urlscan.io logo urlscan.io
SecurityTrails logo

www.unitedbenefits4america.com Open in urlscan Pro
104.16.12.194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://email.kjbm.benefits4america.com/c/eJxtj0FuwyAQRU9jNpHQGAYwCxau3EpZ5wDR2OCEFBLLJnF7-3CASH_59PS-d4AolZUsOgGiBSuMADAgecvRqK9eiuG7Ml...
Effective URL: https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
Submission: On September 27 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 16 domains to perform 68 HTTP transactions. The main IP is 104.16.12.194, located in and belongs to CLOUDFLARENET, US. The main domain is www.unitedbenefits4america.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 2nd 2021. Valid for: a year.
This is the only time www.unitedbenefits4america.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.35.110.134 16509 (AMAZON-02)
1 10 104.16.12.194 13335 (CLOUDFLAR...)
3 172.67.214.69 13335 (CLOUDFLAR...)
2 142.250.185.234 15169 (GOOGLE)
1 104.16.16.194 13335 (CLOUDFLAR...)
5 104.16.13.194 13335 (CLOUDFLAR...)
1 104.16.94.65 13335 (CLOUDFLAR...)
24 142.250.185.206 15169 (GOOGLE)
6 142.250.186.35 15169 (GOOGLE)
1 52.16.116.2 16509 (AMAZON-02)
1 2 142.250.74.194 15169 (GOOGLE)
1 142.250.186.102 15169 (GOOGLE)
1 142.250.186.132 15169 (GOOGLE)
2 142.250.186.129 15169 (GOOGLE)
6 74.125.160.41 15169 (GOOGLE)
2 172.217.23.99 15169 (GOOGLE)
1 142.250.184.214 15169 (GOOGLE)
1 151.101.130.137 54113 (FASTLY)
1 162.247.243.146 13335 (CLOUDFLAR...)
68 19
1    52.35.110.134 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-110-134.us-west-2.compute.amazonaws.com
email.kjbm.benefits4america.com
10    104.16.12.194 (None, )

ASN13335 (CLOUDFLARENET, US)
www.unitedbenefits4america.com
3    172.67.214.69 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net
fonts.googleapis.com
1    104.16.16.194 (None, )

ASN13335 (CLOUDFLARENET, US)
assets.clickfunnels.com
5    104.16.13.194 (None, )

ASN13335 (CLOUDFLARENET, US)
app.clickfunnels.com
1    104.16.94.65 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
24    142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net
www.youtube.com
6    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
fonts.gstatic.com
1    52.16.116.2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-116-2.eu-west-1.compute.amazonaws.com
track.addevent.com
2    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net
static.doubleclick.net
1    142.250.186.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net
www.google.com
2    142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net
yt3.ggpht.com
6    74.125.160.41 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s13-in-f9.1e100.net
r4---sn-4g5lznes.googlevideo.com
2    172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f3.1e100.net
www.gstatic.com
1    142.250.184.214 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f22.1e100.net
i.ytimg.com
1    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)
bam-cell.nr-data.net
Domain Requested by
24 www.youtube.com www.unitedbenefits4america.com
www.youtube.com
10 www.unitedbenefits4america.com 1 redirects www.unitedbenefits4america.com
static.cloudflareinsights.com
6 r4---sn-4g5lznes.googlevideo.com www.youtube.com
6 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
5 app.clickfunnels.com www.unitedbenefits4america.com
3 use.fontawesome.com www.unitedbenefits4america.com
use.fontawesome.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 yt3.ggpht.com www.youtube.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 fonts.googleapis.com www.unitedbenefits4america.com
1 bam-cell.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com www.unitedbenefits4america.com
1 i.ytimg.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 track.addevent.com www.unitedbenefits4america.com
1 static.cloudflareinsights.com www.unitedbenefits4america.com
1 assets.clickfunnels.com www.unitedbenefits4america.com
1 email.kjbm.benefits4america.com 1 redirects
68 19

This site contains no links.

Subject Issuer Validity Valid
www.unitedbenefits4america.com
Cloudflare Inc ECC CA-3		 2021-03-02 -
2022-03-01		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
addevent.com
Amazon		 2021-02-25 -
2022-03-26		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2021-09-14 -
2021-11-23		 2 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.newrelic.com
R3		 2021-09-17 -
2021-12-16		 3 months crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh

This page contains 3 frames:

Primary Page: https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
Frame ID: 4F3C4AFB28E5226D45124C9C85D53031
Requests: 30 HTTP requests in this frame

Frame: https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Frame ID: DE6C2CC0F0B70DD99D1C2AB3C7613783
Requests: 6 HTTP requests in this frame

Frame: https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Frame ID: 8BCD54E7D2AEF6B52CB594C1FF6FF8D8
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

UB4A | FLEX Plus Planning Session

Page URL History Show full URLs

  1. http://email.kjbm.benefits4america.com/c/eJxtj0FuwyAQRU9jNpHQGAYwCxau3EpZ5wDR2OCEFBLLJnF7-3CASH_59PS-d4AolZUsOgGiBS... HTTP 302
    http://www.unitedbenefits4america.com/flexplus HTTP 302
    https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • <meta property="cf:app_domain" content="app\.clickfunnels\.com"
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

68
Requests

100 %
HTTPS

0 %
IPv6

16
Domains

19
Subdomains

19
IPs

3
Countries

3276 kB
Transfer

8399 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://email.kjbm.benefits4america.com/c/eJxtj0FuwyAQRU9jNpHQGAYwCxau3EpZ5wDR2OCEFBLLJnF7-3CASH_59PS-d4AolZUsOgGiBSuMADAgecvRqK9eiuG7Ml0_iAbh9zZmPoZ7mGPZkHJY40R8emR2dcpobcjKmUY1a-8lkO6C7gA9WuosS-5aytLIvhE_dfu-8-c9luA_CSswp_C3pOfGQqaYzj6k-Arr_zl6h6AVIoBVbHWZ1kJ8W-gWp9roJ355vFhxp-o-HIdGyFbqeuEN_kFISQ HTTP 302
    http://www.unitedbenefits4america.com/flexplus HTTP 302
    https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

68 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request reverse-squeeze-page1615912723915
www.unitedbenefits4america.com/
Redirect Chain
  • http://email.kjbm.benefits4america.com/c/eJxtj0FuwyAQRU9jNpHQGAYwCxau3EpZ5wDR2OCEFBLLJnF7-3CASH_59PS-d4AolZUsOgGiBSuMADAgecvRqK9eiuG7Ml0_iAbh9zZmPoZ7mGPZkHJY40R8emR2dcpobcjKmUY1a-8lkO6C7gA9WuosS-5a...
  • http://www.unitedbenefits4america.com/flexplus
  • https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
76 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.12.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash
79e1e82c0aead0d05105ff5213cb1bc7e875223a18f41011bacaf98dae9d4da0
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options ALLOWALL

Request headers

:method
GET
:authority
www.unitedbenefits4america.com
:scheme
https
:path
/reverse-squeeze-page1615912723915
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 27 Sep 2021 20:18:41 GMT
content-type
text/html; charset=utf-8
cf-ray
69576c311b9a5ca4-FRA
access-control-allow-origin
*
cache-control
max-age=60, public, s-maxage=600, r-maxage=10
last-modified
Tue, 16 Mar 2021 23:09:54 GMT
strict-transport-security
max-age=0
vary
Accept-Encoding
cf-cache-status
REVALIDATED
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200 OK
x-content-digest
7ce0cddacbb50ba8e3e9298fb03232f639ded6a9
x-frame-options
ALLOWALL
x-powered-by
Phusion Passenger Enterprise 6.0.7
x-rack-cache
stale, valid, store
x-request-id
d40c1e9da62b314c6fa9bcd799340f09
x-runtime
0.419439
set-cookie
__cf_bm=o7bKTKQVB0Bl0kDI4zfVNydh6Nn8vj9YaShlEv4Z2xk-1632773921-0-AZcGKj8HLJhhCIm55AHzUqbWgbQOOgSRftNcWi2qciGjdFzez0RlJs+4qDhp8MbFL2Z2Y/lWqv6kE3j9rGD3eBM9838HseMIxzjGWSSOFoN3; path=/; expires=Mon, 27-Sep-21 20:48:41 GMT; domain=.www.unitedbenefits4america.com; HttpOnly; Secure; SameSite=None
server
cloudflare
content-encoding
br

Redirect headers

Date
Mon, 27 Sep 2021 20:18:41 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
CF-Ray
69576c2f1df94ac3-FRA
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Vary
Accept-Encoding
CF-Cache-Status
EXPIRED
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
Status
302 Found
X-Frame-Options
ALLOWALL
X-Powered-By
Phusion Passenger Enterprise 6.0.7
X-Rack-Cache
miss
X-Request-Id
a99e72211386f4cfa131379d8c111b70
X-Runtime
0.111654
Set-Cookie
__cf_bm=3bXA82Ps86TV74U9f0Hp_62Zekz7VFt7zROQA5rA3dc-1632773921-0-AeIJWqfvpLH+9J069R66+C9pMtHbbLjHsL8kVtV628+RNf4uf1iP7eci13MsclSIyaIcntsBrKT2ZJrRsM5EI44zEKT7BzBx0LdPm4UNnvpr; path=/; expires=Mon, 27-Sep-21 20:48:41 GMT; domain=.www.unitedbenefits4america.com; HttpOnly; SameSite=None
Server
cloudflare
lander.css
www.unitedbenefits4america.com/assets/ 		425 KB
70 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.unitedbenefits4america.com/assets/lander.css
Requested by
Host: www.unitedbenefits4america.com
URL: https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.12.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/assets/lander.css
pragma
no-cache
cookie
__cf_bm=o7bKTKQVB0Bl0kDI4zfVNydh6Nn8vj9YaShlEv4Z2xk-1632773921-0-AZcGKj8HLJhhCIm55AHzUqbWgbQOOgSRftNcWi2qciGjdFzez0RlJs+4qDhp8MbFL2Z2Y/lWqv6kE3j9rGD3eBM9838HseMIxzjGWSSOFoN3
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.unitedbenefits4america.com
referer
https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 20:18:41 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
44
last-modified
Mon, 27 Sep 2021 15:40:09 GMT
server
cloudflare
etag
W/"6151e5d9-6a514"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=1200
access-control-allow-credentials
true
cf-ray
69576c3379415ca4-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Mon, 27 Sep 2021 20:38:41 GMT
all.css
use.fontawesome.com/releases/v5.9.0/css/ 		55 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.9.0/css/all.css
Requested by
Host: www.unitedbenefits4america.com
URL: https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.214.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unitedbenefits4america.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 20:18:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7171873
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
CV7QM0HS7RRXS4GJ
x-amz-id-2
VnAb30vVuE3+2KeVOlKVUINHcTviAzhmOFrXldKp2SSVl0nj6IwU4iQMTGSVvUiXeidneFn18mE=
last-modified
Wed, 30 Jun 2021 15:48:06 GMT
server
cloudflare
etag
W/"dbf9d822cefe851ba6f66e1ad57e8987"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbauk9mf9OfDW31aJAFnWPdMJaThJ2Zwr9kVvU4ti%2B047IV5vSI9evDQm4VP26xAUd9J6XjIpsLQaI%2B8hzYgz62trMIs1%2FfvBxcYSRGedTXF%2BFIeAdVndW%2FXIltWycQvZpNW%2F0VU"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
69576c33bebe4113-PRG
v4-shims.css
use.fontawesome.com/releases/v5.9.0/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
Requested by
Host: www.unitedbenefits4america.com
URL: https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.214.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unitedbenefits4america.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 20:18:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7171873
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
CV7YAD2HMNXXG48J
x-amz-id-2
G6OK7ipd4uksdb3tTsuqiLzsv6TRWuZJeeUiXOwhhSEIdDfVIKhOmHR0KPLxit/7I8jqlq7fHSw=
last-modified
Wed, 30 Jun 2021 15:48:06 GMT
server
cloudflare
etag
W/"e140a7d32f343530f016095df3cc2ae4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o2hXkpDyJ4GA4TkxSMx%2F3bLNmIDOF06f3vvKQ4J31gi3L0JmzXJoW%2Brqapcefhs14dRqV%2BFy5EID2LHPIcqYP3CY4oFSozZDIT%2BgD8LoR7SmEgZXnH0pC%2BLo5jnZ%2B6mjM74ruegK"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
69576c33bec04113-PRG
css
fonts.googleapis.com/ 		45 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
Requested by
Host: www.unitedbenefits4america.com
URL: https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
40b1e129fd55c17b3a1234e2ef332ca0cd7526573e60f78fa7fe11cc4b52549f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unitedbenefits4america.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:24:13 GMT
server
ESF
date
Mon, 27 Sep 2021 20:18:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Sep 2021 20:18:41 GMT
application.js
www.unitedbenefits4america.com/assets/userevents/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.unitedbenefits4america.com/assets/userevents/application.js
Requested by
Host: www.unitedbenefits4america.com
URL: https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.12.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/assets/userevents/application.js
pragma
no-cache
cookie
__cf_bm=o7bKTKQVB0Bl0kDI4zfVNydh6Nn8vj9YaShlEv4Z2xk-1632773921-0-AZcGKj8HLJhhCIm55AHzUqbWgbQOOgSRftNcWi2qciGjdFzez0RlJs+4qDhp8MbFL2Z2Y/lWqv6kE3j9rGD3eBM9838HseMIxzjGWSSOFoN3
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.unitedbenefits4america.com
referer
https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 20:18:41 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
42
last-modified
Mon, 27 Sep 2021 15:40:09 GMT
server
cloudflare
etag
W/"6151e5d9-1353"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=1200
access-control-allow-credentials
true
cf-ray
69576c3379425ca4-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Mon, 27 Sep 2021 20:38:41 GMT
Chase-Headshot-1.jpg
www.unitedbenefits4america.com/hosted/images/7b/8aaeadce2641528ba527c48ba8020e/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.unitedbenefits4america.com/hosted/images/7b/8aaeadce2641528ba527c48ba8020e/Chase-Headshot-1.jpg
Requested by
Host: www.unitedbenefits4america.com
URL: https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.12.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c76442a5c41ff566766f9cd83e78fc2ff1a510c86ca2908dc2004924d7f18316

Request headers

:path
/hosted/images/7b/8aaeadce2641528ba527c48ba8020e/Chase-Headshot-1.jpg
pragma
no-cache
cookie
__cf_bm=o7bKTKQVB0Bl0kDI4zfVNydh6Nn8vj9YaShlEv4Z2xk-1632773921-0-AZcGKj8HLJhhCIm55AHzUqbWgbQOOgSRftNcWi2qciGjdFzez0RlJs+4qDhp8MbFL2Z2Y/lWqv6kE3j9rGD3eBM9838HseMIxzjGWSSOFoN3
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.unitedbenefits4america.com
referer
https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 20:18:42 GMT
cf-cache-status
MISS
last-modified
Fri, 14 Aug 2020 17:14:00 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P4
etag
"c3cf94735e4c2ce77c1efc62ced7aeda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
69576c33fa7c5ca4-FRA
content-length
27409
closemodal.png
assets.clickfunnels.com/images/ 		672 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.clickfunnels.com/images/closemodal.png
Requested by
Host: www.unitedbenefits4america.com
URL: https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.16.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unitedbenefits4america.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 20:18:41 GMT
vary
Accept, Accept-Encoding
cf-cache-status
HIT
age
348239
cf-polished
origFmt=png, origSize=788
content-disposition
inline; filename="closemodal.webp"
content-length
672
last-modified
Wed, 22 Sep 2021 21:00:53 GMT
server
cloudflare
etag
"614b9985-314"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 28 Oct 2021 20:18:41 GMT
cache-control
public, max-age=2678400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
69576c342d1c4ece-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-bgj
imgq:100,h2pri
css
fonts.googleapis.com/ 		2 KB
578 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=sans-serif%7CShadows+Into+Light+Two%7CSlabo+27px%7CLato%7CSlabo+27px%7Csans-serif%7CShadows+Into+Light+Two%7CLato%7Csans-serif%7CLato%7C%7C
Requested by
Host: www.unitedbenefits4america.com
URL: https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
6a3ad5625a8b61b03644df38871630edc72b2c584859bacb354c104fdf109947
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unitedbenefits4america.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 20:18:41 GMT
server
ESF
date
Mon, 27 Sep 2021 20:18:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Sep 2021 20:18:41 GMT
lander.js
www.unitedbenefits4america.com/assets/ 		2 MB
660 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.unitedbenefits4america.com/assets/lander.js
Requested by
Host: www.unitedbenefits4america.com
URL: https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.12.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
645a61e2670b8471916b84f4eb65e3c273cfa38b6f050d8ed4ee31eea5b51c93
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/assets/lander.js
pragma
no-cache
cookie
__cf_bm=o7bKTKQVB0Bl0kDI4zfVNydh6Nn8vj9YaShlEv4Z2xk-1632773921-0-AZcGKj8HLJhhCIm55AHzUqbWgbQOOgSRftNcWi2qciGjdFzez0RlJs+4qDhp8MbFL2Z2Y/lWqv6kE3j9rGD3eBM9838HseMIxzjGWSSOFoN3
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.unitedbenefits4america.com
referer
https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 20:18:41 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
44
last-modified
Mon, 27 Sep 2021 15:40:09 GMT
server
cloudflare
etag
W/"6151e5d9-235e5b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=1200
access-control-allow-credentials
true
cf-ray
69576c33ea645ca4-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Mon, 27 Sep 2021 20:38:41 GMT
mailcheck.min.js
app.clickfunnels.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/mailcheck.min.js
Requested by
Host: www.unitedbenefits4america.com
URL: https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.13.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0189e16cf01f8149342c9f2de872cfa73571f2a145a830f18b16154bf1d2982
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unitedbenefits4america.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 20:18:42 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
6528
last-modified
Mon, 27 Sep 2021 15:40:09 GMT
server
cloudflare
etag
W/"6151e5d9-a8d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
69576c342c8cdfeb-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
pushcrew.js
app.clickfunnels.com/assets/ 		637 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/assets/pushcrew.js
Requested by
Host: www.unitedbenefits4america.com
URL: https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.13.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unitedbenefits4america.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 20:18:42 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
952
last-modified
Mon, 27 Sep 2021 15:40:08 GMT
server
cloudflare
etag
W/"6151e5d8-27d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=1200
access-control-allow-credentials
true
cf-ray
69576c342c8edfeb-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Mon, 27 Sep 2021 20:38:41 GMT
beacon.min.js
static.cloudflareinsights.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: www.unitedbenefits4america.com
URL: https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.94.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unitedbenefits4america.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 20:18:41 GMT
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 16:39:17 GMT
server
cloudflare
etag
W/2021.9.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
69576c34092c16ee-FRA
BCck06revTM
www.youtube.com/embed/ Frame DE6C 		56 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Requested by
Host: www.unitedbenefits4america.com
URL: https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
ESF /
Resource Hash
9eb233d7005f6673f75e648a8050b34be28607980618099462f00472f4a997a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.unitedbenefits4america.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.unitedbenefits4america.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 27 Sep 2021 20:18:41 GMT
strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
report-to
{"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=ImQt8zF6JWo; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=JUcWrAT6Oig; Domain=.youtube.com; Expires=Sat, 26-Mar-2022 20:18:41 GMT; Path=/; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bg_color_section.png
www.unitedbenefits4america.com/hosted/images/ee/3305a092d511e78b614901e3b895e6/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.unitedbenefits4america.com/hosted/images/ee/3305a092d511e78b614901e3b895e6/bg_color_section.png
Requested by
Host: www.unitedbenefits4america.com
URL: https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.12.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24d56ba0375f489a9dd4a99c9193385c14ebc5097210824e660d9136b6d313dd

Request headers

:path
/hosted/images/ee/3305a092d511e78b614901e3b895e6/bg_color_section.png
pragma
no-cache
cookie
__cf_bm=o7bKTKQVB0Bl0kDI4zfVNydh6Nn8vj9YaShlEv4Z2xk-1632773921-0-AZcGKj8HLJhhCIm55AHzUqbWgbQOOgSRftNcWi2qciGjdFzez0RlJs+4qDhp8MbFL2Z2Y/lWqv6kE3j9rGD3eBM9838HseMIxzjGWSSOFoN3
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.unitedbenefits4america.com
referer
https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 20:18:41 GMT
cf-cache-status
HIT
age
4184
cf-polished
origSize=19422
content-length
19372
last-modified
Wed, 06 Sep 2017 07:35:21 GMT
server
cloudflare
etag
"8dadc076cb87594f3fd0dca9e6485d6c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
cf-ray
69576c340a9d5ca4-FRA
cf-bgj
imgq:85,h2pri,csam-hash
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.unitedbenefits4america.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 15:11:30 GMT
x-content-type-options
nosniff
age
18431
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Sep 2022 15:11:30 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.9.0/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.9.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.214.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Referer
https://use.fontawesome.com/releases/v5.9.0/css/all.css
Origin
https://www.unitedbenefits4america.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 20:18:42 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
564ZS7W5QBBZ3ERY
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
75440
x-amz-id-2
kA5TvQNC2i4A2fBeMrhflyHDwj9upkoEHrhZSqNVZnEcp3j0tb9PkGTmOYtOb0YipDopOeKTK00=
last-modified
Wed, 30 Jun 2021 15:48:27 GMT
server
cloudflare
etag
"b5cf8ae26748570d8fb95a47f46b69e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2LU6YwfeloebUPbVPclrpNp1OEYtyANb%2F5Q%2BwP4OHaxh%2FLPSW3P%2BAyJGEtmrQUJiUDIun2Lny1tKKFS37YC1t7QpUrH3dyqrx0nB4jkYG1%2Bpr5mVJqWNceXI1dpmbVYiuHB8J0P"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
69576c343be24119-PRG
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.unitedbenefits4america.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 08:57:05 GMT
x-content-type-options
nosniff
age
472896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 08:57:05 GMT
mFT0WbgBwKPR_Z4hGN2qgx8D1Q.woff2
fonts.gstatic.com/s/slabo27px/v7/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/slabo27px/v7/mFT0WbgBwKPR_Z4hGN2qgx8D1Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=sans-serif%7CShadows+Into+Light+Two%7CSlabo+27px%7CLato%7CSlabo+27px%7Csans-serif%7CShadows+Into+Light+Two%7CLato%7Csans-serif%7CLato%7C%7C
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
678864ce75dc361188686e8bcb527acbb7639c00420fdef0216bb926f2b2e027
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.unitedbenefits4america.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 20:32:26 GMT
x-content-type-options
nosniff
age
431175
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15876
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:03:22 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Sep 2022 20:32:26 GMT
4iC86LVlZsRSjQhpWGedwyOoW-0A6_kpsyNmpAzHGQ.woff2
fonts.gstatic.com/s/shadowsintolighttwo/v8/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/shadowsintolighttwo/v8/4iC86LVlZsRSjQhpWGedwyOoW-0A6_kpsyNmpAzHGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=sans-serif%7CShadows+Into+Light+Two%7CSlabo+27px%7CLato%7CSlabo+27px%7Csans-serif%7CShadows+Into+Light+Two%7CLato%7Csans-serif%7CLato%7C%7C
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
9881a70e1ba7b9c3409931942e5c9870d9295667ee29e9a84f7437543a94d0d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.unitedbenefits4america.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 07:26:17 GMT
x-content-type-options
nosniff
age
46344
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15856
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 03:47:57 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Sep 2022 07:26:17 GMT
www-player-webp.css
www.youtube.com/s/player/d82ca80e/ Frame DE6C 		64 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d82ca80e/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 01:28:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
240599
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46472
x-xss-protection
0
last-modified
Sat, 25 Sep 2021 00:00:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 25 Sep 2022 01:28:43 GMT
www-embed-player.js
www.youtube.com/s/player/d82ca80e/www-embed-player.vflset/ Frame DE6C 		201 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d82ca80e/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 10:57:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
33683
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67318
x-xss-protection
0
last-modified
Sat, 25 Sep 2021 00:00:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 27 Sep 2022 10:57:19 GMT
base.js
www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/ Frame DE6C 		512 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 01:37:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
240062
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
518228
x-xss-protection
0
last-modified
Sat, 25 Sep 2021 00:00:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 25 Sep 2022 01:37:40 GMT
fetch-polyfill.js
www.youtube.com/s/player/d82ca80e/fetch-polyfill.vflset/ Frame DE6C 		8 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d82ca80e/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 07:56:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
44553
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Sat, 25 Sep 2021 00:00:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 27 Sep 2022 07:56:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DE6C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 19:58:13 GMT
x-content-type-options
nosniff
age
1229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Sep 2022 19:58:13 GMT
vendor.js
www.unitedbenefits4america.com/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.unitedbenefits4america.com/vendor.js
Requested by
Host: www.unitedbenefits4america.com
URL: https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.12.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash
7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options ALLOWALL

Request headers

:path
/vendor.js
pragma
no-cache
cookie
__cf_bm=o7bKTKQVB0Bl0kDI4zfVNydh6Nn8vj9YaShlEv4Z2xk-1632773921-0-AZcGKj8HLJhhCIm55AHzUqbWgbQOOgSRftNcWi2qciGjdFzez0RlJs+4qDhp8MbFL2Z2Y/lWqv6kE3j9rGD3eBM9838HseMIxzjGWSSOFoN3
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.unitedbenefits4america.com
referer
https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 20:18:42 GMT
content-encoding
br
cf-cache-status
MISS
x-powered-by
Phusion Passenger Enterprise 6.0.7
status
200 OK
strict-transport-security
max-age=0
x-request-id
e654d274850480c0f110fdc04c935acc
x-runtime
0.043503
x-content-digest
581e49c9b7bdd06dab54c00931f4256b223e620e
server
cloudflare
x-frame-options
ALLOWALL
etag
W/"7422e50efbaea439fda7ef3b0eb54ee1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, public
access-control-allow-credentials
true
cf-ray
69576c35ae8e5ca4-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache
fresh
/
app.clickfunnels.com/userevents/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/userevents/?funnel_id=cm5pZTE4amRXc0RaNCtocXI0aDZtQT09LS1aSmg4ZFNtQjZMN1BIY2FYU2xSZVNBPT0%3D--b2bffd975c017234fe146312bfb42807b592e439&page_id=WFV6VFFxYUhXWlk1TlRWcHBNTWJRUT09LS1qS2dRbWN0bERBZVA2N1RPK3FqcWN3PT0%3D--49742b7c081d7a9ccd82319ed2808e675bd956a4&funnel_step_id=MGh0NVM1c2tHblhTQjRFaVpCRWUwdz09LS1kUjNCaXU2Z0JvNEROWWVQdURoQ3VBPT0%3D--068551cccfecf22efd9927232a5a6ae40c693b99&user_id=SFVPYmxxTitvQUlIdXpNYnM2MUJmQT09LS15N1pOYmIxNnVHdVdSSHlRRUxqaUxBPT0%3D--141ff84aad32f1bfc443907573b771712aa00fc6&account_id=MHlTYmYvVjdESjFHL250WWg1bHVnUT09LS1yaWlkK0xzSnVYMVdhZWkzVGxMTVFRPT0%3D--f1f313925bd245f16be909d740ac2ffaea0302c9&page_code=NDczMTM2MjY%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::PageviewsCreatedSummary&nonce=1be8a8c7-779a-4feb-a74f-f3c5c3bbe1ad&url=https%3A%2F%2Fwww.unitedbenefits4america.com%2Freverse-squeeze-page1615912723915
Requested by
Host: www.unitedbenefits4america.com
URL: https://www.unitedbenefits4america.com/assets/userevents/application.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.13.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options ALLOWALL

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unitedbenefits4america.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 20:18:42 GMT
access-control-request-method
*
cf-cache-status
BYPASS
access-control-allow-origin
*
x-powered-by
Phusion Passenger Enterprise 6.0.7
status
202 Accepted
strict-transport-security
max-age=0
x-request-id
11a5f9ca4e219f25382d7f3dd8c6d9f5
x-runtime
0.038542
server
cloudflare
x-frame-options
ALLOWALL
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
text/html
pragma
no-cache
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
69576c35cee05b5c-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache
miss
/
app.clickfunnels.com/userevents/ 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/userevents/?funnel_id=cm5pZTE4amRXc0RaNCtocXI0aDZtQT09LS1aSmg4ZFNtQjZMN1BIY2FYU2xSZVNBPT0%3D--b2bffd975c017234fe146312bfb42807b592e439&page_id=WFV6VFFxYUhXWlk1TlRWcHBNTWJRUT09LS1qS2dRbWN0bERBZVA2N1RPK3FqcWN3PT0%3D--49742b7c081d7a9ccd82319ed2808e675bd956a4&funnel_step_id=MGh0NVM1c2tHblhTQjRFaVpCRWUwdz09LS1kUjNCaXU2Z0JvNEROWWVQdURoQ3VBPT0%3D--068551cccfecf22efd9927232a5a6ae40c693b99&user_id=SFVPYmxxTitvQUlIdXpNYnM2MUJmQT09LS15N1pOYmIxNnVHdVdSSHlRRUxqaUxBPT0%3D--141ff84aad32f1bfc443907573b771712aa00fc6&account_id=MHlTYmYvVjdESjFHL250WWg1bHVnUT09LS1yaWlkK0xzSnVYMVdhZWkzVGxMTVFRPT0%3D--f1f313925bd245f16be909d740ac2ffaea0302c9&page_code=NDczMTM2MjY%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniquePageviewsCreatedSummary&nonce=7f209922-f383-4a77-bab3-c32da4f0f14b&url=https%3A%2F%2Fwww.unitedbenefits4america.com%2Freverse-squeeze-page1615912723915
Requested by
Host: www.unitedbenefits4america.com
URL: https://www.unitedbenefits4america.com/assets/userevents/application.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.13.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options ALLOWALL

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unitedbenefits4america.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 20:18:42 GMT
access-control-request-method
*
cf-cache-status
BYPASS
access-control-allow-origin
*
x-powered-by
Phusion Passenger Enterprise 6.0.7
status
202 Accepted
strict-transport-security
max-age=0
x-request-id
2be9f13884f916d23bc8f2f0c19f9c2f
x-runtime
0.029315
server
cloudflare
x-frame-options
ALLOWALL
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
text/html
pragma
no-cache
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
69576c35cee35b5c-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache
miss
/
app.clickfunnels.com/userevents/ 		0
811 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/userevents/?funnel_id=cm5pZTE4amRXc0RaNCtocXI0aDZtQT09LS1aSmg4ZFNtQjZMN1BIY2FYU2xSZVNBPT0%3D--b2bffd975c017234fe146312bfb42807b592e439&page_id=WFV6VFFxYUhXWlk1TlRWcHBNTWJRUT09LS1qS2dRbWN0bERBZVA2N1RPK3FqcWN3PT0%3D--49742b7c081d7a9ccd82319ed2808e675bd956a4&funnel_step_id=MGh0NVM1c2tHblhTQjRFaVpCRWUwdz09LS1kUjNCaXU2Z0JvNEROWWVQdURoQ3VBPT0%3D--068551cccfecf22efd9927232a5a6ae40c693b99&user_id=SFVPYmxxTitvQUlIdXpNYnM2MUJmQT09LS15N1pOYmIxNnVHdVdSSHlRRUxqaUxBPT0%3D--141ff84aad32f1bfc443907573b771712aa00fc6&account_id=MHlTYmYvVjdESjFHL250WWg1bHVnUT09LS1yaWlkK0xzSnVYMVdhZWkzVGxMTVFRPT0%3D--f1f313925bd245f16be909d740ac2ffaea0302c9&page_code=NDczMTM2MjY%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniqueVisitorsCreatedSummary&nonce=72542a3c-c50e-4413-87fe-643cfda41342&url=https%3A%2F%2Fwww.unitedbenefits4america.com%2Freverse-squeeze-page1615912723915
Requested by
Host: www.unitedbenefits4america.com
URL: https://www.unitedbenefits4america.com/assets/userevents/application.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.13.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options ALLOWALL

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unitedbenefits4america.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 20:18:42 GMT
access-control-request-method
*
cf-cache-status
BYPASS
access-control-allow-origin
*
x-powered-by
Phusion Passenger Enterprise 6.0.7
status
202 Accepted
strict-transport-security
max-age=0
x-request-id
ee4eba01d53d0a64711f40529089e8ca
x-runtime
0.029914
server
cloudflare
x-frame-options
ALLOWALL
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
text/html
pragma
no-cache
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
69576c35cee25b5c-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache
miss
iframe_api
www.youtube.com/ 		980 B
510 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.unitedbenefits4america.com
URL: https://www.unitedbenefits4america.com/assets/lander.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
ESF /
Resource Hash
7b6ca722b11ece7b4d120738db3c14b8880487b0646a71812abaa66755033d12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unitedbenefits4america.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 20:18:42 GMT
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
expires
Mon, 27 Sep 2021 20:18:42 GMT
BCck06revTM
www.youtube.com/embed/ Frame 8BCD 		56 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Requested by
Host: www.unitedbenefits4america.com
URL: https://www.unitedbenefits4america.com/assets/lander.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
ESF /
Resource Hash
2dda7aab55517e7f9891597b05888122d14982624f070902a57f0a6c9054110b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.unitedbenefits4america.com/
accept-encoding
gzip, deflate, br
cookie
YSC=ImQt8zF6JWo; VISITOR_INFO1_LIVE=JUcWrAT6Oig
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.unitedbenefits4america.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 27 Sep 2021 20:18:42 GMT
strict-transport-security
max-age=31536000
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
report-to
{"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
track.addevent.com/atc/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=7d6f805b-156c-4195-fb83-7ef83983ed1a&url=https%3A%2F%2Fwww.unitedbenefits4america.com%2Freverse-squeeze-page1615912723915&cache=1632773922245
Requested by
Host: www.unitedbenefits4america.com
URL: https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.116.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-116-2.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unitedbenefits4america.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, X-Access-Token
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
www-widgetapi.js
www.youtube.com/s/player/d82ca80e/www-widgetapi.vflset/ 		135 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d82ca80e/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
sffe /
Resource Hash
410b77cfed895ed4121c51db552980b028e957881909f803f67192c4ad59b315
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unitedbenefits4america.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 19:10:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
4081
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44760
x-xss-protection
0
last-modified
Sat, 25 Sep 2021 00:00:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 27 Sep 2022 19:10:41 GMT
www-player-webp.css
www.youtube.com/s/player/d82ca80e/ Frame 8BCD 		330 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d82ca80e/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
sffe /
Resource Hash
98246f79b1495fa4d547fc6bdff6a3de6cf8064d5cb9e5d877adee9171a7f99d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 01:28:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
240599
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46472
x-xss-protection
0
last-modified
Sat, 25 Sep 2021 00:00:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 25 Sep 2022 01:28:43 GMT
www-embed-player.js
www.youtube.com/s/player/d82ca80e/www-embed-player.vflset/ Frame 8BCD 		201 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d82ca80e/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
sffe /
Resource Hash
045fd4ce57343257588e028026d314db88e7cc03aa84ec98ead1197bafe8c598
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 10:57:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
33683
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67318
x-xss-protection
0
last-modified
Sat, 25 Sep 2021 00:00:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 27 Sep 2022 10:57:19 GMT
base.js
www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/ Frame 8BCD 		2 MB
506 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
sffe /
Resource Hash
8ac79395ad2c8c0efaf5a734544089eab4a8dce163f3b97f86d08921df5faafb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 01:37:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
240062
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
518228
x-xss-protection
0
last-modified
Sat, 25 Sep 2021 00:00:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 25 Sep 2022 01:37:40 GMT
fetch-polyfill.js
www.youtube.com/s/player/d82ca80e/fetch-polyfill.vflset/ Frame 8BCD 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d82ca80e/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 07:56:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
44553
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Sat, 25 Sep 2021 00:00:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 27 Sep 2022 07:56:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8BCD 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 19:58:13 GMT
x-content-type-options
nosniff
age
1229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Sep 2022 19:58:13 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 8BCD
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
9f262e297b52ce42754c6b35d8a955c5db51174b3d90ca9d87cdf6f7461c4f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 20:18:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 27 Sep 2021 20:18:42 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 8BCD 		29 B
424 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 20:12:57 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
345
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Mon, 27 Sep 2021 20:27:57 GMT
rIOgB3Dr0zVzUSVnc6eaOuQRY5FnasxpvjH3SncfJjk.js
www.google.com/js/th/ Frame 8BCD 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/rIOgB3Dr0zVzUSVnc6eaOuQRY5FnasxpvjH3SncfJjk.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
sffe /
Resource Hash
ac83a00770ebd3357351256773a79a3ae4116391676acc69be31f74a771f2639
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 05:13:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
486316
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13394
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 23:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 22 Sep 2022 05:13:26 GMT
embed.js
www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/ Frame 8BCD 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
sffe /
Resource Hash
5cf2d602e6a7b16bf2a0b1866e945e014d8d08ecb9603a36943b8da90499a96e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 01:39:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
239946
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7358
x-xss-protection
0
last-modified
Sat, 25 Sep 2021 00:00:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 25 Sep 2022 01:39:36 GMT
player
www.youtube.com/youtubei/v1/ Frame 8BCD 		86 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
ESF /
Resource Hash
c0286ef029047162c5dd4887a0a27b431eba9bc41ed658932aa8782e0e088d46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20210922.1.1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
X-Goog-Visitor-Id
CgtKVWNXckFUNk9pZyiizsiKBg%3D%3D
Content-Type
application/json

Response headers

date
Mon, 27 Sep 2021 20:18:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22297
x-xss-protection
0
truncated
/ Frame 8BCD 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
AKedOLT8u0_7T30uwqhRQE2GYNVTY-NFFZE5ykKkMmMV=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 8BCD 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLT8u0_7T30uwqhRQE2GYNVTY-NFFZE5ykKkMmMV=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
fife /
Resource Hash
29a0154a824f3d82a68a6f963c4b869e4cef8276637c76c0350a7c02621f38dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 20:18:42 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2092
x-xss-protection
0
server
fife
etag
"vbc"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 04 Sep 2021 11:18:58 GMT
truncated
/ Frame 8BCD 		316 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
46e37a67ad9bf490d9d3c1f8f51e84e5e186af604d9de342447e950c0fdea848

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
generate_204
www.youtube.com/ Frame 8BCD 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?MVb8RA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 20:18:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
qoe
www.youtube.com/api/stats/ Frame 8BCD 		0
19 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=134&afmt=251&cpn=3cFUvwlpxeImrQam&ei=IidSYbPcHqCJ6dsPk42rmA0&el=embedded&docid=BCck06revTM&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24064555%2C24080738%2C24082661%2C24101841&cl=398834183&seq=1&cbr=Chrome&cbrver=93.0.4577.63&c=WEB_EMBEDDED_PLAYER&cver=1.20210922.1.1&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.006:B,0.170:B,0.170:B&cmt=0.006:0.000,0.170:0.000&ctmp=cc:t.162;useVodTrack&afs=0.170:251::i&vfs=0.170:134:134::r&view=0.170:699:393&bwe=0.170:130000&bat=0.170:1:1&vis=0.170:0&bh=0.170:0.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 20:18:42 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
r4---sn-4g5lznes.googlevideo.com/ Frame 8BCD 		202 KB
203 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r4---sn-4g5lznes.googlevideo.com/videoplayback?expire=1632795522&ei=IidSYbPcHqCJ6dsPk42rmA0&ip=216.131.114.144&id=o-AIR-SSl4HVlib2Jp-NUrSCieJMaP4iphmwQLGKlduNDj&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=sV&mm=31%2C26&mn=sn-4g5lznes%2Csn-2gb7sn7s&ms=au%2Conr&mv=m&mvi=4&pl=24&initcwndbps=253750&vprv=1&mime=video%2Fmp4&ns=TsdYTnoXTmilvJdojgmuyDMG&gir=yes&clen=7271185&otfp=1&dur=195.320&lmt=1606856349401982&mt=1632773581&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6216222&n=zTtUg_BWCc21Bw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPD8fUPlSogSiVlBYMAeOnO45s7VJj4golPbovCkWVEeAiEA90li-rj1qs7bkvxvlX6zoLJGGz_Ep6CPxedHEBowU8w%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgDTUjIVm8lgt-_YSS0D8K3-Kr8AzjYRvR2He0_w4RblYCIQCIL_s0RIWrZ2Wa4BpuOxF48VywXQxgzxuTZ-hgtyHA0w%3D%3D&alr=yes&cpn=3cFUvwlpxeImrQam&cver=1.20210922.1.1&range=0-207223&rn=1&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.125.160.41 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s13-in-f9.1e100.net
Software
gvs 1.0 /
Resource Hash
b21879700b64feb69823c520de8e3642973e841127052299bc83094cd9a0a5ae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 27 Sep 2021 20:18:42 GMT
X-Restrict-Formats-Hint
None
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
207224
Last-Modified
Tue, 01 Dec 2020 20:59:09 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
https://www.youtube.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=21300
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
X-Content-Type-Options
nosniff
Expires
Mon, 27 Sep 2021 20:18:42 GMT
videoplayback
r4---sn-4g5lznes.googlevideo.com/ Frame 8BCD 		65 KB
66 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r4---sn-4g5lznes.googlevideo.com/videoplayback?expire=1632795522&ei=IidSYbPcHqCJ6dsPk42rmA0&ip=216.131.114.144&id=o-AIR-SSl4HVlib2Jp-NUrSCieJMaP4iphmwQLGKlduNDj&itag=251&source=youtube&requiressl=yes&mh=sV&mm=31%2C26&mn=sn-4g5lznes%2Csn-2gb7sn7s&ms=au%2Conr&mv=m&mvi=4&pl=24&initcwndbps=253750&vprv=1&mime=audio%2Fwebm&ns=TsdYTnoXTmilvJdojgmuyDMG&gir=yes&clen=3468744&otfp=1&dur=195.341&lmt=1606856342179816&mt=1632773581&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=zTtUg_BWCc21Bw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgYEqXi6HFroMm96KuowfI0oyQsSPrdI-48G6ddogHeOYCIQDTDA4mBb8_T9bKKcZX1GSqDMBxz-s3abTAyxGpCYmpJw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgDTUjIVm8lgt-_YSS0D8K3-Kr8AzjYRvR2He0_w4RblYCIQCIL_s0RIWrZ2Wa4BpuOxF48VywXQxgzxuTZ-hgtyHA0w%3D%3D&alr=yes&cpn=3cFUvwlpxeImrQam&cver=1.20210922.1.1&range=0-66138&rn=2&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.125.160.41 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s13-in-f9.1e100.net
Software
gvs 1.0 /
Resource Hash
d4abf81b381809489340f3ad0e3ed4f61551b7733451b375ce138e52e301efcb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 27 Sep 2021 20:18:42 GMT
X-Content-Type-Options
nosniff
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
66139
Last-Modified
Tue, 01 Dec 2020 20:59:02 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
audio/webm
Access-Control-Allow-Origin
https://www.youtube.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=21300
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
Expires
Mon, 27 Sep 2021 20:18:42 GMT
remote.js
www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/ Frame 8BCD 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
sffe /
Resource Hash
62b97aca219dc9aa7b073a1871afc7e9af2f5beea5df283c94841f53a264042c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 01:37:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
240062
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29952
x-xss-protection
0
last-modified
Sat, 25 Sep 2021 00:00:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 25 Sep 2022 01:37:40 GMT
captions.js
www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/ Frame 8BCD 		63 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/captions.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
sffe /
Resource Hash
ed681617bc64ab164cf1837b9e423f1e80b31aafc90a38dce2f5ee84aa27f9b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 01:37:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
240062
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24392
x-xss-protection
0
last-modified
Sat, 25 Sep 2021 00:00:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 25 Sep 2022 01:37:40 GMT
endscreen.js
www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/ Frame 8BCD 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/endscreen.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
sffe /
Resource Hash
17ac8c23018cac7f9f6bc18e990353161238d86575d845e97e8175776e9a15a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 01:37:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
240062
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7134
x-xss-protection
0
last-modified
Sat, 25 Sep 2021 00:00:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 25 Sep 2022 01:37:40 GMT
annotations_module.js
www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/ Frame 8BCD 		66 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/annotations_module.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
sffe /
Resource Hash
c3c2424d49c795d90d4a49b1d3eebff0c4c31c94686b5dcd65c21b86e8bc21ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 01:38:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
240042
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19767
x-xss-protection
0
last-modified
Sat, 25 Sep 2021 00:00:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 25 Sep 2022 01:38:00 GMT
next
www.youtube.com/youtubei/v1/ Frame 8BCD 		25 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
a59484fb6c7dd21744c6321c1c5a633a5130822585d6f7d5f414262f8f358e7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20210922.1.1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
X-Goog-Visitor-Id
CgtKVWNXckFUNk9pZyiizsiKBg%3D%3D
Content-Type
application/json

Response headers

date
Mon, 27 Sep 2021 20:18:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2768
x-xss-protection
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 8BCD 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f3.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 20:18:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview"
expires
Mon, 27 Sep 2021 20:18:42 GMT
truncated
/ Frame 8BCD 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b79ec3853e32493190ce5cc7545de7c741f0960f5f6b7bc4dd6e155a8b67144a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
AKedOLT8u0_7T30uwqhRQE2GYNVTY-NFFZE5ykKkMmMV=s400-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 8BCD 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLT8u0_7T30uwqhRQE2GYNVTY-NFFZE5ykKkMmMV=s400-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
fife /
Resource Hash
0c44b9abbe9b83f814f5beccc2b7c59b4f94bc3416638c11c00832f084a32fb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 20:18:42 GMT
x-content-type-options
nosniff
server
fife
etag
"vbc"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19586
x-xss-protection
0
expires
Tue, 28 Sep 2021 20:18:42 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/sxPLFRSAIVo/ Frame 8BCD 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/sxPLFRSAIVo/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f22.1e100.net
Software
sffe /
Resource Hash
4612db239bce32fa25c3a4d3ba67f031146409a31be39e418e3bf04854547a84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 20:18:42 GMT
x-content-type-options
nosniff
server
sffe
etag
"1592940958"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143226
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 27 Sep 2021 22:18:42 GMT
cast_sender.js
www.gstatic.com/eureka/clank/93/ Frame 8BCD 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/93/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f3.1e100.net
Software
sffe /
Resource Hash
66b3a50b1f61027459efda3192f4265a316f43a8d770a7135c956bea688fe4d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 17:27:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10265
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15346
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 17:05:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Tue, 28 Sep 2021 17:27:37 GMT
nr-1210.min.js
js-agent.newrelic.com/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1210.min.js
Requested by
Host: www.unitedbenefits4america.com
URL: https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unitedbenefits4america.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
tUmpG8VLFN_NnT6837P9feidPwIndCMZ
content-encoding
gzip
etag
"67f7ff413fcbb9300ab2dbf1bb53180c"
x-amz-request-id
3700EJ4ZWWQ4P78Z
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
11781
x-amz-id-2
WHzeslBLMht/NaCF9kkJd18iJ6Fkr2YZAl5iGj0a1qtVGAGpwFyTtZrMMtk5xKXdIU5RYSWHiEw=
x-served-by
cache-hhn4061-HHN
last-modified
Tue, 22 Jun 2021 22:47:07 GMT
server
AmazonS3
x-timer
S1632773923.967247,VS0,VE0
date
Mon, 27 Sep 2021 20:18:42 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
7315
background.png
www.unitedbenefits4america.com/images/ 		118 B
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.unitedbenefits4america.com/images/background.png?_unique=0.8977071383891351&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//www.unitedbenefits4america.com/reverse-squeeze-page1615912723915&_title=UB4A%20%7C%20FLEX%20Plus%20Planning%20Session&_key=q8iyy5rm&_page_key=spko7w6xupjljt6g&_fid=10753499&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915&_referrer=
Requested by
Host: www.unitedbenefits4america.com
URL: https://www.unitedbenefits4america.com/vendor.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.12.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash
0a414dec90433a4b27a977fcb725a077ed68f27e8e48c8a69c10f68adff5df42
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options ALLOWALL

Request headers

:path
/images/background.png?_unique=0.8977071383891351&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//www.unitedbenefits4america.com/reverse-squeeze-page1615912723915&_title=UB4A%20%7C%20FLEX%20Plus%20Planning%20Session&_key=q8iyy5rm&_page_key=spko7w6xupjljt6g&_fid=10753499&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915&_referrer=
pragma
no-cache
cookie
__cf_bm=o7bKTKQVB0Bl0kDI4zfVNydh6Nn8vj9YaShlEv4Z2xk-1632773921-0-AZcGKj8HLJhhCIm55AHzUqbWgbQOOgSRftNcWi2qciGjdFzez0RlJs+4qDhp8MbFL2Z2Y/lWqv6kE3j9rGD3eBM9838HseMIxzjGWSSOFoN3; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NDczMTM2MjY=:visited=true; cf:visitor_id=fa1587c8-1c4c-45da-9d34-29b35654ee6e; addevent_track_cookie=7d6f805b-156c-4195-fb83-7ef83983ed1a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.unitedbenefits4america.com
referer
https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 20:18:43 GMT
access-control-request-method
*
cf-cache-status
DYNAMIC
x-powered-by
Phusion Passenger Enterprise 6.0.7
status
200 OK
strict-transport-security
max-age=0
content-encoding
br
x-request-id
a8b9ef9e0f42a1cd66dc4b59d380b1d0
x-runtime
0.021439
server
cloudflare
x-frame-options
ALLOWALL
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
cf-ray
69576c39f9145ca4-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache
miss
rum
www.unitedbenefits4america.com/cdn-cgi/ 		0
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.unitedbenefits4america.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.12.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-fetch-mode
cors
origin
https://www.unitedbenefits4america.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
__cf_bm=o7bKTKQVB0Bl0kDI4zfVNydh6Nn8vj9YaShlEv4Z2xk-1632773921-0-AZcGKj8HLJhhCIm55AHzUqbWgbQOOgSRftNcWi2qciGjdFzez0RlJs+4qDhp8MbFL2Z2Y/lWqv6kE3j9rGD3eBM9838HseMIxzjGWSSOFoN3; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NDczMTM2MjY=:visited=true; cf:visitor_id=fa1587c8-1c4c-45da-9d34-29b35654ee6e; addevent_track_cookie=7d6f805b-156c-4195-fb83-7ef83983ed1a
content-length
11877
:path
/cdn-cgi/rum?
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
www.unitedbenefits4america.com
referer
https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json

Response headers

date
Mon, 27 Sep 2021 20:18:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.unitedbenefits4america.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
69576c3aec0e5ca4-FRA
vary
Origin
videoplayback
r4---sn-4g5lznes.googlevideo.com/ Frame 8BCD 		64 KB
64 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r4---sn-4g5lznes.googlevideo.com/videoplayback?expire=1632795522&ei=IidSYbPcHqCJ6dsPk42rmA0&ip=216.131.114.144&id=o-AIR-SSl4HVlib2Jp-NUrSCieJMaP4iphmwQLGKlduNDj&itag=251&source=youtube&requiressl=yes&mh=sV&mm=31%2C26&mn=sn-4g5lznes%2Csn-2gb7sn7s&ms=au%2Conr&mv=m&mvi=4&pl=24&initcwndbps=253750&vprv=1&mime=audio%2Fwebm&ns=TsdYTnoXTmilvJdojgmuyDMG&gir=yes&clen=3468744&otfp=1&dur=195.341&lmt=1606856342179816&mt=1632773581&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=zTtUg_BWCc21Bw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgYEqXi6HFroMm96KuowfI0oyQsSPrdI-48G6ddogHeOYCIQDTDA4mBb8_T9bKKcZX1GSqDMBxz-s3abTAyxGpCYmpJw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgDTUjIVm8lgt-_YSS0D8K3-Kr8AzjYRvR2He0_w4RblYCIQCIL_s0RIWrZ2Wa4BpuOxF48VywXQxgzxuTZ-hgtyHA0w%3D%3D&alr=yes&cpn=3cFUvwlpxeImrQam&cver=1.20210922.1.1&range=66139-131674&rn=3&rbuf=3704
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.160.41 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s13-in-f9.1e100.net
Software
gvs 1.0 /
Resource Hash
a4de127e32632bb77085a41f6e3227378a3106bd1a16dc1f4d32bae2b32160dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 20:18:43 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65536
client-protocol
quic
last-modified
Tue, 01 Dec 2020 20:59:02 GMT
server
gvs 1.0
vary
Origin
content-type
audio/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21299
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Mon, 27 Sep 2021 20:18:43 GMT
NRJS-fc902efb332119fff33
bam-cell.nr-data.net/1/ 		49 B
925 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1210.e2a3f80&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2557&ck=1&ref=https://www.unitedbenefits4america.com/reverse-squeeze-page1615912723915&ap=424&be=1145&fe=2178&dc=1499&perf=%7B%22timing%22:%7B%22of%22:1632773920686,%22n%22:0,%22f%22:744,%22dn%22:745,%22dne%22:745,%22c%22:745,%22s%22:751,%22ce%22:764,%22rq%22:764,%22rp%22:990,%22rpe%22:992,%22dl%22:995,%22di%22:1498,%22ds%22:1500,%22de%22:1563,%22dc%22:2178,%22l%22:2178,%22le%22:2285%7D,%22navigation%22:%7B%7D%7D&fp=1281&fcp=1281&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unitedbenefits4america.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 27 Sep 2021 20:18:43 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
X-NewRelic-App-Data
PxQGQlVTAAQBXFFTFR0VMQFTYkEDCBADUxZRDVZkG3xWEU0YdQhAEgVCVAkDEWQcfgEVFk51XhUUUEJQCgMRQBxSFlIUCRoLClUAUnRMB05WAhtDA1YPVQkCAwcBBA8AXAhVBUBKBQNcEV0/
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
69576c3c8e07074a-FRA
videoplayback
r4---sn-4g5lznes.googlevideo.com/ Frame 8BCD 		45 KB
45 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r4---sn-4g5lznes.googlevideo.com/videoplayback?expire=1632795522&ei=IidSYbPcHqCJ6dsPk42rmA0&ip=216.131.114.144&id=o-AIR-SSl4HVlib2Jp-NUrSCieJMaP4iphmwQLGKlduNDj&itag=251&source=youtube&requiressl=yes&mh=sV&mm=31%2C26&mn=sn-4g5lznes%2Csn-2gb7sn7s&ms=au%2Conr&mv=m&mvi=4&pl=24&initcwndbps=253750&vprv=1&mime=audio%2Fwebm&ns=TsdYTnoXTmilvJdojgmuyDMG&gir=yes&clen=3468744&otfp=1&dur=195.341&lmt=1606856342179816&mt=1632773581&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=zTtUg_BWCc21Bw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgYEqXi6HFroMm96KuowfI0oyQsSPrdI-48G6ddogHeOYCIQDTDA4mBb8_T9bKKcZX1GSqDMBxz-s3abTAyxGpCYmpJw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgDTUjIVm8lgt-_YSS0D8K3-Kr8AzjYRvR2He0_w4RblYCIQCIL_s0RIWrZ2Wa4BpuOxF48VywXQxgzxuTZ-hgtyHA0w%3D%3D&alr=yes&cpn=3cFUvwlpxeImrQam&cver=1.20210922.1.1&range=131675-177564&rn=4&rbuf=7408
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.160.41 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s13-in-f9.1e100.net
Software
gvs 1.0 /
Resource Hash
6ee15bc8450709e869bcd46355732592a6cb1b529bd834b8017852801ef022ad
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 20:18:43 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45890
client-protocol
quic
last-modified
Tue, 01 Dec 2020 20:59:02 GMT
server
gvs 1.0
vary
Origin
content-type
audio/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21299
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Mon, 27 Sep 2021 20:18:43 GMT
playback
www.youtube.com/api/stats/ Frame 8BCD 		0
17 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=3cFUvwlpxeImrQam&docid=BCck06revTM&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FBCck06revTM%3Fmute%3D1%26autoplay%3D1%26%26modestbranding%3D1%26controls%3D1%26showinfo%3D0%26rel%3D0%26hd%3D1%26wmode%3Dtransparent&cmt=0.002&ei=IidSYbPcHqCJ6dsPk42rmA0&fmt=134&fs=0&rt=0.81&of=wbAUJoLFDaeeOSJrHXH1sg&euri=https%3A%2F%2Fwww.unitedbenefits4america.com%2F&lact=828&cl=398834183&mos=1&vm=CAEQABgEOjJBS1JhaHdCSnQyQ1VuWUo0ZkhxOTh4NUtKZkQzd1lRRWZsM0pwWjBqcGlqbE9mSm10Z2JYQVBta0tESzg0Mm03dVZjMnI5akFFUE13SlZ3UXZ1VURpY0RTY2tiTmlDNGdGdmtPTzJLcFVhZU1EQ0pUbnNWZzhJeDZlNHE4aW1nUGk5SnJNeGE4VllTcQ&volume=100&cbr=Chrome&cbrver=93.0.4577.63&c=WEB_EMBEDDED_PLAYER&cver=1.20210922.1.1&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&hl=de_DE&cr=US&len=195.341&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24064555%2C24080738%2C24082661%2C24101841&rtn=9&afmt=251&size=699%3A393&inview=1&muted=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
X-YouTube-Client-Version
1.20210922.1.1
X-YouTube-Time-Zone
Etc/Unknown
X-YouTube-Ad-Signals
dt=1632773922398&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java&u_nplug=3&u_nmime=4&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C699%2C393&vis=1&wgl=true&ca_type=image&bid=ANyPxKr8n1dQJrJDschaHSj8rRTr_zgXl7IrjJqHSWfwOiMyMVcTrdw8bocs9dh_nVad1M0JF7qLmYWcqd-997ZYLOwEok5MGQ

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 20:18:43 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ptracking
www.youtube.com/ Frame 8BCD 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/ptracking?html5=1&video_id=BCck06revTM&cpn=3cFUvwlpxeImrQam&ei=IidSYbPcHqCJ6dsPk42rmA0&ptk=youtube_none&pltype=contentugc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 20:18:43 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
r4---sn-4g5lznes.googlevideo.com/ Frame 8BCD 		674 KB
674 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r4---sn-4g5lznes.googlevideo.com/videoplayback?expire=1632795522&ei=IidSYbPcHqCJ6dsPk42rmA0&ip=216.131.114.144&id=o-AIR-SSl4HVlib2Jp-NUrSCieJMaP4iphmwQLGKlduNDj&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=sV&mm=31%2C26&mn=sn-4g5lznes%2Csn-2gb7sn7s&ms=au%2Conr&mv=m&mvi=4&pl=24&initcwndbps=253750&vprv=1&mime=video%2Fmp4&ns=TsdYTnoXTmilvJdojgmuyDMG&gir=yes&clen=7271185&otfp=1&dur=195.320&lmt=1606856349401982&mt=1632773581&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6216222&n=zTtUg_BWCc21Bw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPD8fUPlSogSiVlBYMAeOnO45s7VJj4golPbovCkWVEeAiEA90li-rj1qs7bkvxvlX6zoLJGGz_Ep6CPxedHEBowU8w%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgDTUjIVm8lgt-_YSS0D8K3-Kr8AzjYRvR2He0_w4RblYCIQCIL_s0RIWrZ2Wa4BpuOxF48VywXQxgzxuTZ-hgtyHA0w%3D%3D&alr=yes&cpn=3cFUvwlpxeImrQam&cver=1.20210922.1.1&range=207224-897019&rn=5&rbuf=8917
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.160.41 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s13-in-f9.1e100.net
Software
gvs 1.0 /
Resource Hash
7c4282c696a26636166ed0165eb98a08dec84fc4576e2f1b2b1a72dbf3f14b5e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 20:18:43 GMT
x-restrict-formats-hint
None
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
689796
client-protocol
quic
last-modified
Tue, 01 Dec 2020 20:59:09 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21299
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-content-type-options
nosniff
expires
Mon, 27 Sep 2021 20:18:43 GMT
videoplayback
r4---sn-4g5lznes.googlevideo.com/ Frame 8BCD 		179 KB
179 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r4---sn-4g5lznes.googlevideo.com/videoplayback?expire=1632795522&ei=IidSYbPcHqCJ6dsPk42rmA0&ip=216.131.114.144&id=o-AIR-SSl4HVlib2Jp-NUrSCieJMaP4iphmwQLGKlduNDj&itag=251&source=youtube&requiressl=yes&mh=sV&mm=31%2C26&mn=sn-4g5lznes%2Csn-2gb7sn7s&ms=au%2Conr&mv=m&mvi=4&pl=24&initcwndbps=253750&vprv=1&mime=audio%2Fwebm&ns=TsdYTnoXTmilvJdojgmuyDMG&gir=yes&clen=3468744&otfp=1&dur=195.341&lmt=1606856342179816&mt=1632773581&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=zTtUg_BWCc21Bw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgYEqXi6HFroMm96KuowfI0oyQsSPrdI-48G6ddogHeOYCIQDTDA4mBb8_T9bKKcZX1GSqDMBxz-s3abTAyxGpCYmpJw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgDTUjIVm8lgt-_YSS0D8K3-Kr8AzjYRvR2He0_w4RblYCIQCIL_s0RIWrZ2Wa4BpuOxF48VywXQxgzxuTZ-hgtyHA0w%3D%3D&alr=yes&cpn=3cFUvwlpxeImrQam&cver=1.20210922.1.1&range=177565-360774&rn=6&rbuf=10001
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.160.41 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s13-in-f9.1e100.net
Software
gvs 1.0 /
Resource Hash
5cf36bb078fb7fc60cad09bfcc89f7b4ca29c653c1eedb39b5fdf338cd1ef8a6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 20:18:43 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
183210
client-protocol
quic
last-modified
Tue, 01 Dec 2020 20:59:02 GMT
server
gvs 1.0
vary
Origin
content-type
audio/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21299
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Mon, 27 Sep 2021 20:18:43 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 8BCD 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/BCck06revTM?mute=1&autoplay=1&&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
X-YouTube-Client-Version
1.20210922.1.1
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtKVWNXckFUNk9pZyiizsiKBg%3D%3D
X-YouTube-Ad-Signals
dt=1632773922333&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java&u_nplug=3&u_nmime=4&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C699%2C393&vis=1&wgl=true&ca_type=image&bid=ANyPxKr8n1dQJrJDschaHSj8rRTr_zgXl7IrjJqHSWfwOiMyMVcTrdw8bocs9dh_nVad1M0JF7qLmYWcqd-997ZYLOwEok5MGQ

Response headers

date
Mon, 27 Sep 2021 20:18:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

274 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster object| NREUM object| newrelic function| __nr_require function| createGUID function| toQueryString function| setCookie function| getCookie function| logError function| done function| recordUserEvent function| setCFMetaTagsFromCookies function| setCFMetaTagsFromQueryString function| getCFMetaTag function| writeCFMetaTag function| queryStringFromCFMetaTags function| recordPageview function| recordUniqueVisitor function| recordUniquePageview function| setClientWidth function| setForm string| CFAppDomain boolean| domainIsCFInternal function| ouibounce function| CFbuildAudioPlayer function| evsfix function| calcTax function| cfStripeTokenHandler function| cfCreateElements function| cfCreateStripeToken function| cfCreateStripePaymentMethod function| cfTransformStripeToken function| cfElementsFindFont function| AttachStripeElements function| prettyNotify function| start_firebase function| displayPageNotifier function| start_page_notifier function| start_firebase_quantity_limiter function| readCookie function| CFExtractPayPalButtonConfiguration function| CFPaySelectPaypalTransactions function| PaySelectInit function| recalcRoundUp function| addCharityToSummary function| addSaasRedirectClickHandler function| CFInfusionsoftTokenizationHandler function| webinarDelay function| cookieWebinarTime function| getWebinarLastTime function| reportWebinarTime function| periodicAutoWebinarCheck function| periodicLessonCheck function| reportLessonProgress function| CFSanitizeCountdownElement function| CFstartBPVideos function| CFprocessBPVideos function| CFcheckForVimeo function| CFhandleWistiaBPVideo function| CFhandleAllVimeoBPVideos function| CFhandleAllYouTubeBPVideos function| CFhandleVideoLabels function| CFsetupSessionStarterBP function| CFsetupMutedVideos function| CFrenameVimeoURLAttribute undefined| checkPreview undefined| cookie_variable undefined| tag undefined| firstScriptTag undefined| elVideo_one undefined| elVideo_two undefined| elVideo_three undefined| elVideo_four undefined| elVideo_type undefined| elVideo_show undefined| elVideo_hide undefined| elVideo_numberofvideos undefined| gettheType_unlocker undefined| player undefined| playVideoText undefined| pauseVideoText undefined| playingVideoText undefined| lockedVideoText undefined| CFSurveyParticipantID boolean| cfpeorders function| recurlyDateHandler function| recurlyNameHandler function| recurlyCountryHandler number| CF_KEYCODE_ENTER number| CF_KEYCODE_SPACE undefined| checkifPreview_randomCookie undefined| elCheckVideoEndType undefined| unlockVideoDate undefined| checkifUnlockableDate undefined| checkifUnlockableEverGreenDate undefined| everGreenDates undefined| onYouTubeIframeAPIReady undefined| elUnlocker_startVideo undefined| onPlayerReady undefined| elvideounlockerProgress undefined| elUnlocker_changeVideo undefined| onPlayerStateChange undefined| runAnimationFade undefined| runAnimationScale undefined| runAnimationLeft undefined| runAnimationRight undefined| runAnimationTop undefined| runAnimationBottom function| getURLParameter function| cfpeRebuildOrderSummary function| formatRecurlyExpirationDate function| validateRecurlyExpirationDate function| $ function| jQuery function| moment object| jQuery18107361998444016509 function| JQClass function| tinycolor function| generateUniqueId object| CFUtils object| ClickFunnels function| _ object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer function| videojs function| _V_ function| $d string| proc string| _image_path string| _ate_license boolean| _ate_mouse string| _ate_css string| _ate_callback string| _ate_dropdown string| _ate_lbl_outlook string| _ate_lbl_google string| _ate_lbl_yahoo string| _ate_lbl_hotmail string| _ate_lbl_ical string| _ate_lbl_fb_event boolean| _ate_show_outlook boolean| _ate_show_google boolean| _ate_show_yahoo boolean| _ate_show_hotmail boolean| _ate_show_ical boolean| _ate_show_facebook boolean| _d_rd boolean| _ate_btn_found boolean| _ate_btn_expo object| addthisevent function| postscribe object| I18n object| Clickfunnels function| calcShipping undefined| cfStripeElementsCardElement function| Firebase function| ES6Promise object| cookieconsent object| options function| track_capi object| cfFacebookInitOptions function| fbAsyncInit string| page_key string| fid string| fspos string| fvrs object| cf_tracker string| cf_key string| serverUrl function| getURLParameterExact object| __cfBeacon object| cfpe object| getVars object| $cfSurvey_outcome object| CFSurveyQueryOutcome undefined| target string| str undefined| checkVideoAttr undefined| showVideoBG string| $url object| $queries undefined| $utm_source string| $pID string| $rootID string| $variantcheck string| $userID string| $videoType undefined| $iframeCheck string| $requiredCheck object| SurveyMatcher undefined| $carContestProgress string| $todayYear string| $localTime string| $autoWebinarDay1 string| $autoWebinarDay1_raw string| $selectText string| $autoWebinarDay0 string| $autoWebinarDay0_raw string| $replayText string| $autoWebinarDay2 string| $autoWebinarDay2_raw string| $autoWebinarDay3 string| $autoWebinarDay3_raw undefined| date undefined| time object| webinar_datetime object| webinar_datetime_offset boolean| now object| now_offset number| webinar_delay object| webinar_delay_offset boolean| $removeSelectDateOnAutoWebinar function| callbackFunction object| _pcq object| Mailcheck object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions number| funnel_stat boolean| ecookie function| loadScript function| jQueryCheck function| createCookie function| formatObject function| getFormData function| filteredMatch function| changeText boolean| replied object| sender object| cfUniqueVisitorID function| cfSetUniqueVisitorID function| SendData function| wait function| sleep function| checkresponse function| answered function| postpone object| formSubmitFunctions function| formAttach function| addEvent function| filtered_string object| url_params undefined| parts undefined| nv function| cf_load function| get_XmlHttp string| root_url number| timeout

21 Cookies

Domain/Path Name / Value
.www.unitedbenefits4america.com/ Name: __cf_bm
Value: o7bKTKQVB0Bl0kDI4zfVNydh6Nn8vj9YaShlEv4Z2xk-1632773921-0-AZcGKj8HLJhhCIm55AHzUqbWgbQOOgSRftNcWi2qciGjdFzez0RlJs+4qDhp8MbFL2Z2Y/lWqv6kE3j9rGD3eBM9838HseMIxzjGWSSOFoN3
.youtube.com/ Name: YSC
Value: ImQt8zF6JWo
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: JUcWrAT6Oig
.clickfunnels.com/ Name: __cf_bm
Value: B7yJ1UqNJt.U70HOuqH24JEG5YHSCJKRGr.NyvSMbz4-1632773922-0-ASOldl4UicgFkECB9Ub8QHT2galIDamoUv4oGlIdFIXwNHh3lFpgzIcHSfAtHvz6uy8qr0eD+dP5UgDEoSwvKfaN2dXaCbC/5LhbQTFISQcZ
www.unitedbenefits4america.com/ Name: cf:aff_sub2
Value:
www.unitedbenefits4america.com/ Name: cf:aff_sub3
Value:
www.unitedbenefits4america.com/ Name: cf:aff_sub
Value:
www.unitedbenefits4america.com/ Name: cf:affiliate_id
Value:
www.unitedbenefits4america.com/ Name: cf:cf_affiliate_id
Value:
www.unitedbenefits4america.com/ Name: cf:content
Value:
www.unitedbenefits4america.com/ Name: cf:medium
Value:
www.unitedbenefits4america.com/ Name: cf:name
Value:
www.unitedbenefits4america.com/ Name: cf:source
Value:
www.unitedbenefits4america.com/ Name: cf:term
Value:
www.unitedbenefits4america.com/ Name: cf:NDczMTM2MjY
Value: :visited=true
www.unitedbenefits4america.com/ Name: cf:visitor_id
Value: fa1587c8-1c4c-45da-9d34-29b35654ee6e
www.unitedbenefits4america.com/ Name: addevent_track_cookie
Value: 7d6f805b-156c-4195-fb83-7ef83983ed1a
.doubleclick.net/ Name: IDE
Value: AHWqTUm9HkSP237HGj0PCsDk6oOGlG2D8YVnrvmhUslEK4u-PWxLu4tX5rtAuBtC
www.unitedbenefits4america.com/ Name: is_eu
Value: true
www.unitedbenefits4america.com/ Name: spko7w6xupjljt6g
Value: true
www.unitedbenefits4america.com/ Name: 10753499_viewed_1
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Frame-Options ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.clickfunnels.com
assets.clickfunnels.com
bam-cell.nr-data.net
email.kjbm.benefits4america.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
js-agent.newrelic.com
r4---sn-4g5lznes.googlevideo.com
static.cloudflareinsights.com
static.doubleclick.net
track.addevent.com
use.fontawesome.com
www.google.com
www.gstatic.com
www.unitedbenefits4america.com
www.youtube.com
yt3.ggpht.com
104.16.12.194
104.16.13.194
104.16.16.194
104.16.94.65
142.250.184.214
142.250.185.206
142.250.185.234
142.250.186.102
142.250.186.129
142.250.186.132
142.250.186.35
142.250.74.194
151.101.130.137
162.247.243.146
172.217.23.99
172.67.214.69
52.16.116.2
52.35.110.134
74.125.160.41
004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158
045fd4ce57343257588e028026d314db88e7cc03aa84ec98ead1197bafe8c598
0a414dec90433a4b27a977fcb725a077ed68f27e8e48c8a69c10f68adff5df42
0c44b9abbe9b83f814f5beccc2b7c59b4f94bc3416638c11c00832f084a32fb4
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f
17ac8c23018cac7f9f6bc18e990353161238d86575d845e97e8175776e9a15a5
24d56ba0375f489a9dd4a99c9193385c14ebc5097210824e660d9136b6d313dd
29a0154a824f3d82a68a6f963c4b869e4cef8276637c76c0350a7c02621f38dc
2dda7aab55517e7f9891597b05888122d14982624f070902a57f0a6c9054110b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40b1e129fd55c17b3a1234e2ef332ca0cd7526573e60f78fa7fe11cc4b52549f
410b77cfed895ed4121c51db552980b028e957881909f803f67192c4ad59b315
4612db239bce32fa25c3a4d3ba67f031146409a31be39e418e3bf04854547a84
46e37a67ad9bf490d9d3c1f8f51e84e5e186af604d9de342447e950c0fdea848
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e
5cf2d602e6a7b16bf2a0b1866e945e014d8d08ecb9603a36943b8da90499a96e
5cf36bb078fb7fc60cad09bfcc89f7b4ca29c653c1eedb39b5fdf338cd1ef8a6
62b97aca219dc9aa7b073a1871afc7e9af2f5beea5df283c94841f53a264042c
645a61e2670b8471916b84f4eb65e3c273cfa38b6f050d8ed4ee31eea5b51c93
66b3a50b1f61027459efda3192f4265a316f43a8d770a7135c956bea688fe4d8
678864ce75dc361188686e8bcb527acbb7639c00420fdef0216bb926f2b2e027
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a3ad5625a8b61b03644df38871630edc72b2c584859bacb354c104fdf109947
6ee15bc8450709e869bcd46355732592a6cb1b529bd834b8017852801ef022ad
7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d
79e1e82c0aead0d05105ff5213cb1bc7e875223a18f41011bacaf98dae9d4da0
7b6ca722b11ece7b4d120738db3c14b8880487b0646a71812abaa66755033d12
7c4282c696a26636166ed0165eb98a08dec84fc4576e2f1b2b1a72dbf3f14b5e
8ac79395ad2c8c0efaf5a734544089eab4a8dce163f3b97f86d08921df5faafb
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
98246f79b1495fa4d547fc6bdff6a3de6cf8064d5cb9e5d877adee9171a7f99d
9881a70e1ba7b9c3409931942e5c9870d9295667ee29e9a84f7437543a94d0d6
9eb233d7005f6673f75e648a8050b34be28607980618099462f00472f4a997a0
9f262e297b52ce42754c6b35d8a955c5db51174b3d90ca9d87cdf6f7461c4f97
a4de127e32632bb77085a41f6e3227378a3106bd1a16dc1f4d32bae2b32160dc
a59484fb6c7dd21744c6321c1c5a633a5130822585d6f7d5f414262f8f358e7d
ac83a00770ebd3357351256773a79a3ae4116391676acc69be31f74a771f2639
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f
b21879700b64feb69823c520de8e3642973e841127052299bc83094cd9a0a5ae
b79ec3853e32493190ce5cc7545de7c741f0960f5f6b7bc4dd6e155a8b67144a
c0286ef029047162c5dd4887a0a27b431eba9bc41ed658932aa8782e0e088d46
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c3c2424d49c795d90d4a49b1d3eebff0c4c31c94686b5dcd65c21b86e8bc21ed
c76442a5c41ff566766f9cd83e78fc2ff1a510c86ca2908dc2004924d7f18316
caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
d4abf81b381809489340f3ad0e3ed4f61551b7733451b375ce138e52e301efcb
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e0189e16cf01f8149342c9f2de872cfa73571f2a145a830f18b16154bf1d2982
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed681617bc64ab164cf1837b9e423f1e80b31aafc90a38dce2f5ee84aa27f9b7
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422