urlscan.io logo urlscan.io
SecurityTrails logo

orderfinger5.werite.net Open in urlscan Pro
157.245.145.14  Public Scan

Go To Rescan Add Verdict Report
URL: https://orderfinger5.werite.net/post/2022/02/27/A-Biased-View-of-What-is-Travel-Health-Insurance-ValuePenguin
Submission: On February 27 via manual from US — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 11 domains to perform 37 HTTP transactions. The main IP is 157.245.145.14, located in Singapore, Singapore and belongs to DIGITALOCEAN-ASN, US. The main domain is orderfinger5.werite.net.
TLS certificate: Issued by R3 on December 9th 2021. Valid for: 3 months.
This is the only time orderfinger5.werite.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

16    157.245.145.14 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
orderfinger5.werite.net
1    2606:4700::6811:c863 (United States)

ASN13335 (CLOUDFLARENET, US)
www.insubuy.com
1    107.161.38.169 (Canada)

ASN39962 (PRETECS, CA)
PTR: fh3.watershed9.ca
globaltravelinsurance.com
1    2a02:26f0:7100:584::16c2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
i.dailymail.co.uk
1    35.188.155.232 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 232.155.188.35.bc.googleusercontent.com
www.travelinsurancereview.net
9    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:801::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
2    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
16 werite.net
orderfinger5.werite.net
236 KB
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 87
744 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
static.doubleclick.net — Cisco Umbrella Rank: 309
1 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
32 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 103
53 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 213
2 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
14 KB
1 travelinsurancereview.net
www.travelinsurancereview.net
86 KB
1 dailymail.co.uk
i.dailymail.co.uk — Cisco Umbrella Rank: 7834
71 KB
1 globaltravelinsurance.com
globaltravelinsurance.com
654 KB
1 insubuy.com
www.insubuy.com — Cisco Umbrella Rank: 612540
92 KB
37 11
Domain Requested by
16 orderfinger5.werite.net orderfinger5.werite.net
9 www.youtube.com orderfinger5.werite.net
www.youtube.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 fonts.gstatic.com www.youtube.com
1 www.travelinsurancereview.net orderfinger5.werite.net
1 i.dailymail.co.uk orderfinger5.werite.net
1 globaltravelinsurance.com orderfinger5.werite.net
1 www.insubuy.com orderfinger5.werite.net
37 13

This site contains links to these domains. Also see Links.

Domain
youtu.be
dotclear.org
Subject Issuer Validity Valid
werite.net
R3		 2021-12-09 -
2022-03-09		 3 months crt.sh
www.insubuy.com
Go Daddy Secure Certificate Authority - G2		 2022-01-03 -
2023-02-04		 a year crt.sh
globaltravelinsurance.com
R3		 2022-01-31 -
2022-05-01		 3 months crt.sh
*.dailymail.co.uk
DigiCert SHA2 Secure Server CA		 2021-12-25 -
2023-01-03		 a year crt.sh
www.travelinsurancereview.net
R3		 2022-01-03 -
2022-04-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://orderfinger5.werite.net/post/2022/02/27/A-Biased-View-of-What-is-Travel-Health-Insurance-ValuePenguin
Frame ID: B7404A86A4A2713D9C7763D32B2558D1
Requests: 20 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ms4JxeRSnpA
Frame ID: C28B2F8525EB573FFFA124066DEF3EDD
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

A Biased View of What is Travel Health Insurance? - ValuePenguin - Kilgore Ladefoged

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

97 %
HTTPS

77 %
IPv6

11
Domains

13
Subdomains

14
IPs

4
Countries

1984 kB
Transfer

4134 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request A-Biased-View-of-What-is-Travel-Health-Insurance-ValuePenguin
orderfinger5.werite.net/post/2022/02/27/ 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://orderfinger5.werite.net/post/2022/02/27/A-Biased-View-of-What-is-Travel-Health-Insurance-ValuePenguin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c3885f871f349ddf5d3681eb8befa90b5720b5e5f3f2509a76994641a99f09f9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
es-ES,es;q=0.9

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Sun, 27 Feb 2022 16:08:53 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
3467
Connection
keep-alive
X-Pingback
https://orderfinger5.werite.net/xmlrpc/orderfinger5
Link
<https://orderfinger5.werite.net/webmention>; rel="webmention"
Last-Modified
Sun, 27 Feb 2022 15:34:50 GMT
Cache-Control
must-revalidate, max-age=0
Pragma
ETag
"bf8e65893dee4a42a80beffe3828f5a7-gzip"
Vary
Accept-Encoding
Content-Encoding
gzip
style.css
orderfinger5.werite.net/themes/winters_peaceful/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://orderfinger5.werite.net/themes/winters_peaceful/style.css
Requested by
Host: orderfinger5.werite.net
URL: https://orderfinger5.werite.net/post/2022/02/27/A-Biased-View-of-What-is-Travel-Health-Insurance-ValuePenguin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c6c796ff413b283ab115991c38df4a7f90b62ba0b0733a55cdc07a4a74c51fbb

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://orderfinger5.werite.net/post/2022/02/27/A-Biased-View-of-What-is-Travel-Health-Insurance-ValuePenguin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 16:08:54 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 May 2019 09:19:51 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"4a32-5888511a5c861-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4772
/
orderfinger5.werite.net/ 		132 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://orderfinger5.werite.net/?pf=jquery/2.2.4/jquery.js
Requested by
Host: orderfinger5.werite.net
URL: https://orderfinger5.werite.net/post/2022/02/27/A-Biased-View-of-What-is-Travel-Health-Insurance-ValuePenguin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
566c5ae022adec5ee880397d01ca1605043c0d75a3278df292c8d1ccef20d2ff

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://orderfinger5.werite.net/post/2022/02/27/A-Biased-View-of-What-is-Travel-Health-Insurance-ValuePenguin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
Date
Sun, 27 Feb 2022 16:08:54 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 May 2019 20:33:57 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
must-revalidate, max-age=604800
Connection
keep-alive
Content-Length
38379
/
orderfinger5.werite.net/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://orderfinger5.werite.net/?pf=jquery/2.2.4/jquery.cookie.js
Requested by
Host: orderfinger5.werite.net
URL: https://orderfinger5.werite.net/post/2022/02/27/A-Biased-View-of-What-is-Travel-Health-Insurance-ValuePenguin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e30a48a7615ba27b3d0f38babb6462da2e80f208d98b2baf8f6764b00f2a4066

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://orderfinger5.werite.net/post/2022/02/27/A-Biased-View-of-What-is-Travel-Health-Insurance-ValuePenguin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
Date
Sun, 27 Feb 2022 16:08:54 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 May 2019 20:33:57 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
must-revalidate, max-age=604800
Connection
keep-alive
Content-Length
814
/
orderfinger5.werite.net/ 		1 KB
858 B 		Script
General
Check archive.org
Download Go to
Full URL
https://orderfinger5.werite.net/?pf=post.js
Requested by
Host: orderfinger5.werite.net
URL: https://orderfinger5.werite.net/post/2022/02/27/A-Biased-View-of-What-is-Travel-Health-Insurance-ValuePenguin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6c4fce889b2f4febda3abe2fd4c947d7a1eec38b53542a0ef404e52fec2bfde9

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://orderfinger5.werite.net/post/2022/02/27/A-Biased-View-of-What-is-Travel-Health-Insurance-ValuePenguin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
Date
Sun, 27 Feb 2022 16:08:54 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 May 2019 20:33:57 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
must-revalidate, max-age=604800
Connection
keep-alive
Content-Length
537
countries-that-require-travel-medical-insurance-for-entry.jpg
www.insubuy.com/article-images/article-pages/hero-article-images/normal/ 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.insubuy.com/article-images/article-pages/hero-article-images/normal/countries-that-require-travel-medical-insurance-for-entry.jpg
Requested by
Host: orderfinger5.werite.net
URL: https://orderfinger5.werite.net/post/2022/02/27/A-Biased-View-of-What-is-Travel-Health-Insurance-ValuePenguin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3f414cb9946fe276524c2a4c2cda2dc0178f72bc7a9a1d93b86bd2652aad54d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.immihelp.com https://*.travelpayouts.com https://travelpayouts.com
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://orderfinger5.werite.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Feb 2022 16:08:55 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=15552000
vary
Accept-Encoding
content-length
93687
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 30 Sep 2021 16:22:51 GMT
server
cloudflare
x-frame-options
DENY
etag
"16df7-5cd38dbb4999d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1000
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
image/jpeg
access-control-allow-origin
https://www.insubuy.info
cache-control
max-age=86400, public
content-security-policy
frame-ancestors 'self' https://www.immihelp.com https://*.travelpayouts.com https://travelpayouts.com
accept-ranges
bytes
cf-ray
6e42acb17f30665d-MAD
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
FlagUSA.png
globaltravelinsurance.com/wp-content/uploads/2019/05/ 		653 KB
654 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://globaltravelinsurance.com/wp-content/uploads/2019/05/FlagUSA.png
Requested by
Host: orderfinger5.werite.net
URL: https://orderfinger5.werite.net/post/2022/02/27/A-Biased-View-of-What-is-Travel-Health-Insurance-ValuePenguin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.161.38.169 , Canada, ASN39962 (PRETECS, CA),
Reverse DNS
fh3.watershed9.ca
Software
LiteSpeed /
Resource Hash
b7c2842a6d4adadae5d10e8cff25bf847fc0680a97e7f767a760682c1177a9e7

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://orderfinger5.werite.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Feb 2022 16:08:55 GMT
last-modified
Mon, 06 May 2019 18:05:31 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
668703
expires
Tue, 29 Mar 2022 16:08:55 GMT
43FF43AB00000578-0-image-a-5_1504774975795.jpg
i.dailymail.co.uk/i/pix/2017/09/07/10/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/pix/2017/09/07/10/43FF43AB00000578-0-image-a-5_1504774975795.jpg
Requested by
Host: orderfinger5.werite.net
URL: https://orderfinger5.werite.net/post/2022/02/27/A-Biased-View-of-What-is-Travel-Health-Insurance-ValuePenguin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:584::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c8aef57b7fe80adb7d76a425f64d92904a3e9bf70d23f219b3fb1df615206635

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://orderfinger5.werite.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Feb 2022 16:08:55 GMT
last-modified
Fri, 08 Sep 2017 10:13:53 GMT
server
AkamaiNetStorage
etag
"5731db02dbc13ffb8bd9fe133f0f93a1:1504865633"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
72102
expires
Tue, 29 Mar 2022 16:08:55 GMT
travel-medical-insurance-vs-trip-insurance.png
www.travelinsurancereview.net/wp-content/uploads/2020/02/ 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.travelinsurancereview.net/wp-content/uploads/2020/02/travel-medical-insurance-vs-trip-insurance.png
Requested by
Host: orderfinger5.werite.net
URL: https://orderfinger5.werite.net/post/2022/02/27/A-Biased-View-of-What-is-Travel-Health-Insurance-ValuePenguin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.188.155.232 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.155.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c3b43aeb6d13ef223de56ad78cdaca4c66ef002dd44e77803eb02e7cd6ec2ab3

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://orderfinger5.werite.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Feb 2022 16:08:56 GMT
last-modified
Fri, 21 Feb 2020 21:33:29 GMT
server
nginx
etag
"5e504ca9-1550f"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
87311
/
orderfinger5.werite.net/ 		636 B
675 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://orderfinger5.werite.net/?pf=print.css
Requested by
Host: orderfinger5.werite.net
URL: https://orderfinger5.werite.net/post/2022/02/27/A-Biased-View-of-What-is-Travel-Health-Insurance-ValuePenguin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
81893bc286061656942b0c574c32652ce7f70b729488a8929fc1613ea4da8cc8

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://orderfinger5.werite.net/post/2022/02/27/A-Biased-View-of-What-is-Travel-Health-Insurance-ValuePenguin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
Date
Sun, 27 Feb 2022 16:08:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 May 2019 20:33:57 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Cache-Control
must-revalidate, max-age=604800
Connection
keep-alive
Content-Length
354
ms4JxeRSnpA
www.youtube.com/embed/ Frame C28B 		59 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/ms4JxeRSnpA
Requested by
Host: orderfinger5.werite.net
URL: https://orderfinger5.werite.net/post/2022/02/27/A-Biased-View-of-What-is-Travel-Health-Insurance-ValuePenguin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
393b052aff2a3fac056448550e57d6ed69f4277442aa96a8e00fe40a81f07823
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
es-ES,es;q=0.9
Referer
https://orderfinger5.werite.net/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 27 Feb 2022 16:08:55 GMT
strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to
{"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=es for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
background.jpg
orderfinger5.werite.net/themes/winters_peaceful/img/ 		712 B
965 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orderfinger5.werite.net/themes/winters_peaceful/img/background.jpg
Requested by
Host: orderfinger5.werite.net
URL: https://orderfinger5.werite.net/themes/winters_peaceful/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7f60525b84b5d234e1e67099a4d7f04ebeaa4c8a9a7924750b042d47f4023769

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://orderfinger5.werite.net/themes/winters_peaceful/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 16:08:56 GMT
Last-Modified
Fri, 10 May 2019 09:19:51 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"2c8-5888511a5b8c1"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
712
top.jpg
orderfinger5.werite.net/themes/winters_peaceful/img/ 		165 KB
165 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orderfinger5.werite.net/themes/winters_peaceful/img/top.jpg
Requested by
Host: orderfinger5.werite.net
URL: https://orderfinger5.werite.net/themes/winters_peaceful/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f3cf302e5b53ac5d5b6312e32c906a91e01a9e416b4bf848fa0de8578cc219fe

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://orderfinger5.werite.net/themes/winters_peaceful/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 16:08:55 GMT
Last-Modified
Fri, 10 May 2019 09:19:51 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"2929d-5888511a5c861"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
168605
navlink.jpg
orderfinger5.werite.net/themes/winters_peaceful/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orderfinger5.werite.net/themes/winters_peaceful/img/navlink.jpg
Requested by
Host: orderfinger5.werite.net
URL: https://orderfinger5.werite.net/themes/winters_peaceful/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e7f87466464925887b6450dfddb5c88fa24b7ff1918d7e43d858cc180b6398fa

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://orderfinger5.werite.net/themes/winters_peaceful/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 16:08:55 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
boule.png
orderfinger5.werite.net/themes/winters_peaceful/img/ 		871 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orderfinger5.werite.net/themes/winters_peaceful/img/boule.png
Requested by
Host: orderfinger5.werite.net
URL: https://orderfinger5.werite.net/themes/winters_peaceful/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5076e649ab3f296fb0f1e7c2fc58da2f3929f08a45c4475c1c48c53d3f481164

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://orderfinger5.werite.net/themes/winters_peaceful/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 16:08:56 GMT
Last-Modified
Fri, 10 May 2019 09:19:51 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"367-5888511a5b8c1"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
871
rss.png
orderfinger5.werite.net/themes/winters_peaceful/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orderfinger5.werite.net/themes/winters_peaceful/img/rss.png
Requested by
Host: orderfinger5.werite.net
URL: https://orderfinger5.werite.net/themes/winters_peaceful/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e7f87466464925887b6450dfddb5c88fa24b7ff1918d7e43d858cc180b6398fa

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://orderfinger5.werite.net/themes/winters_peaceful/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 16:08:56 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
side_fond.jpg
orderfinger5.werite.net/themes/winters_peaceful/img/ 		374 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orderfinger5.werite.net/themes/winters_peaceful/img/side_fond.jpg
Requested by
Host: orderfinger5.werite.net
URL: https://orderfinger5.werite.net/themes/winters_peaceful/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a104b4fe11fedfbf4d434794d318817514d7492d3a19c90c39bd1201f9b05adc

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://orderfinger5.werite.net/themes/winters_peaceful/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 16:08:56 GMT
Last-Modified
Fri, 10 May 2019 09:19:51 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"176-5888511a5b8c1"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
374
side_haut.jpg
orderfinger5.werite.net/themes/winters_peaceful/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orderfinger5.werite.net/themes/winters_peaceful/img/side_haut.jpg
Requested by
Host: orderfinger5.werite.net
URL: https://orderfinger5.werite.net/themes/winters_peaceful/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
dfb4524b16ecc2a296d34c0ea4f4771c622142ffbc758ec1ecfac527964bf453

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://orderfinger5.werite.net/themes/winters_peaceful/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 16:08:56 GMT
Last-Modified
Fri, 10 May 2019 09:19:51 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"a3e-5888511a5b8c1"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2622
titles.jpg
orderfinger5.werite.net/themes/winters_peaceful/img/ 		566 B
819 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orderfinger5.werite.net/themes/winters_peaceful/img/titles.jpg
Requested by
Host: orderfinger5.werite.net
URL: https://orderfinger5.werite.net/themes/winters_peaceful/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b16f323af4fd60cc91eaf00b122adb6e9c56766fe8b8bc2ecfc74204f53f08bf

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://orderfinger5.werite.net/themes/winters_peaceful/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 16:08:56 GMT
Last-Modified
Fri, 10 May 2019 09:19:51 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"236-5888511a5c861"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
566
side_bas.jpg
orderfinger5.werite.net/themes/winters_peaceful/img/ 		1004 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orderfinger5.werite.net/themes/winters_peaceful/img/side_bas.jpg
Requested by
Host: orderfinger5.werite.net
URL: https://orderfinger5.werite.net/themes/winters_peaceful/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
71f26479cc095d8471131ce005c79a269576b6205af64bfb8f81b91bd6c7428a

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://orderfinger5.werite.net/themes/winters_peaceful/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 16:08:56 GMT
Last-Modified
Fri, 10 May 2019 09:19:51 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"3ec-5888511a5b8c1"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1004
footer.jpg
orderfinger5.werite.net/themes/winters_peaceful/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orderfinger5.werite.net/themes/winters_peaceful/img/footer.jpg
Requested by
Host: orderfinger5.werite.net
URL: https://orderfinger5.werite.net/themes/winters_peaceful/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d812b91911488f397515a8582c28c759e3b5b7678e4a732c5a63aa30fc47a563

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://orderfinger5.werite.net/themes/winters_peaceful/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 16:08:57 GMT
Last-Modified
Fri, 10 May 2019 09:19:51 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"22b2-5888511a5b8c1"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8882
www-player.css
www.youtube.com/s/player/450209b9/ Frame C28B 		337 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/450209b9/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ms4JxeRSnpA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0777f3e0b8c0e29c02a500177bbe474c4cfa34f6427eece68a06f275d3a0f446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/embed/ms4JxeRSnpA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Feb 2022 04:28:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
42054
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47098
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 01:18:10 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 27 Feb 2023 04:28:01 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C28B 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ms4JxeRSnpA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 17:06:41 GMT
x-content-type-options
nosniff
age
428534
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 22 Feb 2023 17:06:41 GMT
www-embed-player.js
www.youtube.com/s/player/450209b9/www-embed-player.vflset/ Frame C28B 		276 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/450209b9/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ms4JxeRSnpA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
794a3ac206f04961903d93cc7e73eff6c4bd0f82ea958c1d439018a54e743441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/embed/ms4JxeRSnpA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 16:00:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
259712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86481
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 01:18:10 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 24 Feb 2023 16:00:23 GMT
base.js
www.youtube.com/s/player/450209b9/player_ias.vflset/es_ES/ Frame C28B 		2 MB
539 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/450209b9/player_ias.vflset/es_ES/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ms4JxeRSnpA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
586cdbdc0fb90068d6607e1ab38ad467a301dd59b451b96700abaa3fbcf0e2db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/embed/ms4JxeRSnpA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 16:10:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
259096
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
551331
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 01:18:10 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 24 Feb 2023 16:10:39 GMT
fetch-polyfill.js
www.youtube.com/s/player/450209b9/fetch-polyfill.vflset/ Frame C28B 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/450209b9/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ms4JxeRSnpA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/embed/ms4JxeRSnpA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 16:00:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
259712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3338
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 01:18:10 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 24 Feb 2023 16:00:23 GMT
id
googleads.g.doubleclick.net/pagead/ Frame C28B
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ms4JxeRSnpA
Protocol
H3
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e33b014edf648bedd0634a3b4685f0701e4082e410a3b6654edf04f87e44573
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Feb 2022 16:08:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 27 Feb 2022 16:08:56 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame C28B 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/450209b9/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Feb 2022 16:03:50 GMT
x-content-type-options
nosniff
age
306
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 27 Feb 2022 16:18:50 GMT
remote.js
www.youtube.com/s/player/450209b9/player_ias.vflset/es_ES/ Frame C28B 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/450209b9/player_ias.vflset/es_ES/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/450209b9/player_ias.vflset/es_ES/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
819975f49241baf6413ff1294db7697080d1b821a8811055a4b0b064deab33c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/embed/ms4JxeRSnpA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 16:10:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
259083
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37764
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 01:18:10 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 24 Feb 2023 16:10:53 GMT
v5wpgjrptEPklI56BGJ7TPxdfltSHJb1bfJzVsYAm8g.js
www.google.com/js/th/ Frame C28B 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/v5wpgjrptEPklI56BGJ7TPxdfltSHJb1bfJzVsYAm8g.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/450209b9/player_ias.vflset/es_ES/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf9c29823ae9b443e4948e7a04627b4cfc5d7e5b521c96f56df27356c6009bc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 12:11:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
273436
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13672
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 11:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 24 Feb 2023 12:11:40 GMT
embed.js
www.youtube.com/s/player/450209b9/player_ias.vflset/es_ES/ Frame C28B 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/450209b9/player_ias.vflset/es_ES/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/450209b9/player_ias.vflset/es_ES/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59470573e0a3179add167b322b1eed78161f9f85fffcdb150d330eef355bbaa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/embed/ms4JxeRSnpA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 16:10:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
259083
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7771
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 01:18:10 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 24 Feb 2023 16:10:53 GMT
truncated
/ Frame C28B 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
TgyZKPOSXA7Vt5pqNsw4IFjAWn_sjvQ-AuoMavVXm7Of7nmS8gxiyEYrWYCclxnac_2viMrDRLc=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame C28B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/TgyZKPOSXA7Vt5pqNsw4IFjAWn_sjvQ-AuoMavVXm7Of7nmS8gxiyEYrWYCclxnac_2viMrDRLc=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ms4JxeRSnpA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0db4b07e33bffd3e43287012285a4fc1c24d35f23425c738421780becd17b059
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Feb 2022 14:07:51 GMT
x-content-type-options
nosniff
age
7265
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1728
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 23 Feb 2022 10:57:57 GMT
sddefault.jpg
i.ytimg.com/vi/ms4JxeRSnpA/ Frame C28B 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/ms4JxeRSnpA/sddefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ms4JxeRSnpA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2a274ff2510b217ef91631a226d87fcec1ec4f93261d672e3d9e2172c947ca3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Feb 2022 16:08:56 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53470
x-xss-protection
0
server
sffe
etag
"1644411684"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 27 Feb 2022 18:08:56 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame C28B 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/450209b9/player_ias.vflset/es_ES/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Feb 2022 16:08:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 27 Feb 2022 16:08:56 GMT
generate_204
www.youtube.com/ Frame C28B 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?GLgvCA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ms4JxeRSnpA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/embed/ms4JxeRSnpA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Feb 2022 16:08:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/89/ Frame C28B 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/89/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Feb 2022 16:02:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14262
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:19:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Mon, 28 Feb 2022 16:02:47 GMT
log_event
www.youtube.com/youtubei/v1/ Frame C28B 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/450209b9/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/ms4JxeRSnpA
X-YouTube-Client-Version
1.20220223.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtnSVBrdDYzQ2dEcyiXxO6QBg%3D%3D
X-YouTube-Ad-Signals
dt=1645978135937&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date
Sun, 27 Feb 2022 16:08:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Sun, 27 Feb 2022 16:08:58 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone function| $ function| jQuery string| post_remember_str

2 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: 3V1EoYw1tCg
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: gIPkt63CgDs

2 Console Messages

Source Level URL
Text
network error URL: https://orderfinger5.werite.net/themes/winters_peaceful/img/navlink.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://orderfinger5.werite.net/themes/winters_peaceful/img/rss.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
globaltravelinsurance.com
googleads.g.doubleclick.net
i.dailymail.co.uk
i.ytimg.com
orderfinger5.werite.net
static.doubleclick.net
www.google.com
www.gstatic.com
www.insubuy.com
www.travelinsurancereview.net
www.youtube.com
yt3.ggpht.com
107.161.38.169
157.245.145.14
2606:4700::6811:c863
2a00:1450:4001:801::2016
2a00:1450:4001:802::2003
2a00:1450:4001:808::2006
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2001
2a02:26f0:7100:584::16c2
35.188.155.232
0777f3e0b8c0e29c02a500177bbe474c4cfa34f6427eece68a06f275d3a0f446
0db4b07e33bffd3e43287012285a4fc1c24d35f23425c738421780becd17b059
245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87
393b052aff2a3fac056448550e57d6ed69f4277442aa96a8e00fe40a81f07823
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4e33b014edf648bedd0634a3b4685f0701e4082e410a3b6654edf04f87e44573
5076e649ab3f296fb0f1e7c2fc58da2f3929f08a45c4475c1c48c53d3f481164
566c5ae022adec5ee880397d01ca1605043c0d75a3278df292c8d1ccef20d2ff
586cdbdc0fb90068d6607e1ab38ad467a301dd59b451b96700abaa3fbcf0e2db
59470573e0a3179add167b322b1eed78161f9f85fffcdb150d330eef355bbaa6
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6c4fce889b2f4febda3abe2fd4c947d7a1eec38b53542a0ef404e52fec2bfde9
71f26479cc095d8471131ce005c79a269576b6205af64bfb8f81b91bd6c7428a
794a3ac206f04961903d93cc7e73eff6c4bd0f82ea958c1d439018a54e743441
7f60525b84b5d234e1e67099a4d7f04ebeaa4c8a9a7924750b042d47f4023769
81893bc286061656942b0c574c32652ce7f70b729488a8929fc1613ea4da8cc8
819975f49241baf6413ff1294db7697080d1b821a8811055a4b0b064deab33c7
a104b4fe11fedfbf4d434794d318817514d7492d3a19c90c39bd1201f9b05adc
a2a274ff2510b217ef91631a226d87fcec1ec4f93261d672e3d9e2172c947ca3
b16f323af4fd60cc91eaf00b122adb6e9c56766fe8b8bc2ecfc74204f53f08bf
b3f414cb9946fe276524c2a4c2cda2dc0178f72bc7a9a1d93b86bd2652aad54d
b7c2842a6d4adadae5d10e8cff25bf847fc0680a97e7f767a760682c1177a9e7
bf9c29823ae9b443e4948e7a04627b4cfc5d7e5b521c96f56df27356c6009bc8
c3885f871f349ddf5d3681eb8befa90b5720b5e5f3f2509a76994641a99f09f9
c3b43aeb6d13ef223de56ad78cdaca4c66ef002dd44e77803eb02e7cd6ec2ab3
c6c796ff413b283ab115991c38df4a7f90b62ba0b0733a55cdc07a4a74c51fbb
c8aef57b7fe80adb7d76a425f64d92904a3e9bf70d23f219b3fb1df615206635
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d812b91911488f397515a8582c28c759e3b5b7678e4a732c5a63aa30fc47a563
dfb4524b16ecc2a296d34c0ea4f4771c622142ffbc758ec1ecfac527964bf453
e30a48a7615ba27b3d0f38babb6462da2e80f208d98b2baf8f6764b00f2a4066
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f87466464925887b6450dfddb5c88fa24b7ff1918d7e43d858cc180b6398fa
eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f3cf302e5b53ac5d5b6312e32c906a91e01a9e416b4bf848fa0de8578cc219fe