10 months crt.sh
*.trustedform.com
Amazon RSA 2048 M02
2023-02-22 -
2023-10-09
8 months crt.sh
cdn.trustedform.com
Amazon RSA 2048 M02
2023-03-15 -
2024-04-12
a year crt.sh

This page contains 4 frames:

Primary Page: https://rates.medicarenationwide.com/
Frame ID: 9945A34F08C0137DBD93415ECFE0E085
Requests: 34 HTTP requests in this frame

Frame: https://www.youtube.com/embed/hJs--k4nrLc
Frame ID: 76A701A6811EF5DAB351E012CF27D5FD
Requests: 21 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=A4C826B4-1EA4-760E-C66A-0A80E640026F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.11&lck=385552C3-81F8-6A67-A115-A339DECC3A60&lac=3F0C70E5-D003-207E-F402-F3F9F66871E5
Frame ID: 0E0E1E5E20D6A73EF60AA027E7A9B5AE
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=A4C826B4-1EA4-760E-C66A-0A80E640026F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.11&lck=385552C3-81F8-6A67-A115-A339DECC3A60&lac=3F0C70E5-D003-207E-F402-F3F9F66871E5
Frame ID: 00BAD0AA2C9BE402D6ECB395385B9A7E
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Medicare Shop

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Page Statistics

57
Requests

95 %
HTTPS

63 %
IPv6

16
Domains

19
Subdomains

20
IPs

2
Countries

1383 kB
Transfer

4291 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16790143561240.8661945403651146&invert_field_sensitivity=false HTTP 301
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16790143561240.8661945403651146&invert_field_sensitivity=false
Request Chain 27
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

57 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
rates.medicarenationwide.com/
3 KB
2 KB
Document
General
Full URL
https://rates.medicarenationwide.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.205.222.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-222-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
018ce8278681b4b02299973c2826ac78dfc385f3f856066fcd8147538f8d0938

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 17 Mar 2023 00:52:35 GMT
Etag
W/"6304cb84-a7f"
Last-Modified
Tue, 23 Aug 2022 12:43:48 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 vegur
tp.widget.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/
19 KB
6 KB
Script
General
Full URL
https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Requested by
Host: rates.medicarenationwide.com
URL: https://rates.medicarenationwide.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-107.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3496bc7c277d917d35553c46ed1597a86065494cac582e42a3a1d55aedef7fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rates.medicarenationwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 17 Mar 2023 00:48:30 GMT
via
1.1 c9499008aa7e1acd11e9fbc171281d82.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
246
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6124
x-xss-protection
1; mode=block
last-modified
Mon, 30 May 2022 14:38:02 GMT
server
AmazonS3
etag
"5add60196e5f96a414fb4b9586764e5d"
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
F4tSr224XQ1NbyJu7Wi6GKN38jqkcjk3LS2j8R8FHU5gTUNFNRMaQQ==
main.59aaf344.js
rates.medicarenationwide.com/static/js/
208 KB
69 KB
Script
General
Full URL
https://rates.medicarenationwide.com/static/js/main.59aaf344.js
Requested by
Host: rates.medicarenationwide.com
URL: https://rates.medicarenationwide.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.205.222.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-222-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a1f44c76c8d3b4c1f926e65ac140ea36dc6cd2fa18c251925d9193575f475edd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rates.medicarenationwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 00:52:35 GMT
Content-Encoding
gzip
Via
1.1 vegur
Last-Modified
Tue, 23 Aug 2022 12:43:48 GMT
Server
nginx
Etag
W/"6304cb84-34107"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
Connection
keep-alive
main.1159c66b.css
rates.medicarenationwide.com/static/css/
42 KB
11 KB
Stylesheet
General
Full URL
https://rates.medicarenationwide.com/static/css/main.1159c66b.css
Requested by
Host: rates.medicarenationwide.com
URL: https://rates.medicarenationwide.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.205.222.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-222-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0efee6d5f7204213846db1cc50a7cbf0c434b762d4078cce4b1c0ebb2f4427ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rates.medicarenationwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 00:52:36 GMT
Content-Encoding
gzip
Via
1.1 vegur
Last-Modified
Tue, 23 Aug 2022 12:43:48 GMT
Server
nginx
Etag
W/"6304cb84-a633"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
gtm.js
ss.medicareshop.com/
0
0
Script
General
Full URL
https://ss.medicareshop.com/gtm.js?id=GTM-KZ3V2D2
Requested by
Host: rates.medicarenationwide.com
URL: https://rates.medicarenationwide.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.193.123.107 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.123.193.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rates.medicarenationwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

recorder.js
web-sdk.smartlook.com/
3 KB
2 KB
Script
General
Full URL
https://web-sdk.smartlook.com/recorder.js
Requested by
Host: rates.medicarenationwide.com
URL: https://rates.medicarenationwide.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
8e8b5a9d562e0f0c1e6209b053ff8efc94bb760571ed328a7c3ce29bd40275ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rates.medicarenationwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 17 Mar 2023 00:52:35 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
cross-origin-resource-policy
cross-origin
x-age
141
x-77-nzt
AZySIRBDGy//jQAAAA
x-accel-expires
@1679014814
last-modified
Thu, 16 Mar 2023 14:40:46 GMT
server
CDN77-Turbo
etag
W/"64132a6e-c4a"
x-77-nzt-ray
f6587a1dce94085dd3b9136488474734
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
init.af4c7cae928b3d719934.js
web-sdk.smartlook.com/es6/
54 KB
16 KB
Script
General
Full URL
https://web-sdk.smartlook.com/es6/init.af4c7cae928b3d719934.js
Requested by
Host: web-sdk.smartlook.com
URL: https://web-sdk.smartlook.com/recorder.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a10b4491274ca7979306a49e8b5808a5379a1aa4e1fd3af9f3b8394eb4cd9334
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://rates.medicarenationwide.com/
Origin
https://rates.medicarenationwide.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 17 Mar 2023 00:52:35 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
cross-origin-resource-policy
cross-origin
x-age
35602
x-77-nzt
AZySIRBmeKP/EosAAA
x-accel-expires
@1710514753
last-modified
Thu, 16 Mar 2023 14:40:46 GMT
server
CDN77-Turbo
etag
W/"64132a6e-d788"
x-77-nzt-ray
f6587a1d569e515dd3b9136418639d35
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
385552c3-81f8-6a67-a115-a339decc3a60.js
create.lidstatic.com/campaign/
121 KB
38 KB
Script
General
Full URL
https://create.lidstatic.com/campaign/385552c3-81f8-6a67-a115-a339decc3a60.js?snippet_version=2
Requested by
Host: rates.medicarenationwide.com
URL: https://rates.medicarenationwide.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:27b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63d1748079ce0d5f65b813d8971c8777941689b537cdb13313b991c91b25657a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rates.medicarenationwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 00:52:36 GMT
x-amz-version-id
Z2C8kKgcAoFcNWuhafweK_gjvbAhlvRu
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 12 May 2022 19:18:37 GMT
server
cloudflare
x-amz-request-id
QYKN9Q8AQ860CB7D
etag
W/"89a624e3e2c11d534c29f4893233b236"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1800
x-amz-replication-status
COMPLETED
cf-ray
7a91410e0d8f2ba8-FRA
x-amz-id-2
llREesf7tOH2fuvWb7shum7r6VymNrS0fopDit9JkeM05b/V6y/lLlkIutHQ4Vq8/XDetcjT1ykuVoElKhYNRYhuTF0fcH7N/8/fFHKQVdM=
bootstrap.js
cdn.trustedform.com/
Redirect Chain
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16790143561240.8661945403651146&invert_field_sensitivity=false
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16790143561240.8661945403651146&invert_field_sensitivity=false
7 KB
3 KB
Script
General
Full URL
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16790143561240.8661945403651146&invert_field_sensitivity=false
Requested by
Host: rates.medicarenationwide.com
URL: https://rates.medicarenationwide.com/
Protocol
H2
Server
2600:9000:223d:e400:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
001fec1d89b5cda58d62fff00a17723313d92f195680b5fd1a4ad52e7a1fb37c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rates.medicarenationwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 00:52:37 GMT
x-amz-version-id
oadcnJCg2vYrfrS_vSmPkc6nBoYFDxSV
content-encoding
gzip
last-modified
Fri, 24 Feb 2023 16:04:14 GMT
server
AmazonS3
via
1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
etag
W/"1b4d8abad5e0668a237e388577c6a93c"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
jPw1HLVIi0fGboJi9m1DJNto5COByoN3chTnHyhl0rNfB8mG0KxyeA==

Redirect headers

location
https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16790143561240.8661945403651146&invert_field_sensitivity=false
date
Fri, 17 Mar 2023 00:52:36 GMT
server
awselb/2.0
content-length
134
content-type
text/html
618.5019fee5.chunk.js
rates.medicarenationwide.com/static/js/
39 KB
12 KB
Script
General
Full URL
https://rates.medicarenationwide.com/static/js/618.5019fee5.chunk.js
Requested by
Host: rates.medicarenationwide.com
URL: https://rates.medicarenationwide.com/static/js/main.59aaf344.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.205.222.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-222-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
12420925cd21d88baeb5d638fe330c98f1a1a2bb38229809baf8b380d3569f41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rates.medicarenationwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 00:52:36 GMT
Content-Encoding
gzip
Via
1.1 vegur
Last-Modified
Tue, 23 Aug 2022 12:43:48 GMT
Server
nginx
Etag
W/"6304cb84-9baf"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
Connection
keep-alive
538.86b7e6f8.chunk.js
rates.medicarenationwide.com/static/js/
7 KB
3 KB
Script
General
Full URL
https://rates.medicarenationwide.com/static/js/538.86b7e6f8.chunk.js
Requested by
Host: rates.medicarenationwide.com
URL: https://rates.medicarenationwide.com/static/js/main.59aaf344.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.205.222.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-222-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
dcc25e5773a0ed0648d1b3519131564e3def41c67bf4f78f7a0c282fa79e7548

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rates.medicarenationwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 00:52:36 GMT
Content-Encoding
gzip
Via
1.1 vegur
Last-Modified
Tue, 23 Aug 2022 12:43:48 GMT
Server
nginx
Etag
W/"6304cb84-1c63"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
Connection
keep-alive
867.0bdf31ae.chunk.js
rates.medicarenationwide.com/static/js/
122 KB
37 KB
Script
General
Full URL
https://rates.medicarenationwide.com/static/js/867.0bdf31ae.chunk.js
Requested by
Host: rates.medicarenationwide.com
URL: https://rates.medicarenationwide.com/static/js/main.59aaf344.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.205.222.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-222-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3902ee9ce07eb81ce82289772b21fe1fd6b696aa4b4f3d031c59bf84acdfbfb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rates.medicarenationwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 00:52:36 GMT
Content-Encoding
gzip
Via
1.1 vegur
Last-Modified
Tue, 23 Aug 2022 12:43:48 GMT
Server
nginx
Etag
W/"6304cb84-1e97b"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
Connection
keep-alive
966.86d0b6cf.chunk.js
rates.medicarenationwide.com/static/js/
12 KB
5 KB
Script
General
Full URL
https://rates.medicarenationwide.com/static/js/966.86d0b6cf.chunk.js
Requested by
Host: rates.medicarenationwide.com
URL: https://rates.medicarenationwide.com/static/js/main.59aaf344.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.205.222.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-222-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f69c19f5cdd7f51b4e57194ee7f6ea960c8eda2d280b93457f0fff6f3348e2e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rates.medicarenationwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 00:52:36 GMT
Content-Encoding
gzip
Via
1.1 vegur
Last-Modified
Tue, 23 Aug 2022 12:43:48 GMT
Server
nginx
Etag
W/"6304cb84-2ea0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
Connection
keep-alive
ms-logo.a7c453cfd00accc58671.jpeg
rates.medicarenationwide.com/static/media/
13 KB
13 KB
Image
General
Full URL
https://rates.medicarenationwide.com/static/media/ms-logo.a7c453cfd00accc58671.jpeg
Requested by
Host: rates.medicarenationwide.com
URL: https://rates.medicarenationwide.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.205.222.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-222-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3c6e86cf98b61fb5fce1f627d7fd08c3fcbb925c95d02ad3210822e46947e9ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rates.medicarenationwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 00:52:36 GMT
Via
1.1 vegur
Last-Modified
Tue, 23 Aug 2022 12:43:48 GMT
Server
nginx
Etag
"6304cb84-33eb"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13291
hJs--k4nrLc
www.youtube.com/embed/ Frame 76A7
70 KB
29 KB
Document
General
Full URL
https://www.youtube.com/embed/hJs--k4nrLc
Requested by
Host: rates.medicarenationwide.com
URL: https://rates.medicarenationwide.com/static/js/main.59aaf344.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
215497d9b5810d7dc8a8ab43fbefa371e594a3dfd8a812bbe027a945e44f1dd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rates.medicarenationwide.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 00:52:36 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
621a20fd79e286e28f4f59b52004203029c22c47331cd72c38844e95bfc4f9fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
inter-latin-400-normal.5e6a773da9d1377fc690.woff2
rates.medicarenationwide.com/static/media/
16 KB
17 KB
Font
General
Full URL
https://rates.medicarenationwide.com/static/media/inter-latin-400-normal.5e6a773da9d1377fc690.woff2
Requested by
Host: rates.medicarenationwide.com
URL: https://rates.medicarenationwide.com/static/css/main.1159c66b.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.205.222.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-222-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2069ee225073a115f31dcfbfc8e645967697bcf1d9b8f56d56b0aed8943d9f93

Request headers

Referer
https://rates.medicarenationwide.com/static/css/main.1159c66b.css
Origin
https://rates.medicarenationwide.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 00:52:36 GMT
Via
1.1 vegur
Last-Modified
Tue, 23 Aug 2022 12:43:48 GMT
Server
nginx
Etag
"6304cb84-410c"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16652
inter-latin-500-normal.09888c3a03b6e6c64e6d.woff2
rates.medicarenationwide.com/static/media/
17 KB
17 KB
Font
General
Full URL
https://rates.medicarenationwide.com/static/media/inter-latin-500-normal.09888c3a03b6e6c64e6d.woff2
Requested by
Host: rates.medicarenationwide.com
URL: https://rates.medicarenationwide.com/static/css/main.1159c66b.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.205.222.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-222-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7c36cf69c5653547812e02400129ff0203b05714c3483a333bb2718f55a8a0e5

Request headers

Referer
https://rates.medicarenationwide.com/static/css/main.1159c66b.css
Origin
https://rates.medicarenationwide.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 00:52:36 GMT
Via
1.1 vegur
Last-Modified
Tue, 23 Aug 2022 12:43:48 GMT
Server
nginx
Etag
"6304cb84-4448"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17480
merriweather-latin-700-normal.2071db10c6abae42e047.woff2
rates.medicarenationwide.com/static/media/
19 KB
20 KB
Font
General
Full URL
https://rates.medicarenationwide.com/static/media/merriweather-latin-700-normal.2071db10c6abae42e047.woff2
Requested by
Host: rates.medicarenationwide.com
URL: https://rates.medicarenationwide.com/static/css/main.1159c66b.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.205.222.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-222-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Request headers

Referer
https://rates.medicarenationwide.com/static/css/main.1159c66b.css
Origin
https://rates.medicarenationwide.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 00:52:36 GMT
Via
1.1 vegur
Last-Modified
Tue, 23 Aug 2022 12:43:48 GMT
Server
nginx
Etag
"6304cb84-4d1c"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19740
inter-latin-700-normal.c2ceaa0b01f346625d99.woff2
rates.medicarenationwide.com/static/media/
17 KB
17 KB
Font
General
Full URL
https://rates.medicarenationwide.com/static/media/inter-latin-700-normal.c2ceaa0b01f346625d99.woff2
Requested by
Host: rates.medicarenationwide.com
URL: https://rates.medicarenationwide.com/static/css/main.1159c66b.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.205.222.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-222-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b2be4f770c150289ae7c966dba6508266866f02223f41c6b9088699338ae99e7

Request headers

Referer
https://rates.medicarenationwide.com/static/css/main.1159c66b.css
Origin
https://rates.medicarenationwide.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 00:52:36 GMT
Via
1.1 vegur
Last-Modified
Tue, 23 Aug 2022 12:43:48 GMT
Server
nginx
Etag
"6304cb84-44c4"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17604
ms-logo-mobile.76bd04eb7d365b79ec99.png
rates.medicarenationwide.com/static/media/
21 KB
22 KB
Image
General
Full URL
https://rates.medicarenationwide.com/static/media/ms-logo-mobile.76bd04eb7d365b79ec99.png
Requested by
Host: rates.medicarenationwide.com
URL: https://rates.medicarenationwide.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.205.222.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-222-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ef40857e43f1fa1ba3f3567a3ac31d4c7e0a76228ac81431be1fff63738cf25b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rates.medicarenationwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 00:52:36 GMT
Via
1.1 vegur
Last-Modified
Tue, 23 Aug 2022 12:43:48 GMT
Server
nginx
Etag
"6304cb84-557f"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21887
www-player.css
www.youtube.com/s/player/59acb1f3/ Frame 76A7
399 KB
51 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/59acb1f3/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/hJs--k4nrLc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
627b65348371145aaabe55e47cd88f930ac1deceee9035c225e2599620b31809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/hJs--k4nrLc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 00:47:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
331
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51796
x-xss-protection
0
last-modified
Wed, 15 Mar 2023 00:16:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 16 Mar 2024 00:47:05 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 76A7
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/hJs--k4nrLc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 20:18:07 GMT
x-content-type-options
nosniff
age
189269
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Mar 2024 20:18:07 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 76A7
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/hJs--k4nrLc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 09:54:53 GMT
x-content-type-options
nosniff
age
53863
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Mar 2024 09:54:53 GMT
www-embed-player.js
www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/ Frame 76A7
346 KB
108 KB
Script
General
Full URL
https://www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/hJs--k4nrLc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e6d16fdbd323a6e1f9f5de2832e0e104b4f96c08522617706df1625e556e135
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/hJs--k4nrLc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 22:09:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
9808
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110099
x-xss-protection
0
last-modified
Wed, 15 Mar 2023 00:16:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 15 Mar 2024 22:09:08 GMT
base.js
www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/ Frame 76A7
2 MB
611 KB
Script
General
Full URL
https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/hJs--k4nrLc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0786c93417ede2a0a5d482288da45887ce070d846d7c1e5f7c882a3268f17c85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/hJs--k4nrLc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 15:44:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
119262
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
624818
x-xss-protection
0
last-modified
Wed, 15 Mar 2023 00:16:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 14 Mar 2024 15:44:54 GMT
fetch-polyfill.js
www.youtube.com/s/player/59acb1f3/fetch-polyfill.vflset/ Frame 76A7
9 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/59acb1f3/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/hJs--k4nrLc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/hJs--k4nrLc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 00:24:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
1705
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2786
x-xss-protection
0
last-modified
Wed, 15 Mar 2023 00:16:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 16 Mar 2024 00:24:11 GMT
GenerateToken
create.leadid.com/2.11.11/
36 B
659 B
XHR
General
Full URL
https://create.leadid.com/2.11.11/GenerateToken?msn=1&pid=d7b26788-b996-4272-b83c-cde64f73ab3c&_=652574180
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/385552c3-81f8-6a67-a115-a339decc3a60.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.132.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-132-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8ea14af8f800c14dd24af378018b689149dc689537f77ceb970ed455d7b227cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://rates.medicarenationwide.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 17 Mar 2023 00:52:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 76A7
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/hJs--k4nrLc
Protocol
H2
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b32628451e9b5fd9f77ea07990700b09d766e4a6f85fd1d2658c662ae4e4ded1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 00:52:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 17 Mar 2023 00:52:37 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 76A7
29 B
495 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 00:38:31 GMT
x-content-type-options
nosniff
age
846
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Mar 2023 00:53:31 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 17 Mar 2023 00:52:37 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 76A7
65 KB
30 KB
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6fe0c49f7b5c7e5535e1373b24d2ef7413f9bab223be28c5eba93d3ad5a6e7e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 17 Mar 2023 00:52:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30823
x-xss-protection
0
remote.js
www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/ Frame 76A7
116 KB
36 KB
Script
General
Full URL
https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd6fe8e7ae1c62891cb5eddccffd0e4fe658520f3c086c32d6c2efbd3c1e47af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/hJs--k4nrLc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 15:44:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
119263
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36475
x-xss-protection
0
last-modified
Wed, 15 Mar 2023 00:16:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 14 Mar 2024 15:44:54 GMT
GCBvWy_yb866hkOUIGxUHdK41VpQSXIVky7cQUZngWQ.js
www.google.com/js/th/ Frame 76A7
36 KB
14 KB
Script
General
Full URL
https://www.google.com/js/th/GCBvWy_yb866hkOUIGxUHdK41VpQSXIVky7cQUZngWQ.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18206f5b2ff26fceba864394206c541dd2b8d55a50497215932edc4146678164
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 17:24:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
26879
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14145
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 11:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Mar 2024 17:24:38 GMT
maxres2.jpg
i.ytimg.com/vi/hJs--k4nrLc/ Frame 76A7
40 KB
40 KB
Image
General
Full URL
https://i.ytimg.com/vi/hJs--k4nrLc/maxres2.jpg?sqp=-oaymwEoCIAKENAF8quKqQMcGADwAQH4Ac4FgAKACooCDAgAEAEYZSBWKEkwDw==&rs=AOn4CLC6SGJjf9sEKaTzeDexLzZCDzeKUg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/hJs--k4nrLc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf5434a69b4685a669abceabae47f08cd0e3ec51267b3d196a79d8216b5c53b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 00:52:37 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40592
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 17 Mar 2023 02:52:37 GMT
embed.js
www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/ Frame 76A7
27 KB
9 KB
Script
General
Full URL
https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b624474cafaf891480d3b946b92e5e5181a58b85a452f86458fd7985b273a66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/hJs--k4nrLc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 15:47:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
119086
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8702
x-xss-protection
0
last-modified
Wed, 15 Mar 2023 00:16:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 14 Mar 2024 15:47:51 GMT
truncated
/ Frame 76A7
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
MN7TMf-2S704EL_iePS_ZmoJ2oAt-CQmprtrGI50E5DhPgAM91B93f4_Bh4eNDlaH50DPTSiWg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 76A7
3 KB
3 KB
Image
General
Full URL
https://yt3.ggpht.com/MN7TMf-2S704EL_iePS_ZmoJ2oAt-CQmprtrGI50E5DhPgAM91B93f4_Bh4eNDlaH50DPTSiWg=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/hJs--k4nrLc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
76dea057b019c14656f01512f9df53be680c23b576724e58ddb3aaef93ef11eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 00:52:37 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="channels4_profile.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2731
x-xss-protection
0
expires
Sat, 18 Mar 2023 00:52:37 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 76A7
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 00:52:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Mar 2023 00:52:37 GMT
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 0E0E
3 KB
2 KB
Document
General
Full URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=A4C826B4-1EA4-760E-C66A-0A80E640026F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.11&lck=385552C3-81F8-6A67-A115-A339DECC3A60&lac=3F0C70E5-D003-207E-F402-F3F9F66871E5
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/385552c3-81f8-6a67-a115-a339decc3a60.js?snippet_version=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-96.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://rates.medicarenationwide.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
78519
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 16 Mar 2023 03:04:10 GMT
ETag
W/"63ebe88f-dbb"
Last-Modified
Tue, 14 Feb 2023 20:01:19 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Via
1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
X-Amz-Cf-Id
jru3qIJCZialUvOMQs9SrNEUX9lGEyI_ZxdBTgCoNpjpYOHiwiPddQ==
X-Amz-Cf-Pop
FRA60-P1
X-Cache
Hit from cloudfront
SaveDom
create.leadid.com/2.11.11/
0
623 B
XHR
General
Full URL
https://create.leadid.com/2.11.11/SaveDom?msn=2&pid=d7b26788-b996-4272-b83c-cde64f73ab3c&token=A4C826B4-1EA4-760E-C66A-0A80E640026F&_=652574181
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/385552c3-81f8-6a67-a115-a339decc3a60.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.132.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-132-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://rates.medicarenationwide.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 17 Mar 2023 00:52:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
InitFormData
create.leadid.com/2.11.11/
0
623 B
XHR
General
Full URL
https://create.leadid.com/2.11.11/InitFormData?msn=3&pid=d7b26788-b996-4272-b83c-cde64f73ab3c&token=A4C826B4-1EA4-760E-C66A-0A80E640026F&_=652574182
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/385552c3-81f8-6a67-a115-a339decc3a60.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.132.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-132-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://rates.medicarenationwide.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 17 Mar 2023 00:52:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
generate_204
www.youtube.com/ Frame 76A7
0
10 B
Image
General
Full URL
https://www.youtube.com/generate_204?-oCGXg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/hJs--k4nrLc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/hJs--k4nrLc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 00:52:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 76A7
90 B
132 B
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d0583805b6907d7e9aa636bed20fa041ad4002854e783bbd67d2fef49484c369
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 17 Mar 2023 00:52:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
108
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 17 Mar 2023 00:52:37 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
iframe.html
deviceid.trueleadid.com/ Frame 00BA
4 KB
2 KB
Document
General
Full URL
https://deviceid.trueleadid.com/iframe.html?token=A4C826B4-1EA4-760E-C66A-0A80E640026F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.11&lck=385552C3-81F8-6A67-A115-A339DECC3A60&lac=3F0C70E5-D003-207E-F402-F3F9F66871E5
Requested by
Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=A4C826B4-1EA4-760E-C66A-0A80E640026F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.11&lck=385552C3-81F8-6A67-A115-A339DECC3A60&lac=3F0C70E5-D003-207E-F402-F3F9F66871E5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.158.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-158-127.compute-1.amazonaws.com
Software
nginx /
Resource Hash
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer
https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=86400 public
content-encoding
gzip
content-type
text/html
date
Fri, 17 Mar 2023 00:52:37 GMT
etag
W/"6408e5ef-1049"
expires
Sat, 18 Mar 2023 00:52:37 GMT
last-modified
Wed, 08 Mar 2023 19:45:51 GMT
p3p
CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server
nginx
cast_sender.js
www.gstatic.com/eureka/clank/111/ Frame 76A7
50 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/111/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 17:24:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26878
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14872
x-xss-protection
0
last-modified
Mon, 16 Jan 2023 16:05:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Fri, 17 Mar 2023 17:24:39 GMT
SaveDeviceId.js
create.leadid.com/2.11.11/ Frame 00BA
0
627 B
Script
General
Full URL
https://create.leadid.com/2.11.11/SaveDeviceId.js?lac=3F0C70E5-D003-207E-F402-F3F9F66871E5&lck=385552C3-81F8-6A67-A115-A339DECC3A60&methods=48&token=A4C826B4-1EA4-760E-C66A-0A80E640026F&uuid=93a87f1a53aa4b1589999241c7b8f95a
Requested by
Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=A4C826B4-1EA4-760E-C66A-0A80E640026F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.11&lck=385552C3-81F8-6A67-A115-A339DECC3A60&lac=3F0C70E5-D003-207E-F402-F3F9F66871E5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.132.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-132-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deviceid.trueleadid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 00:52:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
Snap
create.leadid.com/2.11.11/
0
623 B
XHR
General
Full URL
https://create.leadid.com/2.11.11/Snap?msn=4&pid=d7b26788-b996-4272-b83c-cde64f73ab3c&token=A4C826B4-1EA4-760E-C66A-0A80E640026F&_=652574183
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/385552c3-81f8-6a67-a115-a339decc3a60.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.132.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-132-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://rates.medicarenationwide.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 17 Mar 2023 00:52:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
certs
api.trustedform.com/
475 B
686 B
XHR
General
Full URL
https://api.trustedform.com/certs
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16790143561240.8661945403651146&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.76.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-76-17.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
38e08bf095300ffc40a1c3c18055bf873a63c3ca664f793e0091797c08c7a5d0

Request headers

Referer
https://rates.medicarenationwide.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Mar 2023 00:52:38 GMT
server
Cowboy
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
475
Snap
create.leadid.com/2.11.11/
0
624 B
XHR
General
Full URL
https://create.leadid.com/2.11.11/Snap?msn=5&pid=d7b26788-b996-4272-b83c-cde64f73ab3c&token=A4C826B4-1EA4-760E-C66A-0A80E640026F&_=652574184
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/385552c3-81f8-6a67-a115-a339decc3a60.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.132.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-132-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://rates.medicarenationwide.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 17 Mar 2023 00:52:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
trustedform-1.8.38.js
cdn.trustedform.com/
102 KB
37 KB
Script
General
Full URL
https://cdn.trustedform.com/trustedform-1.8.38.js
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16790143561240.8661945403651146&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:e400:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d22e5b3da98c742670542cd674a454a835e785e905f52225f1f713757521c54e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rates.medicarenationwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
ffJa67w_.T4JjuAeq9bT6P3fBUPuRaPp
content-encoding
gzip
via
1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
date
Fri, 17 Mar 2023 00:52:28 GMT
last-modified
Fri, 24 Feb 2023 16:04:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
16
etag
W/"a71c6d4fa015e7b61cc1fc54ff9b242e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
lmViuN_ihSDUR206qpNpS0jzLOJy6FalyrYjJZb-WmoTtTRuoAP2vA==
snapshot
api.trustedform.com/certs/e15ee4cb9d20b21d5e6277dbeeaadc0f48dac88b/
0
159 B
XHR
General
Full URL
https://api.trustedform.com/certs/e15ee4cb9d20b21d5e6277dbeeaadc0f48dac88b/snapshot
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.76.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-76-17.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rates.medicarenationwide.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 17 Mar 2023 00:52:38 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
ms-logo.a7c453cfd00accc58671.jpeg
rates.medicarenationwide.com/static/media/
13 KB
13 KB
Image
General
Full URL
https://rates.medicarenationwide.com/static/media/ms-logo.a7c453cfd00accc58671.jpeg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.205.222.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-222-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3c6e86cf98b61fb5fce1f627d7fd08c3fcbb925c95d02ad3210822e46947e9ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rates.medicarenationwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 00:52:38 GMT
Via
1.1 vegur
Last-Modified
Tue, 23 Aug 2022 12:43:48 GMT
Server
nginx
Etag
"6304cb84-33eb"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13291
ms-logo-mobile.76bd04eb7d365b79ec99.png
rates.medicarenationwide.com/static/media/
21 KB
22 KB
Image
General
Full URL
https://rates.medicarenationwide.com/static/media/ms-logo-mobile.76bd04eb7d365b79ec99.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.205.222.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-222-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ef40857e43f1fa1ba3f3567a3ac31d4c7e0a76228ac81431be1fff63738cf25b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rates.medicarenationwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 00:52:38 GMT
Via
1.1 vegur
Last-Modified
Tue, 23 Aug 2022 12:43:48 GMT
Server
nginx
Etag
"6304cb84-557f"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21887
fingerprints
api.trustedform.com/certs/e15ee4cb9d20b21d5e6277dbeeaadc0f48dac88b/
0
159 B
XHR
General
Full URL
https://api.trustedform.com/certs/e15ee4cb9d20b21d5e6277dbeeaadc0f48dac88b/fingerprints
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.76.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-76-17.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rates.medicarenationwide.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 17 Mar 2023 00:52:38 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
truncated
/
10 KB
10 KB
Other
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
text/javascript
InitFormData
create.leadid.com/2.11.11/
0
623 B
XHR
General
Full URL
https://create.leadid.com/2.11.11/InitFormData?msn=6&pid=d7b26788-b996-4272-b83c-cde64f73ab3c&token=A4C826B4-1EA4-760E-C66A-0A80E640026F&_=652574185
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/385552c3-81f8-6a67-a115-a339decc3a60.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.132.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-132-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://rates.medicarenationwide.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 17 Mar 2023 00:52:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
Snap
create.leadid.com/2.11.11/
0
623 B
XHR
General
Full URL
https://create.leadid.com/2.11.11/Snap?msn=7&pid=d7b26788-b996-4272-b83c-cde64f73ab3c&token=A4C826B4-1EA4-760E-C66A-0A80E640026F&_=652574186
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/385552c3-81f8-6a67-a115-a339decc3a60.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.132.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-132-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://rates.medicarenationwide.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 17 Mar 2023 00:52:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 76A7
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
X-Goog-Request-Time
1679014359664
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/hJs--k4nrLc
X-YouTube-Client-Version
1.20230314.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtuX0gyT1YzeE4yYyjU886gBg%3D%3D
X-YouTube-Ad-Signals
dt=1679014356876&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C567&vis=1&wgl=true&ca_type=image

Response headers

date
Fri, 17 Mar 2023 00:52:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Fri, 17 Mar 2023 00:52:39 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| dataLayer function| smartlook object| Trustpilot object| webpackChunk_smartlook_recorder object| webpackChunkclient object| regeneratorRuntime object| trustedForm function| trustedFormStartRecording function| trustedFormStopRecording object| LeadiDconfig object| LeadiD string| label string| id boolean| sensitiveData object| defaultStyleFrame

4 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: aaQQq3aBGBk
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: n_H2OV3xN2c
rates.medicarenationwide.com/ Name: leadid_token-3F0C70E5-D003-207E-F402-F3F9F66871E5-385552C3-81F8-6A67-A115-A339DECC3A60
Value: A4C826B4-1EA4-760E-C66A-0A80E640026F
.deviceid.trueleadid.com/ Name: uuid
Value: 93a87f1a53aa4b1589999241c7b8f95a

1 Console Messages

Source Level URL
Text
network error URL: https://ss.medicareshop.com/gtm.js?id=GTM-KZ3V2D2
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.trustedform.com
cdn.trustedform.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
rates.medicarenationwide.com
ss.medicareshop.com
static.doubleclick.net
web-sdk.smartlook.com
widget.trustpilot.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
13.32.118.96
18.205.222.128
2600:9000:223d:e400:1c:7f1a:6680:93a1
2606:4700:10::6816:27b6
2a00:1450:4001:803::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:811::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2016
2a00:1450:4001:82f::2006
2a00:1450:4001:830::200e
2a02:6ea0:c700::17
3.232.158.127
35.193.123.107
50.16.132.247
52.2.76.17
52.222.236.107
001fec1d89b5cda58d62fff00a17723313d92f195680b5fd1a4ad52e7a1fb37c
018ce8278681b4b02299973c2826ac78dfc385f3f856066fcd8147538f8d0938
0786c93417ede2a0a5d482288da45887ce070d846d7c1e5f7c882a3268f17c85
0efee6d5f7204213846db1cc50a7cbf0c434b762d4078cce4b1c0ebb2f4427ea
12420925cd21d88baeb5d638fe330c98f1a1a2bb38229809baf8b380d3569f41
18206f5b2ff26fceba864394206c541dd2b8d55a50497215932edc4146678164
2069ee225073a115f31dcfbfc8e645967697bcf1d9b8f56d56b0aed8943d9f93
215497d9b5810d7dc8a8ab43fbefa371e594a3dfd8a812bbe027a945e44f1dd2
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
38e08bf095300ffc40a1c3c18055bf873a63c3ca664f793e0091797c08c7a5d0
3902ee9ce07eb81ce82289772b21fe1fd6b696aa4b4f3d031c59bf84acdfbfb6
3c6e86cf98b61fb5fce1f627d7fd08c3fcbb925c95d02ad3210822e46947e9ab
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
621a20fd79e286e28f4f59b52004203029c22c47331cd72c38844e95bfc4f9fd
627b65348371145aaabe55e47cd88f930ac1deceee9035c225e2599620b31809
63d1748079ce0d5f65b813d8971c8777941689b537cdb13313b991c91b25657a
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b624474cafaf891480d3b946b92e5e5181a58b85a452f86458fd7985b273a66
6e6d16fdbd323a6e1f9f5de2832e0e104b4f96c08522617706df1625e556e135
6fe0c49f7b5c7e5535e1373b24d2ef7413f9bab223be28c5eba93d3ad5a6e7e7
76dea057b019c14656f01512f9df53be680c23b576724e58ddb3aaef93ef11eb
7c36cf69c5653547812e02400129ff0203b05714c3483a333bb2718f55a8a0e5
8e8b5a9d562e0f0c1e6209b053ff8efc94bb760571ed328a7c3ce29bd40275ff
8ea14af8f800c14dd24af378018b689149dc689537f77ceb970ed455d7b227cf
a10b4491274ca7979306a49e8b5808a5379a1aa4e1fd3af9f3b8394eb4cd9334
a1f44c76c8d3b4c1f926e65ac140ea36dc6cd2fa18c251925d9193575f475edd
b2be4f770c150289ae7c966dba6508266866f02223f41c6b9088699338ae99e7
b32628451e9b5fd9f77ea07990700b09d766e4a6f85fd1d2658c662ae4e4ded1
cd6fe8e7ae1c62891cb5eddccffd0e4fe658520f3c086c32d6c2efbd3c1e47af
cf5434a69b4685a669abceabae47f08cd0e3ec51267b3d196a79d8216b5c53b9
d0583805b6907d7e9aa636bed20fa041ad4002854e783bbd67d2fef49484c369
d22e5b3da98c742670542cd674a454a835e785e905f52225f1f713757521c54e
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dcc25e5773a0ed0648d1b3519131564e3def41c67bf4f78f7a0c282fa79e7548
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
ef40857e43f1fa1ba3f3567a3ac31d4c7e0a76228ac81431be1fff63738cf25b
f3496bc7c277d917d35553c46ed1597a86065494cac582e42a3a1d55aedef7fb
f69c19f5cdd7f51b4e57194ee7f6ea960c8eda2d280b93457f0fff6f3348e2e8