medlegconlive.com Open in urlscan Pro
45.33.19.130 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://medlegconlive.com/medicallegalcourse2023
Submission Tags: falconsandbox
Submission: On February 15 via api (February 15th 2023, 10:23:22 pm UTC) from US — Scanned from DE

Summary HTTP 58 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 2 countries across 15 domains to perform 58 HTTP transactions. The main IP is 45.33.19.130, located in Richardson, United States and belongs to AKAMAI-AP Akamai Technologies, Inc., SG. The main domain is medlegconlive.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 15th 2023. Valid for: 3 months.

This is the only time medlegconlive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	45.33.19.130 45.33.19.130	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
1	34.107.203.240 34.107.203.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
2	207.150.203.28 207.150.203.28	32400 (HWSERVICE...) (HWSERVICES-32400)
2	2001:4860:480... 2001:4860:4802:36::15	15169 (GOOGLE) (GOOGLE)
1	18.66.97.53 18.66.97.53	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:400d:803::200e	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:400d:80c::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:80d::2003	15169 (GOOGLE) (GOOGLE)
3	35.192.151.63 35.192.151.63	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.222.236.43 52.222.236.43	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.116 18.66.147.116	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:807::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:806::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80c::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:805::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:805::2016	15169 (GOOGLE) (GOOGLE)
1	34.253.22.133 34.253.22.133	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:803::2003	15169 (GOOGLE) (GOOGLE)
1	63.35.239.113 63.35.239.113	16509 (AMAZON-02) (AMAZON-02)
58	22

2 45.33.19.130 (Richardson, United States)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: li973-130.members.linode.com

medlegconlive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.203.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.203.107.34.bc.googleusercontent.com

static.leadpages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.150.203.28 (United States)

ASN32400 (HWSERVICES-32400, US)
PTR: mailer.pwccrm.com

www.pwccrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)

js.center.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:400d:80c::2001 (Ireland)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.192.151.63 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.151.192.35.bc.googleusercontent.com

api.leadpages.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-43.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-116.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::2002 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2006 (Ireland)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:806::200a (Ireland)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:805::2001 (Ireland)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:805::2016 (Ireland)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.22.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-22-133.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.35.239.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-239-113.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 70	201 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 74	837 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	124 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43 jnn-pa.googleapis.com — Cisco Umbrella Rank: 187	31 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 628 script.hotjar.com — Cisco Umbrella Rank: 767 vars.hotjar.com — Cisco Umbrella Rank: 914 in.hotjar.com — Cisco Umbrella Rank: 1676	73 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 static.doubleclick.net — Cisco Umbrella Rank: 209	1 KB
3	leadpages.io api.leadpages.io — Cisco Umbrella Rank: 33934	1 KB
2	center.io js.center.io — Cisco Umbrella Rank: 42144	8 KB
2	pwccrm.com www.pwccrm.com	8 KB
2	medlegconlive.com medlegconlive.com	28 KB
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 6329	161 B
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 86	26 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 219	3 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	14 KB
1	leadpages.net static.leadpages.net — Cisco Umbrella Rank: 40350	15 KB
58	15

	Domain	Requested by
17	lh3.googleusercontent.com	medlegconlive.com
9	www.youtube.com	medlegconlive.com www.youtube.com
5	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
3	api.leadpages.io	js.center.io
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	js.center.io	medlegconlive.com js.center.io
2	www.pwccrm.com	medlegconlive.com
2	medlegconlive.com	medlegconlive.com
1	content.hotjar.io	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	medlegconlive.com
1	fonts.googleapis.com	medlegconlive.com
1	static.leadpages.net	medlegconlive.com
58	21

This site contains no links.

Subject Issuer	Validity	Valid
medlegconlive.com cPanel, Inc. Certification Authority	`2023-01-15` - `2023-04-15`	3 months	crt.sh
static.leadpages.net GTS CA 1D4	`2022-12-29` - `2023-03-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
pwccrm.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-26` - `2023-04-26`	a year	crt.sh
js.center.io GTS CA 1D4	`2023-01-27` - `2023-04-27`	3 months	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.leadpages.io Go Daddy Secure Certificate Authority - G2	`2022-10-27` - `2023-10-22`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.hotjar.io Amazon RSA 2048 M02	`2023-02-10` - `2023-12-26`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://medlegconlive.com/medicallegalcourse2023
Frame ID: 06CA823BE708556C326C5528D853E7BB
Requests: 34 HTTP requests in this frame

Frame: https://www.youtube.com/embed/7_NhGHYmRxk
Frame ID: 2463B1D055C8E5FFE5F6ABA5FE0AA32D
Requests: 21 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: C806F9E5B239B66DB6E4759F89E258B7
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
Frame ID: D3B9D7CDDA1BA94A770F185521EE7D66
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Medical/Legal Consulting Course 2022

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

58
Requests

98 %
HTTPS

57 %
IPv6

15
Domains

21
Subdomains

22
IPs

2
Countries

1371 kB
Transfer

4146 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

58 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request medicallegalcourse2023 Show response
medlegconlive.com/ 171 KB
28 KB 3202ms
2911ms Document
text/html 45.33.19.130
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://medlegconlive.com/medicallegalcourse2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.19.130 Richardson, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: li973-130.members.linode.com
Software: nginx /
Resource Hash: f31d78fe1cff8fd135a7a7aa9aa5027b6313193a691c85e3dd47cd29256c4253

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 15 Feb 2023 22:23:15 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ 58 KB
15 KB 97ms
9ms Stylesheet
text/css 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by: Host: medlegconlive.com
URL: https://medlegconlive.com/medicallegalcourse2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 22:00:48 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 260549
etag: "rvb96Q"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: 44bfb776f476334793daec22d35f55b7
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
expires: Mon, 12 Feb 2024 22:00:48 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 104ms
43ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,500,700|Lato:300,400,500,700

Requested by

Host: medlegconlive.com
URL: https://medlegconlive.com/medicallegalcourse2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5577c2e6227dc0f7df37e59a4437d87eb235547157f9e1afe7f75610caea81ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medlegconlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 Feb 2023 22:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 22:23:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Feb 2023 22:23:17 GMT

GET
H/1.1 200
OK 45.png
www.pwccrm.com/v2/images/opt_in/latest_optin/button_images/medium/ 4 KB
4 KB 692ms
159ms Image
image/png 207.150.203.28
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pwccrm.com/v2/images/opt_in/latest_optin/button_images/medium/45.png
Requested by: Host: medlegconlive.com
URL: https://medlegconlive.com/medicallegalcourse2023
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 207.150.203.28 , United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mailer.pwccrm.com
Software: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 /
Resource Hash: 1fa5deaa708f5c52428eaa95659103814544cbe4dbdc6dc80086edfbe066b117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medlegconlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 22:23:17 GMT
Last-Modified: Wed, 02 Dec 2015 13:26:25 GMT
Server: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4
ETag: "e800d5-ed6-525ea388ea240"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 3798

GET
H2 404 email-decode.min.js
medlegconlive.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 0
0 258ms
257ms Script
text/html 45.33.19.130
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://medlegconlive.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by: Host: medlegconlive.com
URL: https://medlegconlive.com/medicallegalcourse2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.33.19.130 Richardson, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: li973-130.members.linode.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medlegconlive.com/medicallegalcourse2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 22:23:15 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://medlegconlive.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 center.js Show response
js.center.io/ 12 KB
5 KB 74ms
15ms Script
application/javascript 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: medlegconlive.com
URL: https://medlegconlive.com/medicallegalcourse2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medlegconlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 22:19:42 GMT
content-encoding: gzip
server: Google Frontend
age: 215
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: bab342179a764d021040a229c8140e3e
cache-control: public, max-age=300
content-length: 5417
expires: Wed, 15 Feb 2023 22:24:42 GMT

GET
H2 200 hotjar-2801516.js Show response
static.hotjar.com/c/ 8 KB
4 KB 112ms
35ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2801516.js?sv=6

Requested by

Host: medlegconlive.com
URL: https://medlegconlive.com/medicallegalcourse2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-53.fra56.r.cloudfront.net

Software

Resource Hash

5c7d6e8ccaa23373f7c7b8c69d50369624573d11429cdbcd1eb67627bda30daf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medlegconlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 22:23:17 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/7641676d498d71faf18c03fb2f0a92b3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: LwyARhlnnSj1NjMBQy9nMkY5--PerP39sgozU5X6DQaBUWxXGAwi-Q==

GET
H2 200 7_NhGHYmRxk Show response
www.youtube.com/embed/ Frame 2463 69 KB
29 KB 151ms
87ms Document
text/html 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/7_NhGHYmRxk

Requested by

Host: medlegconlive.com
URL: https://medlegconlive.com/medicallegalcourse2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

929bc65b368b93ce23ee1e141d43e6837cb59b4285698f0a52588b8a6fa35584

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://medlegconlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 22:23:17 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 WJd1HABEuKjcyaJw-e4s4aN7Wt-VZgW3gQX0iF5v-krT2uqq3qDsdh0RkQdh237I0_oPPRzVA0VLykXV0aghgDZV1IZRuv3Ht6c=w16
lh3.googleusercontent.com/ 4 KB
4 KB 482ms
419ms Image
image/jpeg 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/WJd1HABEuKjcyaJw-e4s4aN7Wt-VZgW3gQX0iF5v-krT2uqq3qDsdh0RkQdh237I0_oPPRzVA0VLykXV0aghgDZV1IZRuv3Ht6c=w16

Requested by

Host: medlegconlive.com
URL: https://medlegconlive.com/medicallegalcourse2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9e18f575a476747c35f6da91c0c9e167629948d477a9d8f02dd7976bc3f8c5eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medlegconlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 22:23:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3631
x-xss-protection: 0
expires: Thu, 16 Feb 2023 22:23:17 GMT

GET
H2 200 iHOIyFdVaviPJqNYdePOdWJ6nC10e8C2bOVmb8Lnv2mQpHPFDDzS7WUxRCcieph7qWOVrHSkLf5vYHWOUn0570k0nQ4HkUiZqg=w16
lh3.googleusercontent.com/ 592 B
685 B 507ms
462ms Image
image/png 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/iHOIyFdVaviPJqNYdePOdWJ6nC10e8C2bOVmb8Lnv2mQpHPFDDzS7WUxRCcieph7qWOVrHSkLf5vYHWOUn0570k0nQ4HkUiZqg=w16

Requested by

Host: medlegconlive.com
URL: https://medlegconlive.com/medicallegalcourse2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a00fe8ad1a31e920e3a671cac26abacea620747f48b8d1a38ac478688df93aea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medlegconlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 22:23:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 592
x-xss-protection: 0
expires: Thu, 16 Feb 2023 22:23:17 GMT

GET
H2 200 ieQEDAFiwBPbnaOGf7g5UtG5fH23mv0-WX0Er2Mx4-xofMZHdudW97xbLZtZeQahcjHHcvDKB3_q5jUb_O0TyuzgTBPhKcGSPa0=w16
lh3.googleusercontent.com/ 1 KB
1 KB 395ms
351ms Image
image/jpeg 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/ieQEDAFiwBPbnaOGf7g5UtG5fH23mv0-WX0Er2Mx4-xofMZHdudW97xbLZtZeQahcjHHcvDKB3_q5jUb_O0TyuzgTBPhKcGSPa0=w16

Requested by

Host: medlegconlive.com
URL: https://medlegconlive.com/medicallegalcourse2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

753b32d98c194b9648752c5727b36b392adc4aad34577b12a74d42c1f7aeb1f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medlegconlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 22:23:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1442
x-xss-protection: 0
expires: Thu, 16 Feb 2023 22:23:17 GMT

GET
H2 200 c8a6cw2VMDpS4XoilnNj2SYnCYm2R8WSdlhajirbQvya5jXVH4iTwIo_HTyomfU7XIeUNyqRXhDHkSEFICXPT4uys82H3GMf3lU=w16
lh3.googleusercontent.com/ 1 KB
1 KB 476ms
432ms Image
image/jpeg 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/c8a6cw2VMDpS4XoilnNj2SYnCYm2R8WSdlhajirbQvya5jXVH4iTwIo_HTyomfU7XIeUNyqRXhDHkSEFICXPT4uys82H3GMf3lU=w16

Requested by

Host: medlegconlive.com
URL: https://medlegconlive.com/medicallegalcourse2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1ba76b7528e9c7f0a0e033bbacc1991ff46d8fe8c9d3e4f8081dd77e40eaad7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medlegconlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 22:23:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1451
x-xss-protection: 0
expires: Thu, 16 Feb 2023 22:23:17 GMT

GET
H2 200 PSAXZ1izxhcrmfLKt0xdo_MCBOp3KSJjn4TdnV22ys1Ntb9B0BZmJgei-0IIqOyOb7ADc1iZiH2d7cld-FoNQPiC97gqxX3M6A=w16
lh3.googleusercontent.com/ 1 KB
1 KB 451ms
408ms Image
image/jpeg 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/PSAXZ1izxhcrmfLKt0xdo_MCBOp3KSJjn4TdnV22ys1Ntb9B0BZmJgei-0IIqOyOb7ADc1iZiH2d7cld-FoNQPiC97gqxX3M6A=w16

Requested by

Host: medlegconlive.com
URL: https://medlegconlive.com/medicallegalcourse2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

144dced9550b7043ec3084757a2d15034764d85e99f8d970919048bbe7dad218

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medlegconlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 22:23:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1416
x-xss-protection: 0
expires: Thu, 16 Feb 2023 22:23:17 GMT

GET
H2 200 YsG1iZa9Scfs7O7vNLRgsj_Hl5JW4IVo1dHyLlH4WMssMQVI-R08Jt0v_N1LINpr9Lpyz2HFReDze2mL2trNzRNkV9dXCqOgtQ=w16
lh3.googleusercontent.com/ 2 KB
2 KB 367ms
324ms Image
image/jpeg 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/YsG1iZa9Scfs7O7vNLRgsj_Hl5JW4IVo1dHyLlH4WMssMQVI-R08Jt0v_N1LINpr9Lpyz2HFReDze2mL2trNzRNkV9dXCqOgtQ=w16

Requested by

Host: medlegconlive.com
URL: https://medlegconlive.com/medicallegalcourse2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

db4f8d5beed24b076e5cc3f104d93571df1be7fe8b9838bd693f079f8762a40c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medlegconlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 22:23:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1676
x-xss-protection: 0
expires: Thu, 16 Feb 2023 22:23:17 GMT

GET
H2 200 R_5SZNg0l066QBt9SGBE2g9gwVFLPqLZ17xxgnI6UL5eSxgZLnvc2OD6s8DA4LrQZv7nZy7bJx418XuRB_aqU04tF5beAcTiNA=w16
lh3.googleusercontent.com/ 2 KB
2 KB 398ms
397ms Image
image/jpeg 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/R_5SZNg0l066QBt9SGBE2g9gwVFLPqLZ17xxgnI6UL5eSxgZLnvc2OD6s8DA4LrQZv7nZy7bJx418XuRB_aqU04tF5beAcTiNA=w16

Requested by

Host: medlegconlive.com
URL: https://medlegconlive.com/medicallegalcourse2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1438c9ac6d62d536f84c0a876e5125aabf173a9e52027bcd6ae28e5059dc12c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medlegconlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 22:23:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2430
x-xss-protection: 0
expires: Thu, 16 Feb 2023 22:23:17 GMT

GET
H2 200 9mACO0qsqyWlkBxyi5bgrB3vvtk99AGPZFBJtnFoe1s4JeKGCxX9dM7lZgOqeCWFMxK10ik1A1O-SMOxmmGCLYQ925eOEKhmeUfz=w16
lh3.googleusercontent.com/ 4 KB
4 KB 343ms
343ms Image
image/jpeg 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/9mACO0qsqyWlkBxyi5bgrB3vvtk99AGPZFBJtnFoe1s4JeKGCxX9dM7lZgOqeCWFMxK10ik1A1O-SMOxmmGCLYQ925eOEKhmeUfz=w16

Requested by

Host: medlegconlive.com
URL: https://medlegconlive.com/medicallegalcourse2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e6e7c9278f2291d0d3cfd3f22cee42496bf5f83b40bcf31c4b8676ecc1bf2a81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medlegconlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 22:23:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3618
x-xss-protection: 0
expires: Thu, 16 Feb 2023 22:23:17 GMT

GET
H2 200 a62jSxwtLfvHEZKgFRzq3OXBwIzxCjHcLTGzXRc0Ux7HNiO-KAZT1G97hAALwD0LJ3M6kDqUqnEZD8jas9ArE0JS44sowCTOCa_i=w16
lh3.googleusercontent.com/ 321 B
391 B 353ms
352ms Image
image/jpeg 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a62jSxwtLfvHEZKgFRzq3OXBwIzxCjHcLTGzXRc0Ux7HNiO-KAZT1G97hAALwD0LJ3M6kDqUqnEZD8jas9ArE0JS44sowCTOCa_i=w16

Requested by

Host: medlegconlive.com
URL: https://medlegconlive.com/medicallegalcourse2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bc26e171b7ca7a86f5f02eddc0e15edd01e72ec3b0ee2d4f207142d4f6682493

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medlegconlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 22:23:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 321
x-xss-protection: 0
expires: Thu, 16 Feb 2023 22:23:17 GMT

GET
H2 200 b5lDhiSPsL6Hvt7UAbK9Rhim1dd_SRSlygf_kEx1IeBT7P9xxyiemb9sZTex01JmG2wxECDFuz3c6SZE3NiBU6-5fPUmR1xEEQ=w16
lh3.googleusercontent.com/ 480 B
551 B 441ms
441ms Image
image/jpeg 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/b5lDhiSPsL6Hvt7UAbK9Rhim1dd_SRSlygf_kEx1IeBT7P9xxyiemb9sZTex01JmG2wxECDFuz3c6SZE3NiBU6-5fPUmR1xEEQ=w16

Requested by

Host: medlegconlive.com
URL: https://medlegconlive.com/medicallegalcourse2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

774408213784f2255aaaf74a6576a2ba091b9e778d81a7ebe21bc45af7794c05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medlegconlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 22:23:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 480
x-xss-protection: 0
expires: Thu, 16 Feb 2023 22:23:17 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 84ms
21ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,700|Lato:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://medlegconlive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 20:35:57 GMT
x-content-type-options: nosniff
age: 92840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Feb 2024 20:35:57 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 115ms
52ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,700|Lato:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://medlegconlive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 01:07:01 GMT
x-content-type-options: nosniff
age: 162976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Feb 2024 01:07:01 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 105ms
41ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,700|Lato:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://medlegconlive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:21:12 GMT
x-content-type-options: nosniff
age: 111725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Feb 2024 15:21:12 GMT

GET
H2 200 identify.html Show response
js.center.io/ Frame C806 4 KB
2 KB 20ms
20ms Document
text/html 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer: https://medlegconlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74
cache-control: public, max-age=300
content-encoding: gzip
content-length: 2016
content-type: text/html
date: Wed, 15 Feb 2023 22:22:03 GMT
etag: "OMWYXg"
expires: Wed, 15 Feb 2023 22:27:03 GMT
server: Google Frontend
x-cloud-trace-context: 20b459ed5f3d5d5a54cfa12635656ee0

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/events/ 35 B
666 B 605ms
127ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=FcjwqW3DkunQW3FRiL6ZK8&v=&e=&st=wordpress&lc=en-US&pid=7YsmNzeBpWs9sYJ5obxWma&uid=ttAoGRutp5NckHusmVwhro&sid=WBgkRbHddrHbEZdtjtjdhE&cid=lp-FcjwqW3DkunQW3FRiL6ZK8&uri=https%3A%2F%2Fmedlegconlive.com%2Fmedicallegalcourse2023&rf=&rx=1600&ry=1200&tz=%2B00%3A00
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medlegconlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 22:23:17 GMT
Server: Stargate
access-control-max-age: 600
Transfer-Encoding: chunked
Content-Type: image/gif
access-control-allow-origin: https://medlegconlive.com
X-Forwarded-For: 146.70.117.102
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 0239k87orfph36hfld9g

GET
H2 200 modules.f8ad4d13a21d1f1b3509.js Show response
script.hotjar.com/ 263 KB
67 KB 55ms
9ms Script
application/javascript 52.222.236.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.f8ad4d13a21d1f1b3509.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2801516.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-43.fra56.r.cloudfront.net

Software

Resource Hash

3d58fc1c1d990c6672ffbd86ad94df529cae6a0008a4603d55af99c92ba66ffd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medlegconlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 17:00:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 19391
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68439
last-modified: Wed, 15 Feb 2023 16:59:13 GMT
etag: "247b4b294532c54e03e1d54dd5d6fe09"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 0qXcSBBKdKAxfVZuJwRKz3ynnYsWNljg1vyO33fenZ3ZXyPnaL2haQ==

GET
H2 200 www-player.css
www.youtube.com/s/player/d405f6b4/ Frame 2463 395 KB
51 KB 22ms
20ms Stylesheet
text/css 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d405f6b4/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7_NhGHYmRxk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aac0a0e8c4b9bd6250bc0829794d056ac353997cfdd0a1a67c838a956748d253

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7_NhGHYmRxk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 20:40:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 178985
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51976
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 01:14:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 13 Feb 2024 20:40:12 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/d405f6b4/www-embed-player.vflset/ Frame 2463 345 KB
108 KB 34ms
32ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d405f6b4/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7_NhGHYmRxk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a752bfb018856bde51066ff3495c20fb473afad1d06a578eb50caebbfe78b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7_NhGHYmRxk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 20:40:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 178985
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110180
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 01:14:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 13 Feb 2024 20:40:12 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/ Frame 2463 2 MB
603 KB 62ms
61ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7_NhGHYmRxk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b63f208d7453b4553e06890bdd2e3190b2cdee3b8aad95a141b88a61ba969060

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7_NhGHYmRxk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 20:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 178400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 617066
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 01:14:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 13 Feb 2024 20:49:57 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/d405f6b4/fetch-polyfill.vflset/ Frame 2463 9 KB
3 KB 46ms
44ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d405f6b4/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7_NhGHYmRxk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7_NhGHYmRxk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 20:40:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 178985
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 01:14:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 13 Feb 2024 20:40:12 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2463 15 KB
15 KB 23ms
22ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7_NhGHYmRxk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 02:55:21 GMT
x-content-type-options: nosniff
age: 502076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Feb 2024 02:55:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2463 15 KB
15 KB 21ms
20ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7_NhGHYmRxk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 02:34:10 GMT
x-content-type-options: nosniff
age: 416947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Feb 2024 02:34:10 GMT

GET
H2 200 WJd1HABEuKjcyaJw-e4s4aN7Wt-VZgW3gQX0iF5v-krT2uqq3qDsdh0RkQdh237I0_oPPRzVA0VLykXV0aghgDZV1IZRuv3Ht6c=w1600
lh3.googleusercontent.com/ 124 KB
124 KB 231ms
229ms Image
image/jpeg 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/WJd1HABEuKjcyaJw-e4s4aN7Wt-VZgW3gQX0iF5v-krT2uqq3qDsdh0RkQdh237I0_oPPRzVA0VLykXV0aghgDZV1IZRuv3Ht6c=w1600

Requested by

Host: medlegconlive.com
URL: https://medlegconlive.com/medicallegalcourse2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

91e3114255fa96385271e83a868480d5bb92c09389cc873a6de9738f24ecf8fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medlegconlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 22:23:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127117
x-xss-protection: 0
expires: Thu, 16 Feb 2023 22:23:17 GMT

GET
H2 200 iHOIyFdVaviPJqNYdePOdWJ6nC10e8C2bOVmb8Lnv2mQpHPFDDzS7WUxRCcieph7qWOVrHSkLf5vYHWOUn0570k0nQ4HkUiZqg=w156
lh3.googleusercontent.com/ 26 KB
26 KB 269ms
266ms Image
image/png 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/iHOIyFdVaviPJqNYdePOdWJ6nC10e8C2bOVmb8Lnv2mQpHPFDDzS7WUxRCcieph7qWOVrHSkLf5vYHWOUn0570k0nQ4HkUiZqg=w156

Requested by

Host: medlegconlive.com
URL: https://medlegconlive.com/medicallegalcourse2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

21beb1c1bdd7e924d74b16e3516149e0a124c24dae8314d925bbb1de4231578f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medlegconlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 22:23:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26286
x-xss-protection: 0
expires: Thu, 16 Feb 2023 22:23:17 GMT

GET
H2 200 ieQEDAFiwBPbnaOGf7g5UtG5fH23mv0-WX0Er2Mx4-xofMZHdudW97xbLZtZeQahcjHHcvDKB3_q5jUb_O0TyuzgTBPhKcGSPa0=w156
lh3.googleusercontent.com/ 5 KB
5 KB 169ms
165ms Image
image/jpeg 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/ieQEDAFiwBPbnaOGf7g5UtG5fH23mv0-WX0Er2Mx4-xofMZHdudW97xbLZtZeQahcjHHcvDKB3_q5jUb_O0TyuzgTBPhKcGSPa0=w156

Requested by

Host: medlegconlive.com
URL: https://medlegconlive.com/medicallegalcourse2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8b11648acee5605589530dd72e10233e2a7af50ccd4cf9d2d2025295dd75861a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medlegconlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 22:23:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4783
x-xss-protection: 0
expires: Thu, 16 Feb 2023 22:23:17 GMT

GET
H2 200 c8a6cw2VMDpS4XoilnNj2SYnCYm2R8WSdlhajirbQvya5jXVH4iTwIo_HTyomfU7XIeUNyqRXhDHkSEFICXPT4uys82H3GMf3lU=w156
lh3.googleusercontent.com/ 6 KB
6 KB 235ms
232ms Image
image/jpeg 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/c8a6cw2VMDpS4XoilnNj2SYnCYm2R8WSdlhajirbQvya5jXVH4iTwIo_HTyomfU7XIeUNyqRXhDHkSEFICXPT4uys82H3GMf3lU=w156

Requested by

Host: medlegconlive.com
URL: https://medlegconlive.com/medicallegalcourse2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b8a886c06baf4c3e8e1e0a5807efbe33407c66548f25a19228a60668fcaa60ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medlegconlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 22:23:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5858
x-xss-protection: 0
expires: Thu, 16 Feb 2023 22:23:17 GMT

GET
H2 200 PSAXZ1izxhcrmfLKt0xdo_MCBOp3KSJjn4TdnV22ys1Ntb9B0BZmJgei-0IIqOyOb7ADc1iZiH2d7cld-FoNQPiC97gqxX3M6A=w156
lh3.googleusercontent.com/ 6 KB
6 KB 207ms
204ms Image
image/jpeg 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/PSAXZ1izxhcrmfLKt0xdo_MCBOp3KSJjn4TdnV22ys1Ntb9B0BZmJgei-0IIqOyOb7ADc1iZiH2d7cld-FoNQPiC97gqxX3M6A=w156

Requested by

Host: medlegconlive.com
URL: https://medlegconlive.com/medicallegalcourse2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3d8caf5aacb76e1aa209d6e695a04c08f0a7d9dc2ec823a142c938c6ffa0671c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medlegconlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 22:23:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6516
x-xss-protection: 0
expires: Thu, 16 Feb 2023 22:23:17 GMT

GET
H2 200 YsG1iZa9Scfs7O7vNLRgsj_Hl5JW4IVo1dHyLlH4WMssMQVI-R08Jt0v_N1LINpr9Lpyz2HFReDze2mL2trNzRNkV9dXCqOgtQ=w156
lh3.googleusercontent.com/ 7 KB
7 KB 120ms
117ms Image
image/jpeg 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/YsG1iZa9Scfs7O7vNLRgsj_Hl5JW4IVo1dHyLlH4WMssMQVI-R08Jt0v_N1LINpr9Lpyz2HFReDze2mL2trNzRNkV9dXCqOgtQ=w156

Requested by

Host: medlegconlive.com
URL: https://medlegconlive.com/medicallegalcourse2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d80e46000edde912d2f2d0d241298e76d13e3b49478ba9983ce7ce5aca89d2dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medlegconlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 22:23:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7198
x-xss-protection: 0
expires: Thu, 16 Feb 2023 22:23:17 GMT

GET
H2 200 R_5SZNg0l066QBt9SGBE2g9gwVFLPqLZ17xxgnI6UL5eSxgZLnvc2OD6s8DA4LrQZv7nZy7bJx418XuRB_aqU04tF5beAcTiNA=w156
lh3.googleusercontent.com/ 9 KB
9 KB 209ms
207ms Image
image/jpeg 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/R_5SZNg0l066QBt9SGBE2g9gwVFLPqLZ17xxgnI6UL5eSxgZLnvc2OD6s8DA4LrQZv7nZy7bJx418XuRB_aqU04tF5beAcTiNA=w156

Requested by

Host: medlegconlive.com
URL: https://medlegconlive.com/medicallegalcourse2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

17606e3d8693cb2b95943c88cdcad61272b34f2e152a154a685b6dc9f410da73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medlegconlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 22:23:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9246
x-xss-protection: 0
expires: Thu, 16 Feb 2023 22:23:17 GMT

GET
H2 200 box-e031119f9e9e307a08fa610f85dbfb52.html Show response
vars.hotjar.com/ Frame D3B9 2 KB
1 KB 85ms
7ms Document
text/html 18.66.147.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2801516.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-116.fra60.r.cloudfront.net

Software

Resource Hash

f92333a45b532bdb5248178674b041b1c35edfd33a55df48192256f0bfe49e4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://medlegconlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1069991
cache-control: max-age=31536000
content-encoding: br
content-length: 1034
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 13:10:06 GMT
etag: "112fdf47cdb80b9ce3d033ed09717460"
last-modified: Fri, 03 Feb 2023 13:09:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
x-amz-cf-id: _IS7EdSjD3L5ylNFPpiCCGy8xRcfjFBHd1dObHFuQCVIZSbsaNDLRA==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 2463
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

42ms
41ms

XHR
application/json

2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7_NhGHYmRxk

Protocol

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f8ebb96f5eca0e13aee933a0d41b09eb0da22156be01b93ee214b60fdf4ebca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 22:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 15 Feb 2023 22:23:17 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 2463 29 B
494 B 95ms
20ms Script
text/javascript 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d405f6b4/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 22:19:15 GMT
x-content-type-options: nosniff
age: 242
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 15 Feb 2023 22:34:15 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 194ms
41ms Preflight
text/html 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 15 Feb 2023 22:23:17 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2463 65 KB
30 KB 65ms
64ms XHR
application/json+protobuf 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0a404e15a28f70bb07fa26998c0c74245a25d83f7a98c928f487f5ef7eac4167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 15 Feb 2023 22:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30775
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/ Frame 2463 116 KB
36 KB 21ms
21ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b1795b50b8a462e5aead6e3bdf11d1cd7c4c93a14bfd64cc18ddb34613291fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7_NhGHYmRxk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 20:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 178400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36393
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 01:14:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 13 Feb 2024 20:49:57 GMT

GET
H2 200 5Ka4arGt5d4VD_jyrt9MFh6TtJKT92Mg__ZonRezLjA.js Show response
www.google.com/js/th/ Frame 2463 36 KB
14 KB 86ms
20ms Script
text/javascript 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/5Ka4arGt5d4VD_jyrt9MFh6TtJKT92Mg__ZonRezLjA.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4a6b86ab1ade5de150ff8f2aedf4c161e93b49293f76320fff6689d17b32e30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 09:07:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14217
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 12:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 09:07:13 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/ Frame 2463 26 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd8d860a8b8d8476650dd25db0abbd92a995d5bb577b00a2de930b5acb0147be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7_NhGHYmRxk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 01:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 162590
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8403
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 01:14:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 14 Feb 2024 01:13:27 GMT

GET
DATA 200
OK truncated
/ Frame 2463 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AL5GRJV73A3Z3FhNKMVJmBGQHfMtxu879keQn_1e2ui5=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 2463 3 KB
3 KB 131ms
47ms Image
image/jpeg 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AL5GRJV73A3Z3FhNKMVJmBGQHfMtxu879keQn_1e2ui5=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7_NhGHYmRxk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

790f73a53f06ff9a3aa2ce0e36b156fba2683ac0a01c282ca969944f526bebed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 22:23:17 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3216
x-xss-protection: 0
server: fife
etag: "v4c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 16 Feb 2023 16:36:05 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/7_NhGHYmRxk/ Frame 2463 25 KB
26 KB 284ms
200ms Image
image/jpeg 2a00:1450:400d:805::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/7_NhGHYmRxk/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AHUBoAC4AOKAgwIABABGGggaChoMA8=&rs=AOn4CLC8Txsbcj_mxGD1jrx8p-o_dm5Xyw

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7_NhGHYmRxk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81517a796e2c88e78ab6beaf81f74a40b3b46b3318ec40ccea4798651c1c3300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 22:23:17 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26050
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 16 Feb 2023 00:23:17 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2801516/ 148 B
323 B 197ms
41ms XHR
application/json 34.253.22.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2801516/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.f8ad4d13a21d1f1b3509.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.22.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-22-133.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e06e9fa0c40a8cc645b697a45747eb06cb230ca0a48862a26847435d314ab228

Request headers

Referer: https://medlegconlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 15 Feb 2023 22:23:17 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 2463 4 KB
2 KB 169ms
92ms Script
text/javascript 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 22:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 22:23:17 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 2463 0
10 B 38ms
38ms Image
text/plain 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?UPmxRQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/7_NhGHYmRxk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7_NhGHYmRxk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 22:23:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2463 90 B
134 B 45ms
44ms XHR
application/json+protobuf 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e90301b58c24f295333ca077374d9570139c62beb994f9340fc5d811f4d6ee31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 15 Feb 2023 22:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 41ms
41ms Preflight
text/html 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 15 Feb 2023 22:23:17 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 265ms
62ms XHR
application/json 63.35.239.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.f8ad4d13a21d1f1b3509.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.239.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-239-113.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0e8771ec5f02ceb97655f9aac74948131b714d9abfb0ab4bc0697883ae6edb2c

Request headers

Referer: https://medlegconlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 15 Feb 2023 22:23:18 GMT
content-length: 56
vary: Origin
content-type: application/json

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/110/ Frame 2463 50 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/110/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 20:08:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14851
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 16:13:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 16 Feb 2023 20:08:14 GMT

GET
H/1.1 200
OK pwccrm_fields_function_new.js Show response
www.pwccrm.com/v2/js/ 4 KB
4 KB 137ms
137ms Script
application/javascript 207.150.203.28
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pwccrm.com/v2/js/pwccrm_fields_function_new.js
Requested by: Host: medlegconlive.com
URL: https://medlegconlive.com/medicallegalcourse2023
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 207.150.203.28 , United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mailer.pwccrm.com
Software: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 /
Resource Hash: 7f5cfea5890989ec4349de61c9722dbf806f51aff433dfc2d45632769ff657c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medlegconlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 22:23:17 GMT
Last-Modified: Mon, 01 Feb 2016 06:50:39 GMT
Server: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4
ETag: "e61acd-e3a-52aafcd814dc0"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 3642

GET
H/1.1 200
OK capture
api.leadpages.io/analytics/v1/observations/ 35 B
356 B 121ms
120ms Image
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=28,262,2910,3202,2,3205,3569,3573,4154,4155
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medlegconlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 22:23:17 GMT
Server: Stargate
Transfer-Encoding: chunked
X-Forwarded-For: 146.70.117.102
Content-Type: image/gif
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 0239k89lva5vbr5jc9lg

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 2463 28 B
54 B 51ms
47ms XHR
application/json 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d405f6b4/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
X-Goog-Request-Time: 1676499799945
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/7_NhGHYmRxk
X-YouTube-Client-Version: 1.20230212.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgt4aF94dzBsREVKbyjVtrWfBg%3D%3D
X-YouTube-Ad-Signals: dt=1676499797355&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C504%2C283&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 15 Feb 2023 22:23:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Wed, 15 Feb 2023 22:23:19 GMT

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
441 B 118ms
117ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=E2sqQybYC8iK3FVRVp8MP7&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=75.79999923706055,44.39999961853027,1,605.8999996185303
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medlegconlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 22:23:21 GMT
Server: Stargate
access-control-max-age: 600
Transfer-Encoding: chunked
Content-Type: image/gif
access-control-allow-origin: https://medlegconlive.com
X-Forwarded-For: 146.70.117.102
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 0239k98ejtp7njpnj8rg

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.api.leadpages.io/analytics/v1/events/capture	1970-01-20 09:43:06	Name: view.7YsmNzeBpWs9sYJ5obxWma.FcjwqW3DkunQW3FRiL6ZK8 Value: 1676499798000
js.center.io/	1970-01-20 19:17:39	Name: centerVisitorId Value: ttAoGRutp5NckHusmVwhro
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: EZ7N7J8Q9aI
.youtube.com/	1970-01-20 14:00:51	Name: DEVICE_INFO Value: ChxOekl3TURVeE1UZ3dNRGMwTnpNek5UVTBNZz09ENW2tZ8GGNW2tZ8G
.youtube.com/	1970-01-20 14:00:51	Name: VISITOR_INFO1_LIVE Value: xh_xw0lDEJo
.medlegconlive.com/	1970-01-20 18:27:15	Name: _hjSessionUser_2801516 Value: eyJpZCI6IjNiNmIzZjhjLTlhMGMtNTIxNi04ZWU3LWQ5ZDJkYjQ4NDVmOSIsImNyZWF0ZWQiOjE2NzY0OTk3OTczMTMsImV4aXN0aW5nIjpmYWxzZX0=
.medlegconlive.com/	1970-01-20 09:41:41	Name: _hjFirstSeen Value: 1
.medlegconlive.com/	1970-01-20 09:41:39	Name: _hjIncludedInSessionSample_2801516 Value: 1
.medlegconlive.com/	1970-01-20 09:41:41	Name: _hjSession_2801516 Value: eyJpZCI6ImVhMGRkMmQ4LTE5MzUtNGQzNi04MzQ3LTExMWFjYTA5MWU4YiIsImNyZWF0ZWQiOjE2NzY0OTk3OTc2MjksImluU2FtcGxlIjp0cnVlfQ==
medlegconlive.com/	1970-01-20 09:41:39	Name: _hjIncludedInPageviewSample Value: 1
.medlegconlive.com/	1970-01-20 09:41:41	Name: _hjAbsoluteSessionInProgress Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://medlegconlive.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.leadpages.io
content.hotjar.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
in.hotjar.com
jnn-pa.googleapis.com
js.center.io
lh3.googleusercontent.com
medlegconlive.com
script.hotjar.com
static.doubleclick.net
static.hotjar.com
static.leadpages.net
vars.hotjar.com
www.google.com
www.gstatic.com
www.pwccrm.com
www.youtube.com
yt3.ggpht.com
18.66.147.116
18.66.97.53
2001:4860:4802:36::15
207.150.203.28
2a00:1450:400d:803::2003
2a00:1450:400d:803::200e
2a00:1450:400d:805::2001
2a00:1450:400d:805::2016
2a00:1450:400d:806::200a
2a00:1450:400d:807::2006
2a00:1450:400d:80c::2001
2a00:1450:400d:80c::2002
2a00:1450:400d:80c::2004
2a00:1450:400d:80c::200a
2a00:1450:400d:80d::2003
34.107.203.240
34.253.22.133
35.192.151.63
45.33.19.130
52.222.236.43
63.35.239.113
07a752bfb018856bde51066ff3495c20fb473afad1d06a578eb50caebbfe78b6
0a404e15a28f70bb07fa26998c0c74245a25d83f7a98c928f487f5ef7eac4167
0e8771ec5f02ceb97655f9aac74948131b714d9abfb0ab4bc0697883ae6edb2c
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
1438c9ac6d62d536f84c0a876e5125aabf173a9e52027bcd6ae28e5059dc12c8
144dced9550b7043ec3084757a2d15034764d85e99f8d970919048bbe7dad218
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
17606e3d8693cb2b95943c88cdcad61272b34f2e152a154a685b6dc9f410da73
1b1795b50b8a462e5aead6e3bdf11d1cd7c4c93a14bfd64cc18ddb34613291fb
1ba76b7528e9c7f0a0e033bbacc1991ff46d8fe8c9d3e4f8081dd77e40eaad7c
1fa5deaa708f5c52428eaa95659103814544cbe4dbdc6dc80086edfbe066b117
21beb1c1bdd7e924d74b16e3516149e0a124c24dae8314d925bbb1de4231578f
3d58fc1c1d990c6672ffbd86ad94df529cae6a0008a4603d55af99c92ba66ffd
3d8caf5aacb76e1aa209d6e695a04c08f0a7d9dc2ec823a142c938c6ffa0671c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4f8ebb96f5eca0e13aee933a0d41b09eb0da22156be01b93ee214b60fdf4ebca
5577c2e6227dc0f7df37e59a4437d87eb235547157f9e1afe7f75610caea81ee
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c7d6e8ccaa23373f7c7b8c69d50369624573d11429cdbcd1eb67627bda30daf
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
753b32d98c194b9648752c5727b36b392adc4aad34577b12a74d42c1f7aeb1f7
774408213784f2255aaaf74a6576a2ba091b9e778d81a7ebe21bc45af7794c05
790f73a53f06ff9a3aa2ce0e36b156fba2683ac0a01c282ca969944f526bebed
7f5cfea5890989ec4349de61c9722dbf806f51aff433dfc2d45632769ff657c1
81517a796e2c88e78ab6beaf81f74a40b3b46b3318ec40ccea4798651c1c3300
8b11648acee5605589530dd72e10233e2a7af50ccd4cf9d2d2025295dd75861a
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91e3114255fa96385271e83a868480d5bb92c09389cc873a6de9738f24ecf8fe
929bc65b368b93ce23ee1e141d43e6837cb59b4285698f0a52588b8a6fa35584
9e18f575a476747c35f6da91c0c9e167629948d477a9d8f02dd7976bc3f8c5eb
a00fe8ad1a31e920e3a671cac26abacea620747f48b8d1a38ac478688df93aea
aac0a0e8c4b9bd6250bc0829794d056ac353997cfdd0a1a67c838a956748d253
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b63f208d7453b4553e06890bdd2e3190b2cdee3b8aad95a141b88a61ba969060
b8a886c06baf4c3e8e1e0a5807efbe33407c66548f25a19228a60668fcaa60ee
bc26e171b7ca7a86f5f02eddc0e15edd01e72ec3b0ee2d4f207142d4f6682493
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
cd8d860a8b8d8476650dd25db0abbd92a995d5bb577b00a2de930b5acb0147be
d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d80e46000edde912d2f2d0d241298e76d13e3b49478ba9983ce7ce5aca89d2dd
db4f8d5beed24b076e5cc3f104d93571df1be7fe8b9838bd693f079f8762a40c
e06e9fa0c40a8cc645b697a45747eb06cb230ca0a48862a26847435d314ab228
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a6b86ab1ade5de150ff8f2aedf4c161e93b49293f76320fff6689d17b32e30
e6e7c9278f2291d0d3cfd3f22cee42496bf5f83b40bcf31c4b8676ecc1bf2a81
e90301b58c24f295333ca077374d9570139c62beb994f9340fc5d811f4d6ee31
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f31d78fe1cff8fd135a7a7aa9aa5027b6313193a691c85e3dd47cd29256c4253
f92333a45b532bdb5248178674b041b1c35edfd33a55df48192256f0bfe49e4e

medlegconlive.com Open in urlscan Pro 45.33.19.130 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

58 Requests

98 %HTTPS

57 %IPv6

15 Domains

21 Subdomains

22 IPs

2 Countries

1371 kBTransfer

4146 kBSize

11 Cookies

0 Outgoing links

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

medlegconlive.com Open in urlscan Pro
45.33.19.130 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

98 %
HTTPS

57 %
IPv6

15
Domains

21
Subdomains

22
IPs

2
Countries

1371 kB
Transfer

4146 kB
Size

11
Cookies

58 HTTP transactions
1 data transactions