pfclaim.com Open in urlscan Pro
103.53.42.63 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pfclaim.com/
Submission: On May 15 via automatic, source certstream-suspicious (May 15th 2021, 8:20:05 pm UTC)

Summary HTTP 124 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 18 domains to perform 124 HTTP transactions. The main IP is 103.53.42.63, located in India and belongs to PUBLIC-DOMAIN-REGISTRY, US. The main domain is pfclaim.com.
TLS certificate: Issued by R3 on March 11th 2021. Valid for: 3 months.

This is the only time pfclaim.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
46	103.53.42.63 103.53.42.63	394695 (PUBLIC-DO...) (PUBLIC-DOMAIN-REGISTRY)
1	5.101.45.5 5.101.45.5	209813 (FASTCONTENT) (FASTCONTENT)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f016:14:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	78.46.57.120 78.46.57.120	24940 (HETZNER-AS) (HETZNER-AS)
8	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f116:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:4f::a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
124	23

46 103.53.42.63 (India)

ASN394695 (PUBLIC-DOMAIN-REGISTRY, US)
PTR: cp-in-11.webhostbox.net

pfclaim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.101.45.5 (Haarlem, Netherlands)

ASN209813 (FASTCONTENT, DE)

check-primeprize.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f016:14:face:b00c:0:3 (Warsaw, Poland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.57.120 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.120.57.46.78.clients.your-server.de

static.getbutton.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f116:83:face:b00c:0:25de (Warsaw, Poland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:4f::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r4---sn-4g5e6nl7.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	pfclaim.com pfclaim.com	1 MB
23	youtube.com www.youtube.com	746 KB
11	googlevideo.com r4---sn-4g5e6nl7.googlevideo.com	1 MB
8	gstatic.com fonts.gstatic.com www.gstatic.com	70 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	156 KB
6	googleapis.com fonts.googleapis.com translate.googleapis.com	98 KB
4	ytimg.com i.ytimg.com	85 KB
4	doubleclick.net googleads.g.doubleclick.net static.doubleclick.net	6 KB
3	google.com translate.google.com adservice.google.com www.google.com	18 KB
2	ggpht.com yt3.ggpht.com	5 KB
2	facebook.com www.facebook.com	423 B
2	getbutton.io 1 redirects static.getbutton.io	85 KB
2	facebook.net connect.facebook.net	97 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.de adservice.google.de	799 B
1	googleadservices.com partner.googleadservices.com	638 B
1	check-primeprize.life check-primeprize.life	732 B
0	Failed function sub() { [native code] }. Failed
124	18

	Domain	Requested by
46	pfclaim.com	pfclaim.com
23	www.youtube.com	pfclaim.com www.youtube.com
11	r4---sn-4g5e6nl7.googlevideo.com	www.youtube.com
5	pagead2.googlesyndication.com	pfclaim.com pagead2.googlesyndication.com tpc.googlesyndication.com
4	i.ytimg.com	www.youtube.com
4	www.gstatic.com	pfclaim.com translate.googleapis.com www.youtube.com
4	translate.googleapis.com	translate.google.com translate.googleapis.com srcdoc
4	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.youtube.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	yt3.ggpht.com	www.youtube.com
2	www.facebook.com	pfclaim.com connect.facebook.net
2	static.getbutton.io	1 redirects pfclaim.com
2	connect.facebook.net	pfclaim.com connect.facebook.net
2	fonts.googleapis.com	pfclaim.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	translate.google.com	pfclaim.com
1	check-primeprize.life	pfclaim.com
0	localhost Failed	pfclaim.com
124	24

This site contains links to these domains. Also see Links.

Domain
translate.google.com
wa.me
getbutton.io

Subject Issuer	Validity	Valid
autodiscover.pfclaim.com R3	`2021-03-11` - `2021-06-09`	3 months	crt.sh
check-primeprize.life R3	`2021-02-25` - `2021-05-26`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.getbutton.io Sectigo RSA Domain Validation Secure Server CA	`2019-09-26` - `2021-09-23`	2 years	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.c.docs.google.com GTS CA 1O1	`2021-05-04` - `2021-07-13`	2 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://pfclaim.com/
Frame ID: 06F4B3BC2400A19798795FBA0E853E3B
Requests: 76 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210511/r20190131/zrt_lookup.html
Frame ID: 46B36821062BDEA6308C5588A130A6D5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9964349106693631&output=html&adk=1812271804&adf=3025194257&lmt=1621109985&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpfclaim.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621109985483&bpp=4&bdt=891&idt=79&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1277420213545&frm=20&pv=2&ga_vid=96303207.1621109986&ga_sid=1621109986&ga_hid=1462719360&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061139&oid=3&pvsid=1202139814112173&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=108
Frame ID: 7CB9078E1A76AEA02BAA20D3B34CCD1C
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: F297F29A62B9A7EB168558200D536439
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1
Frame ID: 0893D472F777379A9300624A08203E03
Requests: 46 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: C98138A9A0AE3EDD1194E69C1C2F767A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

124
Requests

99 %
HTTPS

82 %
IPv6

18
Domains

24
Subdomains

23
IPs

5
Countries

3957 kB
Transfer

7738 kB
Size

5
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://translate.google.com/
Title: Translate

Search URL Search Domain Scan URL

URL: https://wa.me/917888059992?text=Hii%20Nandraj%20
Title: Contact Developer

Search URL Search Domain Scan URL

URL: https://wa.me/917038270618
Title: Message us

Search URL Search Domain Scan URL

URL: http://getbutton.io/?utm_campaign=multy_widget&utm_medium=widget&utm_source=pfclaim.com
Title: GetButton

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://static.getbutton.io/widget-send-button/js/init.js HTTP 302
https://static.getbutton.io/widget/bundle.js

124 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
pfclaim.com/ 91 KB
26 KB 2764ms
2421ms Document
text/html 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: c3425fc9fa50d53a2ac2588494a86807c2c3c6f481125bf5a2effdc516e11c77

Request headers

:method: GET
:authority: pfclaim.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:42 GMT
server: Apache
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK popunder.js Show response
check-primeprize.life/js/ 812 B
732 B 209ms
67ms Script
application/javascript 5.101.45.5
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://check-primeprize.life/js/popunder.js
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.45.5 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: e2ba34d1b1dcbbecb347fbfd6cdc7dc3ce039a10480def8b371fad59fc6e4caa

Request headers

Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 15 May 2021 20:19:44 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Dec 2019 11:04:44 GMT
Server: nginx
ETag: W/"5def7bcc-32c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-transform
Connection: close

GET
H2 200 gtranslate-style24.css
pfclaim.com/wp-content/plugins/gtranslate/ 693 B
389 B 205ms
205ms Stylesheet
text/css 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=5.5.5
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: 226456d9a9eef8f0831b6b181be100a49cbaec1651a8bd45d7d0cc897d161538

Request headers

:path: /wp-content/plugins/gtranslate/gtranslate-style24.css?ver=5.5.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:44 GMT
content-encoding: gzip
last-modified: Mon, 12 Oct 2020 15:44:12 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 299

GET
H2 200 style.min.css
pfclaim.com/wp-content/themes/astra/assets/css/minified/ 86 KB
21 KB 214ms
214ms Stylesheet
text/css 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-content/themes/astra/assets/css/minified/style.min.css?ver=2.5.5
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: 62c2aafc4d87c9187996f40a2f23df9710d98ade7366818aedc6233acfe97614

Request headers

:path: /wp-content/themes/astra/assets/css/minified/style.min.css?ver=2.5.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:44 GMT
content-encoding: gzip
last-modified: Sun, 04 Oct 2020 20:31:00 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 4 KB
757 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C%7CMontserrat%3A800%2C&display=fallback&ver=2.5.5

Requested by

Host: pfclaim.com
URL: https://pfclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ff59d970125b2831145ca3cd76004136b257ddcf225198c013dbd4d73e3f1ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 15 May 2021 20:19:44 GMT
server: ESF
date: Sat, 15 May 2021 20:19:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 May 2021 20:19:44 GMT

GET
H2 200 style.min.css
pfclaim.com/wp-includes/css/dist/block-library/ 53 KB
10 KB 282ms
280ms Stylesheet
text/css 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.5
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.5.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:44 GMT
content-encoding: gzip
last-modified: Thu, 27 Aug 2020 18:00:38 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 10450

GET
H2 200 wpforms-base.min.css
pfclaim.com/wp-content/plugins/wpforms-lite/assets/css/ 21 KB
5 KB 291ms
288ms Stylesheet
text/css 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-content/plugins/wpforms-lite/assets/css/wpforms-base.min.css?ver=1.6.2.3
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: 9be30422afde4bcdc130ea9dee19f1d734266e10ed6d4147cca23c4d0b6080fc

Request headers

:path: /wp-content/plugins/wpforms-lite/assets/css/wpforms-base.min.css?ver=1.6.2.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:44 GMT
content-encoding: gzip
last-modified: Sun, 04 Oct 2020 21:39:48 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 4911

GET
H2 200 elementor-icons.min.css
pfclaim.com/wp-content/plugins/elementor/assets/lib/eicons/css/ 17 KB
4 KB 422ms
419ms Stylesheet
text/css 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.11.0
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: e36eaa6e7cebbd4138dfb008ee3d53ab8195f45953b0f4f27d0d8156ab059021

Request headers

:path: /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.11.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:44 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 14:00:11 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 3638

GET
H2 200 animations.min.css
pfclaim.com/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
3 KB 420ms
417ms Stylesheet
text/css 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.1.4
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

:path: /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.1.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:44 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 14:00:11 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 2997

GET
H2 200 frontend-legacy.min.css
pfclaim.com/wp-content/plugins/elementor/assets/css/ 4 KB
666 B 288ms
285ms Stylesheet
text/css 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.1.4
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: 23bab5a05182506187ce6943078fb7da525eeb9f89d82e2708cb3ca4ab8b4f0e

Request headers

:path: /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.1.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:44 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 14:00:11 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 612

GET
H2 200 frontend.min.css
pfclaim.com/wp-content/plugins/elementor/assets/css/ 113 KB
24 KB 353ms
350ms Stylesheet
text/css 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.1.4
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: ef32867be98f1832f9b1bf55f59dc99c403d22a407e74aa9e47e50c81f555702

Request headers

:path: /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.1.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:44 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 14:00:11 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/css

GET
H2 200 post-333.css
pfclaim.com/wp-content/uploads/elementor/css/ 948 B
387 B 205ms
202ms Stylesheet
text/css 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-content/uploads/elementor/css/post-333.css?ver=1616162462
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: 3730079c1215117fdc977b203b5f16a8a0a28af20d5a4be3541dd1921cc3e97c

Request headers

:path: /wp-content/uploads/elementor/css/post-333.css?ver=1616162462
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:44 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 14:01:02 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 332

GET
H2 200 all.min.css
pfclaim.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 58 KB
13 KB 420ms
417ms Stylesheet
text/css 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.1.4
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Request headers

:path: /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.1.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:44 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 14:00:11 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 12862

GET
H2 200 v4-shims.min.css
pfclaim.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 26 KB
4 KB 420ms
417ms Stylesheet
text/css 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.1.4
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: fda3035030d3843c2751dc0da65fb802230ec00a4008aeed83ddddc7b97cbc93

Request headers

:path: /wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.1.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:44 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 14:00:11 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 4435

GET
H2 200 post-127.css
pfclaim.com/wp-content/uploads/elementor/css/ 41 KB
7 KB 291ms
289ms Stylesheet
text/css 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-content/uploads/elementor/css/post-127.css?ver=1616162462
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: b6f7044498486ddeacef65e62a83f545cf15ae7ca51b18f1c0026f5174badc73

Request headers

:path: /wp-content/uploads/elementor/css/post-127.css?ver=1616162462
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:44 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 14:01:02 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 7089

GET
H2 200 /
pfclaim.com/ 32 B
76 B 514ms
512ms Stylesheet
text/css 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/?sccss=1&ver=5.5.5
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: f9f3096bd2f451b354c8471fd67b29884d31ab8d0779b2c9147ebf9df0283ba5

Request headers

:path: /?sccss=1&ver=5.5.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:44 GMT
server: Apache
content-length: 32
content-type: text/css;charset=UTF-8

GET
H2 200 css
fonts.googleapis.com/ 42 KB
2 KB 16ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.5

Requested by

Host: pfclaim.com
URL: https://pfclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

30a949187cdd1c73e43b3bdee9398a9ae27f403a9481999fc9f5f946d8af0079

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 15 May 2021 18:37:54 GMT
server: ESF
date: Sat, 15 May 2021 20:19:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 May 2021 20:19:44 GMT

GET
H2 200 fontawesome.min.css
pfclaim.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 57 KB
12 KB 419ms
417ms Stylesheet
text/css 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.1
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: f8d00356859998784bda26e1d14f2d981515921b96ded50d5d6f6f0e75bac15c

Request headers

:path: /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:44 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 14:00:11 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 12576

GET
H2 200 regular.min.css
pfclaim.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 677 B
341 B 418ms
416ms Stylesheet
text/css 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.1
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: d92b9a2423c564eda57a51dfe20565cbd27eb1d6489bf940e15d88a2142c4054

Request headers

:path: /wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:44 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 14:00:11 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 309

GET
H2 200 solid.min.css
pfclaim.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 669 B
341 B 418ms
417ms Stylesheet
text/css 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: 1ada5259a5ac61a7d68315f7efa6b98d61d2d0478df0545869c880afeaa67dcd

Request headers

:path: /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:44 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 14:00:11 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 310

GET
H2 200 jquery.js Show response
pfclaim.com/wp-includes/js/jquery/ 95 KB
42 KB 419ms
418ms Script
application/javascript 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

:path: /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:44 GMT
content-encoding: gzip
last-modified: Fri, 17 May 2019 04:25:54 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 v4-shims.min.js Show response
pfclaim.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/ 15 KB
4 KB 419ms
417ms Script
application/javascript 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.1.4
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: 97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264

Request headers

:path: /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.1.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:44 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 14:00:11 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 4359

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
49 KB 48ms
26ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pfclaim.com
URL: https://pfclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b87c086edf82604a1a5d4892ea8b121d480c6570d0ab7be8464322312e60c2a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49888
x-xss-protection: 0
server: cafe
etag: 503174456932000003
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 15 May 2021 20:19:45 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 11 KB
4 KB 36ms
15ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2

Requested by

Host: pfclaim.com
URL: https://pfclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

5a86028255e0c2cda78faf897a3e43751e1a821156b9e1433e9d6b25285ab89e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 May 2021 20:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: en
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4066
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 WhatsApp-Image-2020-11-29-at-9.11.09-PM-oz4vo3x5nurmh1s82532vvavz2v1wwztszsble2vwg.jpeg
pfclaim.com/wp-content/uploads/elementor/thumbs/ 49 KB
49 KB 203ms
202ms Image
image/jpeg 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pfclaim.com/wp-content/uploads/elementor/thumbs/WhatsApp-Image-2020-11-29-at-9.11.09-PM-oz4vo3x5nurmh1s82532vvavz2v1wwztszsble2vwg.jpeg
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: 9a7ef1796272e0fc4f260e33d90c0a1a1cbd8f72202ffcdabc9d8be9aac47cbc

Request headers

:path: /wp-content/uploads/elementor/thumbs/WhatsApp-Image-2020-11-29-at-9.11.09-PM-oz4vo3x5nurmh1s82532vvavz2v1wwztszsble2vwg.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:45 GMT
last-modified: Wed, 09 Dec 2020 11:55:29 GMT
server: Apache
accept-ranges: bytes
content-length: 50206
content-type: image/jpeg

GET
H2 200 pf-oygzqybuzeaatpc8hqhgexea89ywruj7b2zc21ad3k.png
pfclaim.com/wp-content/uploads/elementor/thumbs/ 34 KB
34 KB 197ms
195ms Image
image/png 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pfclaim.com/wp-content/uploads/elementor/thumbs/pf-oygzqybuzeaatpc8hqhgexea89ywruj7b2zc21ad3k.png
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: 8d10b47ba3b70604a77d86f4fd42fa6e540860356064fa3e4ae1dbe259ce8d8d

Request headers

:path: /wp-content/uploads/elementor/thumbs/pf-oygzqybuzeaatpc8hqhgexea89ywruj7b2zc21ad3k.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:45 GMT
last-modified: Sun, 15 Nov 2020 22:21:05 GMT
server: Apache
accept-ranges: bytes
content-length: 34959
content-type: image/png

GET
H2 200 style.min.js Show response
pfclaim.com/wp-content/themes/astra/assets/js/minified/ 10 KB
4 KB 190ms
190ms Script
application/javascript 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-content/themes/astra/assets/js/minified/style.min.js?ver=2.5.5
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: 758af520af740958167ad867622e499b689a3299fa395f5697ad775f8b9ae4ea

Request headers

:path: /wp-content/themes/astra/assets/js/minified/style.min.js?ver=2.5.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:45 GMT
content-encoding: gzip
last-modified: Sun, 04 Oct 2020 20:31:02 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 3642

GET
H2 200 wp-embed.min.js Show response
pfclaim.com/wp-includes/js/ 1 KB
855 B 177ms
177ms Script
application/javascript 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-includes/js/wp-embed.min.js?ver=5.5.5
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.5.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:45 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 16:24:29 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 777

GET
H2 200 webpack.runtime.min.js Show response
pfclaim.com/wp-content/plugins/elementor/assets/js/ 5 KB
2 KB 187ms
184ms Script
application/javascript 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.1.4
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: 359cf0cdca67afb12bea10cedc087a424e33b90247f2dab53e369cd7ac6e5616

Request headers

:path: /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.1.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:45 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 14:00:11 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2110

GET
H2 200 frontend-modules.min.js Show response
pfclaim.com/wp-content/plugins/elementor/assets/js/ 63 KB
27 KB 189ms
186ms Script
application/javascript 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.1.4
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: e407d9e744eecd15c7ba5fced7e45858758cfaf57cceec4255dd2ac110121e19

Request headers

:path: /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.1.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:45 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 14:00:11 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 position.min.js Show response
pfclaim.com/wp-includes/js/jquery/ui/ 6 KB
3 KB 201ms
198ms Script
application/javascript 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: 0ce51090b148a45a0e3d652719ed6ef7f1a38e5d272dbf874f86a49664e897a3

Request headers

:path: /wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:45 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 16:24:29 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2577

GET
H2 200 dialog.min.js Show response
pfclaim.com/wp-content/plugins/elementor/assets/lib/dialog/ 11 KB
4 KB 186ms
183ms Script
application/javascript 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: 2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb

Request headers

:path: /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:45 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 14:00:11 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 4275

GET
H2 200 waypoints.min.js Show response
pfclaim.com/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
4 KB 200ms
197ms Script
application/javascript 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

:path: /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:45 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 14:00:11 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 3747

GET
H2 200 share-link.min.js Show response
pfclaim.com/wp-content/plugins/elementor/assets/lib/share-link/ 3 KB
1 KB 199ms
197ms Script
application/javascript 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.1.4
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: 4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580

Request headers

:path: /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.1.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:45 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 14:00:11 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1151

GET
H2 200 swiper.min.js Show response
pfclaim.com/wp-content/plugins/elementor/assets/lib/swiper/ 136 KB
46 KB 194ms
193ms Script
application/javascript 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804

Request headers

:path: /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:45 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 14:00:11 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 frontend.min.js Show response
pfclaim.com/wp-content/plugins/elementor/assets/js/ 79 KB
31 KB 199ms
196ms Script
application/javascript 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.1.4
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: a108c6e4eb1fb5af4b73b76a38266cb41795703940848306f572c5028c206071

Request headers

:path: /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.1.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:45 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 14:00:11 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 preloaded-elements-handlers.min.js Show response
pfclaim.com/wp-content/plugins/elementor/assets/js/ 37 KB
15 KB 198ms
196ms Script
application/javascript 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-content/plugins/elementor/assets/js/preloaded-elements-handlers.min.js?ver=3.1.4
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: d6cc1fa1b35dd4dcc7642bb3dd17e0cada9ca50654a6ba34dde64804334d1ce7

Request headers

:path: /wp-content/plugins/elementor/assets/js/preloaded-elements-handlers.min.js?ver=3.1.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:45 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 14:00:11 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 15317

GET
H2 200 underscore.min.js Show response
pfclaim.com/wp-includes/js/ 16 KB
6 KB 198ms
196ms Script
application/javascript 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-includes/js/underscore.min.js?ver=1.8.3
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: 6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9

Request headers

:path: /wp-includes/js/underscore.min.js?ver=1.8.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:45 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 16:24:29 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 6378

GET
H2 200 wp-util.min.js Show response
pfclaim.com/wp-includes/js/ 1 KB
623 B 199ms
196ms Script
application/javascript 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-includes/js/wp-util.min.js?ver=5.5.5
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: 6d7c73e67cbb5215d633ce9ad65f0c0377004621fce62982568024178ac4b589

Request headers

:path: /wp-includes/js/wp-util.min.js?ver=5.5.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:45 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 16:24:29 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 591

GET
H2 200 frontend.min.js Show response
pfclaim.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/ 705 B
395 B 199ms
197ms Script
application/javascript 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.6.2.3
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: f3d3e4b6c0772fd114f620c3e15f30f184234ac2c0d1b9b3a69a44e3a26eface

Request headers

:path: /wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.6.2.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:45 GMT
content-encoding: gzip
last-modified: Sun, 04 Oct 2020 21:39:50 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 363

GET
H2 200 jquery.validate.min.js Show response
pfclaim.com/wp-content/plugins/wpforms-lite/assets/js/ 24 KB
10 KB 199ms
197ms Script
application/javascript 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-content/plugins/wpforms-lite/assets/js/jquery.validate.min.js?ver=1.19.0
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: 6eefc13f4d9832e74173dea423bca495ceb7f4cbb888a19434d71a9bc0f69cb7

Request headers

:path: /wp-content/plugins/wpforms-lite/assets/js/jquery.validate.min.js?ver=1.19.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:45 GMT
content-encoding: gzip
last-modified: Sun, 04 Oct 2020 21:39:50 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 9688

GET
H2 200 mailcheck.min.js Show response
pfclaim.com/wp-content/plugins/wpforms-lite/assets/js/ 4 KB
2 KB 206ms
204ms Script
application/javascript 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-content/plugins/wpforms-lite/assets/js/mailcheck.min.js?ver=1.1.2
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: 8a3820962c15d26c4cdc9eff4f8c66ed29f96e353b7893285cb14962d6a6956d

Request headers

:path: /wp-content/plugins/wpforms-lite/assets/js/mailcheck.min.js?ver=1.1.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:45 GMT
content-encoding: gzip
last-modified: Sun, 04 Oct 2020 21:39:50 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1736

GET
H2 200 wpforms.js Show response
pfclaim.com/wp-content/plugins/wpforms-lite/assets/js/ 58 KB
19 KB 199ms
197ms Script
application/javascript 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-content/plugins/wpforms-lite/assets/js/wpforms.js?ver=1.6.2.3
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: b0339e19a08cc85a40d74bf36e130092335a38ab6cca80b1e48b614f71516cfb

Request headers

:path: /wp-content/plugins/wpforms-lite/assets/js/wpforms.js?ver=1.6.2.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:45 GMT
content-encoding: gzip
last-modified: Sun, 04 Oct 2020 21:39:50 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 wp-emoji-release.min.js Show response
pfclaim.com/wp-includes/js/ 14 KB
5 KB 198ms
196ms Script
application/javascript 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.5
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: 07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.5.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:45 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 16:24:29 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 4942

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 89ms
28ms Script
application/x-javascript 2a03:2880:f016:14:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: pfclaim.com
URL: https://pfclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f016:14:face:b00c:0:3 Warsaw, Poland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: public
x-fb-debug: H6FIYhbK1vazUcMj1WtUhWQK1HSdiDGo2xErnWr8ry3A4D30rqpD0a8BywTOSxBcWU2KcN5yj18LgU2rXP/UDg==
x-fb-trip-id: 436667874
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 15 May 2021 20:19:45 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

bundle.js Show response
static.getbutton.io/widget/
Redirect Chain

https://static.getbutton.io/widget-send-button/js/init.js
https://static.getbutton.io/widget/bundle.js

266 KB
85 KB

88ms
87ms

Script
application/javascript

78.46.57.120
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getbutton.io/widget/bundle.js
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.46.57.120 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.120.57.46.78.clients.your-server.de
Software: nginx/1.6.2 /
Resource Hash: cfb62d0ee56f68d7f6c106f7b52b659906631372992c1c6c39a38d2c698b7f9f

Request headers

Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 15 May 2021 20:19:45 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 May 2021 13:08:29 GMT
Server: nginx/1.6.2
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Connection: keep-alive
Expires: Sat, 15 May 2021 23:19:45 GMT

Redirect headers

Location: https://static.getbutton.io/widget/bundle.js
Date: Sat, 15 May 2021 20:19:45 GMT
Server: nginx/1.6.2
Connection: keep-alive
Content-Length: 160
Content-Type: text/html

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 27ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C%7CMontserrat%3A800%2C&display=fallback&ver=2.5.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://pfclaim.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 01:50:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 412148
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Wed, 11 May 2022 01:50:37 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 28ms
11ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C%7CMontserrat%3A800%2C&display=fallback&ver=2.5.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c623b34dcf729895c3bc9b6e261796bbad69555a21ad6d2f9b4e7bc27b6e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://pfclaim.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 07:06:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:08 GMT
server: sffe
age: 220423
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19440
x-xss-protection: 0
expires: Fri, 13 May 2022 07:06:02 GMT

GET
H2 200 logo-1.png
pfclaim.com/wp-content/uploads/2020/10/ 13 KB
13 KB 211ms
210ms Image
image/png 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pfclaim.com/wp-content/uploads/2020/10/logo-1.png
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: d668957728376a7b83603ba42c9aa74ec427d3279bfbccff1524a23382e1876d

Request headers

:path: /wp-content/uploads/2020/10/logo-1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:45 GMT
last-modified: Mon, 12 Oct 2020 15:48:28 GMT
server: Apache
accept-ranges: bytes
content-length: 13651
content-type: image/png

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
3 KB 25ms
6ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 19:24:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3287
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 15 May 2021 20:24:58 GMT

GET
H2 200 main.js Show response
translate.googleapis.com/translate_static/js/element/ 6 KB
2 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main.js

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c787cecd58d57330197fb375cb0fae95c678e6cafa96ce23215233aebf7e4109

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:10:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 583
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2226
x-xss-protection: 0
last-modified: Wed, 12 May 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 15 May 2021 21:10:02 GMT

GET bg-01-free-img.jpg
localhost/wordpress/pfclaim.com/wp-content/uploads/2020/10/ 0
0

GET
H2 200 fa-regular-400.woff2
pfclaim.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 13 KB
13 KB 195ms
194ms Font
font/woff2 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.1.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d

Request headers

:path: /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
pragma: no-cache
origin: https://pfclaim.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: pfclaim.com
referer: https://pfclaim.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.1.4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://pfclaim.com
Referer: https://pfclaim.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.1.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:45 GMT
last-modified: Fri, 19 Mar 2021 14:00:11 GMT
server: Apache
accept-ranges: bytes
content-length: 13548
content-type: font/woff2

GET
H2 200 fa-solid-900.woff2
pfclaim.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 78 KB
79 KB 186ms
185ms Font
font/woff2 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://pfclaim.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.1.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: 6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Request headers

:path: /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
pragma: no-cache
origin: https://pfclaim.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: pfclaim.com
referer: https://pfclaim.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.1.4
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://pfclaim.com
Referer: https://pfclaim.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.1.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:45 GMT
last-modified: Fri, 19 Mar 2021 14:00:11 GMT
server: Apache
accept-ranges: bytes
content-length: 80300
content-type: font/woff2

GET
H2 200 WhatsApp-Image-2020-11-29-at-9.11.10-PM.jpeg
pfclaim.com/wp-content/uploads/2020/11/ 238 KB
239 KB 199ms
198ms Image
image/jpeg 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pfclaim.com/wp-content/uploads/2020/11/WhatsApp-Image-2020-11-29-at-9.11.10-PM.jpeg
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: b3eab180b52c8f1e78b86009b212313cf54412e97d9b5b20108ce1e8ba554886

Request headers

:path: /wp-content/uploads/2020/11/WhatsApp-Image-2020-11-29-at-9.11.10-PM.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:45 GMT
last-modified: Sun, 29 Nov 2020 15:41:48 GMT
server: Apache
accept-ranges: bytes
content-length: 243278
content-type: image/jpeg

GET
H2 200 pan-card-reissue-services-500x500-1-300x184.png
pfclaim.com/wp-content/uploads/2020/11/ 113 KB
114 KB 197ms
196ms Image
image/png 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pfclaim.com/wp-content/uploads/2020/11/pan-card-reissue-services-500x500-1-300x184.png
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: df655226bb22e7dc2c0fa754267b86f3917f844024dc597d8e3cec3830c66051

Request headers

:path: /wp-content/uploads/2020/11/pan-card-reissue-services-500x500-1-300x184.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:45 GMT
last-modified: Sun, 15 Nov 2020 22:24:29 GMT
server: Apache
accept-ranges: bytes
content-length: 115832
content-type: image/png

GET
H2 200 shop-act.jpg
pfclaim.com/wp-content/uploads/2020/11/ 191 KB
192 KB 197ms
195ms Image
image/jpeg 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pfclaim.com/wp-content/uploads/2020/11/shop-act.jpg
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: 41201af572f8368217fa68c5f3c2d90ce71c4204935cbd643f07c43e3ef91329

Request headers

:path: /wp-content/uploads/2020/11/shop-act.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:45 GMT
last-modified: Sun, 15 Nov 2020 22:28:09 GMT
server: Apache
accept-ranges: bytes
content-length: 195870
content-type: image/jpeg

GET
H2 200 Udyog-Aadhar-Certificate.png
pfclaim.com/wp-content/uploads/2020/11/ 172 KB
172 KB 197ms
195ms Image
image/png 103.53.42.63
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pfclaim.com/wp-content/uploads/2020/11/Udyog-Aadhar-Certificate.png
Requested by: Host: pfclaim.com
URL: https://pfclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.63 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: cp-in-11.webhostbox.net
Software: Apache /
Resource Hash: 02e442346454529edd7839418232f9bb8008194bcd5ac74942a74c0aec488736

Request headers

:path: /wp-content/uploads/2020/11/Udyog-Aadhar-Certificate.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: pfclaim.com
referer: https://pfclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:45 GMT
last-modified: Sun, 15 Nov 2020 22:30:04 GMT
server: Apache
accept-ranges: bytes
content-length: 175952
content-type: image/png

GET
H3-29 200 element_main.js Show response
translate.googleapis.com/element/TE_20210224_00/e/js/element/ 250 KB
89 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20210224_00/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca537b74a51c73d56a401ea7d361ad32f692558ab321b86a8fb0979f2927712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 12:07:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29560
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91310
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 18:08:41 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 15 May 2022 12:07:05 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/ 223 KB
82 KB 49ms
32ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9964349106693631&plah=pfclaim.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66f661926ae6c1e13c6b2169733476eb03b9be46e333e5f81eab69a5b0d27ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84097
x-xss-protection: 0
server: cafe
etag: 12558658968377452156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 15 May 2021 20:19:45 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210511/r20190131/ Frame 46B3 10 KB
5 KB 25ms
5ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210511/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210511/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pfclaim.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pfclaim.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 14 May 2021 20:24:49 GMT
expires: Fri, 28 May 2021 20:24:49 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 86096
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 411824533364268 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 283ms
253ms Script
application/x-javascript 2a03:2880:f016:14:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/411824533364268?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f016:14:face:b00c:0:3 Warsaw, Poland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

003dea4599f21be132b79f98d721b9504c4d902e2008534503f20e519cecf472

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: 9FtQ8tGBzNW+7PQqJNwNUNAiccDnhAm5QxuuCuoNJV1F2w2M/3C2i0YjYbYp9LI7DrhQ045XNbl9fE/OzS/RhQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 15 May 2021 20:19:45 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
638 B 200ms
85ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=pfclaim.com&callback=_gfp_s_&client=ca-pub-9964349106693631

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9964349106693631&plah=pfclaim.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

222fa862b999d12207421987b43958f1a825a7f3c8dd7e1df25764b7ed52a566

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 46ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pfclaim.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 15 May 2021 20:19:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 46ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pfclaim.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 15 May 2021 20:19:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7CB9 603 B
68 B 46ms
29ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9964349106693631&output=html&adk=1812271804&adf=3025194257&lmt=1621109985&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpfclaim.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621109985483&bpp=4&bdt=891&idt=79&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1277420213545&frm=20&pv=2&ga_vid=96303207.1621109986&ga_sid=1621109986&ga_hid=1462719360&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061139&oid=3&pvsid=1202139814112173&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=108

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9964349106693631&output=html&adk=1812271804&adf=3025194257&lmt=1621109985&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpfclaim.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621109985483&bpp=4&bdt=891&idt=79&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1277420213545&frm=20&pv=2&ga_vid=96303207.1621109986&ga_sid=1621109986&ga_hid=1462719360&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061139&oid=3&pvsid=1202139814112173&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=108
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pfclaim.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pfclaim.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 15 May 2021 20:19:45 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 15-May-2021 20:34:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 15 May 2021 20:19:45 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5195b5533eaad9e23ee9c1ad9dd017b4f0fca8d54921a3f045858eaf4145689d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991985148764"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27994
x-xss-protection: 0
expires: Sat, 15 May 2021 20:19:45 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
1 KB 43ms
23ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: pfclaim.com
URL: https://pfclaim.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc534dad396f0c41edc978be0a4c460f3842b921742030f5f737e77bc340a312

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
content-type: text/javascript; charset=utf-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sat, 15 May 2021 20:19:45 GMT

GET
H3-29 200 www-widgetapi.js Show response
www.youtube.com/s/player/b2ff0586/www-widgetapi.vflset/ 120 KB
40 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b2ff0586/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

944fd05e2917f55df839eb3c2535902e7640bf270adf47b1f13fb025e1e0eecb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 15:14:41 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 13 May 2021 20:28:56 GMT
server: sffe
age: 18304
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40743
x-xss-protection: 0
expires: Sun, 15 May 2022 15:14:41 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
1 KB 27ms
6ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: pfclaim.com
URL: https://pfclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:13:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 366
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 825
x-xss-protection: 0
expires: Sun, 15 May 2022 20:13:39 GMT

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
998 B 27ms
7ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: pfclaim.com
URL: https://pfclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 09:34:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 38742
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 910
x-xss-protection: 0
expires: Sun, 15 May 2022 09:34:03 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 27ms
7ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:14:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 297
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1847
x-xss-protection: 0
expires: Sun, 15 May 2022 20:14:48 GMT

GET
H3-29 200 l Show response
translate.googleapis.com/translate_a/ Frame F297 3 KB
963 B 18ms
17ms Script
application/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tkVQdrkOMOyMWjoc0s4T/w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-tkVQdrkOMOyMWjoc0s4T/w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="TranslateApiHttp"
date: Sat, 15 May 2021 20:19:45 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"TranslateApiHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/TranslateApiHttp/external"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 87ms
28ms Image
image/gif 2a03:2880:f116:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=411824533364268&ev=PageView&dl=https%3A%2F%2Fpfclaim.com%2F&rl=&if=false&ts=1621109986009&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1621109986007.1658411717&it=1621109985518&coo=false&exp=l1&rqm=GET

Requested by

Host: pfclaim.com
URL: https://pfclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f116:83:face:b00c:0:25de Warsaw, Poland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 15 May 2021 20:19:46 GMT

GET
H3-29 200 9ZFy7_ZXHRo Show response
www.youtube.com/embed/ Frame 0893 52 KB
21 KB 58ms
57ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2ff0586/www-widgetapi.vflset/www-widgetapi.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f6612e47f607a1b47e6fd1c081b1a8b7c588df2a2ca7d9cdd488a3af23c50c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pfclaim.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=ZZCXZ4HwTtE; VISITOR_INFO1_LIVE=3VdEqZrdmxY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pfclaim.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 15 May 2021 20:19:46 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+179; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/b2ff0586/ Frame 0893 359 KB
45 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b2ff0586/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72ac73702737f6975b3395a0802d6b37d88e8af2bc276158313c3e87cec447f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 23:39:01 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 13 May 2021 20:28:56 GMT
server: sffe
age: 160845
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46280
x-xss-protection: 0
expires: Fri, 13 May 2022 23:39:01 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/b2ff0586/www-embed-player.vflset/ Frame 0893 189 KB
62 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b2ff0586/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

492212b35683c40750df1cc93b455cf483d36d41730ef8eccd35c691db7c2ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 23:39:01 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 13 May 2021 20:28:56 GMT
server: sffe
age: 160845
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63881
x-xss-protection: 0
expires: Fri, 13 May 2022 23:39:01 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/ Frame 0893 2 MB
464 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44d5b6790b073eb9211de1f8c14c9f2701138bf8e4c11726a8fbcb81f11e74b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 23:40:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 13 May 2021 20:28:56 GMT
server: sffe
age: 160752
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 474999
x-xss-protection: 0
expires: Fri, 13 May 2022 23:40:34 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/b2ff0586/fetch-polyfill.vflset/ Frame 0893 8 KB
3 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b2ff0586/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 23:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 13 May 2021 20:28:56 GMT
server: sffe
age: 160844
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Fri, 13 May 2022 23:39:02 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0893 15 KB
15 KB 20ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 21:46:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 340426
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Wed, 11 May 2022 21:46:00 GMT

GET
H3-29 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 0893 113 B
161 B 38ms
38ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2ff0586/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69fc0168712e7c005668ea9dc7de0f30fde8e7d2e88dda6b6148bd8d61176326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 0893 29 B
406 B 26ms
6ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2ff0586/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:18:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 78
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Sat, 15 May 2021 20:33:28 GMT

GET
H2 200 HLG8T7_6jrm5gwCee85nqoZzVn5k6-x3RhaIxJGUkXo.js Show response
www.google.com/js/th/ Frame 0893 35 KB
13 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/HLG8T7_6jrm5gwCee85nqoZzVn5k6-x3RhaIxJGUkXo.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cb1bc4fbffa8eb9b983009e7bce67aa8673567e64ebec77461688c49194917a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 12:02:18 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 11:00:00 GMT
server: sffe
age: 29848
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13280
x-xss-protection: 0
expires: Sun, 15 May 2022 12:02:18 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/ Frame 0893 24 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

259ebdf187e859665884fe20be65c41a044a3ad0b9ea89b1ad8a791edd459e18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 23:41:32 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 13 May 2021 20:28:56 GMT
server: sffe
age: 160694
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7439
x-xss-protection: 0
expires: Fri, 13 May 2022 23:41:32 GMT

POST
H3-29 200 player Show response
www.youtube.com/youtubei/v1/ Frame 0893 87 KB
20 KB 160ms
160ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

837a95eb9a851189f901a9bf2634d43de755cbb018b8a65e1e5cbd479ac49889

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210512.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Visitor-Id: CgszVmRFcVpyZG14WSji2YCFBg%3D%3D
Content-Type: application/json

Response headers

date: Sat, 15 May 2021 20:19:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20522
x-xss-protection: 0
expires: Sat, 15 May 2021 20:19:46 GMT

GET
DATA 200
OK truncated
/ Frame 0893 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwnhUEeHCO8gpMBHYRAQdANejk3fsxhCsDGDeNM-PQQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 0893 2 KB
2 KB 483ms
461ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwnhUEeHCO8gpMBHYRAQdANejk3fsxhCsDGDeNM-PQQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a71c859cce43b641546f7475be75cfd9a436271a7f10f375df46bbff0607bb81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:46 GMT
x-content-type-options: nosniff
server: fife
etag: "vf1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2011
x-xss-protection: 0
expires: Sun, 16 May 2021 20:19:46 GMT

GET
DATA 200
OK truncated
/ Frame 0893 280 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7312ea0271e0ce821ec59d1d5ad02970981c391ea89510dcbfb8f50323a441f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.5

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://pfclaim.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 01:43:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 239774
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Fri, 13 May 2022 01:43:32 GMT

GET
H3-29 204 generate_204
www.youtube.com/ Frame 0893 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?0Sry1A
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:46 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 59ms
29ms Ping
text/plain 2a03:2880:f116:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f116:83:face:b00c:0:25de Warsaw, Poland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryzmxellh7UF2IetAP

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Sat, 15 May 2021 20:19:46 GMT
content-type: text/plain
access-control-allow-origin: https://pfclaim.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

POST
H3-29 204 qoe
www.youtube.com/api/stats/ Frame 0893 0
19 B 14ms
14ms Ping
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=134&afmt=251&cpn=fAhpczl_-26eBiwK&ei=4iygYOqcGNKy1gLsmaJQ&el=embedded&docid=9ZFy7_ZXHRo&ns=yt&fexp=23748147%2C23858057%2C23940237%2C23969934%2C23983296%2C23995927%2C24001373%2C24004644%2C24007246%2C24019954%2C24027395%2C24027749%2C24035275%2C24040786%2C24042868&cl=373643914&seq=1&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210512.1.1&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.264:N&afs=0.264:251::i&vfs=0.264:134:134::r&view=0.264:550:309&bwe=0.264:130000&bat=0.264:1:1&vis=0.264:0&cmt=0.264:0.000&bh=0.264:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 15 May 2021 20:19:46 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r4---sn-4g5e6nl7.googlevideo.com/ Frame 0893 1 KB
2 KB 26ms
8ms XHR
text/plain 2a00:1450:4001:4f::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5e6nl7.googlevideo.com/videoplayback?expire=1621131586&ei=4iygYOqcGNKy1gLsmaJQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AGcvJbqdE8fCQd-rNMWFIDMoHfq_PqazLxfnJrpQmDOF&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=mU&mm=31%2C26&mn=sn-4g5e6nl7%2Csn-5goeen7y&ms=au%2Conr&mv=m&mvi=4&pl=47&initcwndbps=475000&vprv=1&mime=video%2Fmp4&ns=HNylxdz7YGDlzuOtEgvTU2wF&gir=yes&clen=814086&otfp=1&dur=28.533&lmt=1607253251645025&mt=1621109795&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6216222&n=A3YEFd-ckJIuLQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgKFfykomNgcT8igEeJu9Gw7IEitdNqsewjarbPMDYWrgCIDXcHxtXu234WJhv4UYig-PPTK9irXybiURjwlXnvi1i&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhALehABKJ762z4zm0pYEs686nByrEL7PAbfVDF1eQhn0dAiBxPD871lCY--IDoK1pekwE1jFROEBc7fC-VutXNsj5rg%3D%3D&alr=yes&cpn=fAhpczl_-26eBiwK&cver=1.20210512.1.1&range=0-116473&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:4f::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

dde43be42372edb6fd60042c0e06c276bd756912ece00b51f824508402b31044

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 15 May 2021 20:19:46 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1076
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Sat, 15 May 2021 20:19:46 GMT

GET
H/1.1 200
OK videoplayback Show response
r4---sn-4g5e6nl7.googlevideo.com/ Frame 0893 997 B
2 KB 24ms
7ms XHR
text/plain 2a00:1450:4001:4f::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5e6nl7.googlevideo.com/videoplayback?expire=1621131586&ei=4iygYOqcGNKy1gLsmaJQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AGcvJbqdE8fCQd-rNMWFIDMoHfq_PqazLxfnJrpQmDOF&itag=251&source=youtube&requiressl=yes&mh=mU&mm=31%2C26&mn=sn-4g5e6nl7%2Csn-5goeen7y&ms=au%2Conr&mv=m&mvi=4&pl=47&initcwndbps=475000&vprv=1&mime=audio%2Fwebm&ns=HNylxdz7YGDlzuOtEgvTU2wF&gir=yes&clen=507934&otfp=1&dur=28.561&lmt=1607253243233460&mt=1621109795&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=A3YEFd-ckJIuLQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgH-9pvjpXm_QAamX7DJJiKT-L7D8jOr1jGOzDeguEtakCIQCyKKuzo7-BX3l2VeXZk2qZDzDWxvbIazocpaInJ_G6TA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhALehABKJ762z4zm0pYEs686nByrEL7PAbfVDF1eQhn0dAiBxPD871lCY--IDoK1pekwE1jFROEBc7fC-VutXNsj5rg%3D%3D&alr=yes&cpn=fAhpczl_-26eBiwK&cver=1.20210512.1.1&range=0-65845&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:4f::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

69700b40e2ff9cdb7596e63fa62d5a949b92790799bb6aac658cda48b984769a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 15 May 2021 20:19:46 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 997
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Sat, 15 May 2021 20:19:46 GMT

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/ Frame 0893 97 KB
30 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cf44060daba3f2456fba079d64c297e7775debdbad4c7776310d544b264a69c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 23:40:35 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 13 May 2021 20:28:56 GMT
server: sffe
age: 160751
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30827
x-xss-protection: 0
expires: Fri, 13 May 2022 23:40:35 GMT

GET
H3-29 200 captions.js Show response
www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/ Frame 0893 60 KB
23 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0113a75603e4bbb9ba3ae05c81e4372d168e42371b3c50b7feea3952ae3c9f25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 23:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 13 May 2021 20:28:56 GMT
server: sffe
age: 160658
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23295
x-xss-protection: 0
expires: Fri, 13 May 2022 23:42:08 GMT

GET
H3-29 200 endscreen.js Show response
www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/ Frame 0893 26 KB
7 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

794aa1a90e23922b4ef3fbe52fcd7ef230f742cf3da29854b72cdb99af429cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 23:41:49 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 13 May 2021 20:28:56 GMT
server: sffe
age: 160677
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7149
x-xss-protection: 0
expires: Fri, 13 May 2022 23:41:49 GMT

GET
H3-29 200 annotations_module.js Show response
www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/ Frame 0893 66 KB
19 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/annotations_module.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cc51c7c1d6a55dc74d71897f5568a5fa02e5198d230d51f4ec9d5f8b5a39ecb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 23:42:11 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 13 May 2021 20:28:56 GMT
server: sffe
age: 160655
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19739
x-xss-protection: 0
expires: Fri, 13 May 2022 23:42:11 GMT

POST
H3-29 200 next Show response
www.youtube.com/youtubei/v1/ Frame 0893 9 KB
2 KB 153ms
153ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f6c4fb313105474d3aefa4e76032398930d0d887adb21c8bd266fc4112c0c91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210512.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Visitor-Id: CgszVmRFcVpyZG14WSji2YCFBg%3D%3D
Content-Type: application/json

Response headers

date: Sat, 15 May 2021 20:19:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1959
x-xss-protection: 0
expires: Sat, 15 May 2021 20:19:46 GMT

GET
H3-29 200 videoplayback Show response
r4---sn-4g5e6nl7.googlevideo.com/ Frame 0893 64 KB
64 KB 440ms
432ms XHR
audio/webm 2a00:1450:4001:4f::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5e6nl7.googlevideo.com/videoplayback?expire=1621131586&ei=4iygYOqcGNKy1gLsmaJQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AGcvJbqdE8fCQd-rNMWFIDMoHfq_PqazLxfnJrpQmDOF&itag=251&source=youtube&requiressl=yes&vprv=1&mime=audio%2Fwebm&ns=HNylxdz7YGDlzuOtEgvTU2wF&gir=yes&clen=507934&otfp=1&dur=28.561&lmt=1607253243233460&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=A3YEFd-ckJIuLQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgH-9pvjpXm_QAamX7DJJiKT-L7D8jOr1jGOzDeguEtakCIQCyKKuzo7-BX3l2VeXZk2qZDzDWxvbIazocpaInJ_G6TA%3D%3D&alr=yes&cpn=fAhpczl_-26eBiwK&cver=1.20210512.1.1&redirect_counter=1&cm2rm=sn-4g5elk7z&cms_redirect=yes&mh=mU&mm=34&mn=sn-4g5e6nl7&ms=ltu&mt=1621109785&mv=m&mvi=4&pl=47&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgKU4B9s1pt-xcE3-IMHOW11OX2J85rJxDOA2zH8OFyQUCIB2-opIs2iBSD8fQRGwA0t4z1BZIVOsm9SNxo7p0EYk8&range=0-65845&rn=3&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:4f::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

868a14b941d5c48427f049e2c7608ccef4c9223f47af1fb3e1fdbdcb16abfc55

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:47 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65846
client-protocol: quic
last-modified: Sun, 06 Dec 2020 11:14:03 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Sat, 15 May 2021 20:19:47 GMT

GET
H3-29 200 videoplayback Show response
r4---sn-4g5e6nl7.googlevideo.com/ Frame 0893 114 KB
114 KB 169ms
163ms XHR
video/mp4 2a00:1450:4001:4f::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5e6nl7.googlevideo.com/videoplayback?expire=1621131586&ei=4iygYOqcGNKy1gLsmaJQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AGcvJbqdE8fCQd-rNMWFIDMoHfq_PqazLxfnJrpQmDOF&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=HNylxdz7YGDlzuOtEgvTU2wF&gir=yes&clen=814086&otfp=1&dur=28.533&lmt=1607253251645025&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6216222&n=A3YEFd-ckJIuLQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgKFfykomNgcT8igEeJu9Gw7IEitdNqsewjarbPMDYWrgCIDXcHxtXu234WJhv4UYig-PPTK9irXybiURjwlXnvi1i&alr=yes&cpn=fAhpczl_-26eBiwK&cver=1.20210512.1.1&redirect_counter=1&cm2rm=sn-4g5elk7z&cms_redirect=yes&mh=mU&mm=34&mn=sn-4g5e6nl7&ms=ltu&mt=1621109785&mv=m&mvi=4&pl=47&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIge-KQeN6LFYefzRU8C-vAfH5hnxds28QTl7VB4Mp1gK8CIQCGXCslgmmqzABrGRauFk8MuWyQ8iyI2yeqlx_JVI-Omg%3D%3D&range=0-116473&rn=4&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:4f::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

34c7b1b793b1126a1d4a6e450768cecad79b198bb0ce6f28f748e63977fe746b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:46 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116474
client-protocol: quic
last-modified: Sun, 06 Dec 2020 11:14:11 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Sat, 15 May 2021 20:19:46 GMT

GET
H3-29 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 0893 4 KB
2 KB 27ms
14ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Sat, 15 May 2021 20:19:46 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/imLYtI6HNdk/ Frame 0893 24 KB
24 KB 85ms
65ms Image
image/webp 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/imLYtI6HNdk/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb3a816a6879bac21f65d25271263c6b2cf1da10fbb403aeebe798343805d7c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:46 GMT
x-content-type-options: nosniff
server: sffe
etag: "1591436556"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24788
x-xss-protection: 0
expires: Sat, 15 May 2021 22:19:46 GMT

GET
H2 200 featured_channel.jpg
i.ytimg.com/an/cW4ty0nAUWdIMbhksTYDPQ/ Frame 0893 31 KB
31 KB 65ms
58ms Image
image/jpeg 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/an/cW4ty0nAUWdIMbhksTYDPQ/featured_channel.jpg?v=5ec63752

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3020e3b6982bbd769fdc9f40fe9e40ed2b95c05ef8911a26c360fd6c1ce9cf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:46 GMT
x-content-type-options: nosniff
server: sffe
etag: "1590048594"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31900
x-xss-protection: 0
expires: Sat, 15 May 2021 22:19:46 GMT

GET
H2 200 AAUvwnhUEeHCO8gpMBHYRAQdANejk3fsxhCsDGDeNM-PQQ=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 0893 2 KB
2 KB 160ms
160ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwnhUEeHCO8gpMBHYRAQdANejk3fsxhCsDGDeNM-PQQ=s88-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

afd0c014bb79e7d2ab97165019f02f95d23a87661507e4ceaf161d2d9120461c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:46 GMT
x-content-type-options: nosniff
server: fife
etag: "vf1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2418
x-xss-protection: 0
expires: Sun, 16 May 2021 20:19:46 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 32ms
19ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210511&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78c1c081892df7e2413371338f462682dd3311560322d0bf3382adf9a5ec023b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 15 May 2021 20:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7715
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 15 May 2021 20:19:47 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame C981 12 KB
5 KB 20ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pfclaim.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pfclaim.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 15 May 2021 19:09:14 GMT
expires: Sun, 15 May 2022 19:09:14 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4233
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 DyQI0nSy6BUFz1wbhNnw1YMoJJCDSr_iJxDmlzQsBeQ.js Show response
pagead2.googlesyndication.com/bg/ Frame C981 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DyQI0nSy6BUFz1wbhNnw1YMoJJCDSr_iJxDmlzQsBeQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f2408d274b2e81505cf5c1b84d9f0d583282490834abfe22710e697342c05e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 13:47:50 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 23517
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Sun, 15 May 2022 13:47:50 GMT

GET
H3-29 200 videoplayback Show response
r4---sn-4g5e6nl7.googlevideo.com/ Frame 0893 64 KB
64 KB 340ms
339ms XHR
audio/webm 2a00:1450:4001:4f::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5e6nl7.googlevideo.com/videoplayback?expire=1621131586&ei=4iygYOqcGNKy1gLsmaJQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AGcvJbqdE8fCQd-rNMWFIDMoHfq_PqazLxfnJrpQmDOF&itag=251&source=youtube&requiressl=yes&vprv=1&mime=audio%2Fwebm&ns=HNylxdz7YGDlzuOtEgvTU2wF&gir=yes&clen=507934&otfp=1&dur=28.561&lmt=1607253243233460&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=A3YEFd-ckJIuLQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgH-9pvjpXm_QAamX7DJJiKT-L7D8jOr1jGOzDeguEtakCIQCyKKuzo7-BX3l2VeXZk2qZDzDWxvbIazocpaInJ_G6TA%3D%3D&alr=yes&cpn=fAhpczl_-26eBiwK&cver=1.20210512.1.1&redirect_counter=1&cm2rm=sn-4g5elk7z&cms_redirect=yes&mh=mU&mm=34&mn=sn-4g5e6nl7&ms=ltu&mt=1621109785&mv=m&mvi=4&pl=47&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgKU4B9s1pt-xcE3-IMHOW11OX2J85rJxDOA2zH8OFyQUCIB2-opIs2iBSD8fQRGwA0t4z1BZIVOsm9SNxo7p0EYk8&range=65846-131381&rn=5&rbuf=3685

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:4f::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

2d277e0d37fc7c0cc9f20d02ca3e1a66e06eaf3851d527b3a57ae672291e454e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:47 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65536
client-protocol: quic
last-modified: Sun, 06 Dec 2020 11:14:03 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Sat, 15 May 2021 20:19:47 GMT

GET
DATA 200
OK truncated
/ Frame 0893 206 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdcd3b78b9cbefaf0b0b77d15b997098755f13656b50b9890aa094431e828116

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 hqdefault.webp
i.ytimg.com/vi_webp/imLYtI6HNdk/ Frame 0893 19 KB
19 KB 62ms
48ms Image
image/webp 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/imLYtI6HNdk/hqdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f59fde434aeff5db9cfec1844cb9989651140ea2f38defbe4fd0eaf163e29053

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:47 GMT
x-content-type-options: nosniff
server: sffe
etag: "1591436556"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19450
x-xss-protection: 0
expires: Sat, 15 May 2021 22:19:47 GMT

GET
H3-29 200 hqdefault.webp
i.ytimg.com/vi_webp/nU_VGh5ZeC0/ Frame 0893 10 KB
10 KB 77ms
63ms Image
image/webp 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/nU_VGh5ZeC0/hqdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0d8d12c77ae0388234c73397954ff2118444306deb7bd865f766351a5d68f2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:47 GMT
x-content-type-options: nosniff
server: sffe
etag: "1582636253"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9926
x-xss-protection: 0
expires: Sat, 15 May 2021 22:19:47 GMT

POST
H3-29 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 0893 28 B
56 B 26ms
26ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1
X-YouTube-Client-Version: 1.20210512.1.1
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgszVmRFcVpyZG14WSji2YCFBg%3D%3D
X-YouTube-Ad-Signals: dt=1621109986256&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C550%2C309&vis=1&wgl=true&ca_type=image&bid=ANyPxKo75sfWQe_GPbQf3-pUjSWVb7Q4fRHobHC5Ygsz7MPR-G4MyvCClX9vxgUzEgY6Uf5qA12EEjuA1Kti0fW80IXEL4ZC5Q

Response headers

date: Sat, 15 May 2021 20:19:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Sat, 15 May 2021 20:19:47 GMT

GET
H3-29 204 playback
www.youtube.com/api/stats/ Frame 0893 0
17 B 15ms
15ms Image
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=fAhpczl_-26eBiwK&docid=9ZFy7_ZXHRo&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F9ZFy7_ZXHRo%3Fcontrols%3D1%26rel%3D0%26playsinline%3D0%26modestbranding%3D0%26autoplay%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fpfclaim.com%26widgetid%3D1&cmt=0.06&ei=4iygYOqcGNKy1gLsmaJQ&fmt=134&fs=0&rt=0.877&of=-_xhI4eL4MjOL53E0nwGhA&euri=https%3A%2F%2Fpfclaim.com%2F&lact=903&cl=373643914&mos=1&vm=CAEQABgEKiBkbUhLZnNkTEg4b0h6MXBvX2F1Sm9USmdvZ2VsOXdGSDoyQU9HdF9PSWU4dzNzOHkyaDNNT0l1SVlKb1lHYzY3QldPcU93RHNOam5MWXBpekJKR3c&volume=100&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210512.1.1&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&splay=1&hl=en_US&cr=DE&len=28.561&fexp=23748147%2C23858057%2C23940237%2C23969934%2C23983296%2C23995927%2C24001373%2C24004644%2C24007246%2C24019954%2C24027395%2C24027749%2C24035275%2C24040786%2C24042868&rtn=6&afmt=251&size=550%3A309&inview=0&muted=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 May 2021 20:19:47 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 ptracking
www.youtube.com/ Frame 0893 0
19 B 14ms
13ms Image
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=9ZFy7_ZXHRo&cpn=fAhpczl_-26eBiwK&ei=4iygYOqcGNKy1gLsmaJQ&ptk=youtube_none&pltype=contentugc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 May 2021 20:19:47 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210511&jk=1202139814112173&bg=!ycqlyo7NAAY59bwoOfU7ACkAdvg8WqD9K0_kEAm8fD5U5Q3Dw7o7CZdBuPmUnsBfKY40SFIBFK8juQIAAACCUgAAABRoAQcKAM-U0S-C0R4fEDpsPHHLAp3LFaTmb7-UuqZKwjkpwJKzWXICThHcRQMw9xQYOEfVsfO17KzUkAHWih6U2XVCcr4nvXnac3HVo0_3DQNcN7Tl5Sonm5olISGjGAXidTl_3HF9MIPBHEk7a6ddeWr65b9nQ02cm8MXdswKkSt4lUThgOqDJg8afO536px43kL-ybTPw-fgqjxaKK2z8GhrMyXce3KDQ3fYuTlFLL5LCRB2sLi0Qg40LlJd7HHUajhRd9GVzBVaUWnz9TDDDRhYZteZAjkWT6R14x079HHfYRks3G33cA363bT_h-vftHWSdiVGm9eB9nGtouhP5I8ZGZBogoCY-GwqScNANwbPCy6wsW4O5DpfNUzPiCXRtimjTrdEqhj75OyFQXT8_hkFHMaKTotRc7MYR6wtSrkI4-7-ZYwO_AXlthpjohrd7_Ng1fTI1TCODb2YuSu8Jk0B8xeAS8yEHSZUXJb9_Pw62zg-l7KI8jvqrxeFJ5f_kNd5REmG5_UvAm066Rd2qEjvZtaY1XLbjK8HMSXEFrVcM_vJ1Pide-q2gB6Df30QcWqJcbuuWW6wi12stgX2qDgYS2f3vdmJ3q2w5v8OGIS5ezeksTi_tsYo1gALnGEwOoTdYURFOU73AlhmlMDmjoRDbviEQvC2OKEv0uN9_WNOfZII2HyRpPA6PoqNMddIYjjDJnc82-K8-K6pF3NBaXnGzmhNpo5o7rrXJDCjQ40-8INzSUCDXMNPbGmzXRoHjjJROpDomg5GWDyRdbD2jVcVB1qt4r8zzbL3-6XySvmn8nXGGVLIk4fglF0V2ODSfzJLZDYr8O4vFsT0G_x2dIBVbW7Vuu_TqIR1W5yya4yoFEzAQlwmJ74E_ssEQ6NVuCiwud4iLLe2iu9B-snRviKyXQLtMlabb6lvElZSKCA03tuQmKiJX4aVIfnmrzJuVfsypW8k3MqU_GrW2CM2qoXaC3O52qht5NPwSv6EcPNiw-etnEPUr51LgZCCxA6KBcaMufc6npqZNjzM4SmoKw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pfclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 May 2021 20:19:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 videoplayback Show response
r4---sn-4g5e6nl7.googlevideo.com/ Frame 0893 113 KB
113 KB 63ms
63ms XHR
video/mp4 2a00:1450:4001:4f::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5e6nl7.googlevideo.com/videoplayback?expire=1621131586&ei=4iygYOqcGNKy1gLsmaJQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AGcvJbqdE8fCQd-rNMWFIDMoHfq_PqazLxfnJrpQmDOF&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=HNylxdz7YGDlzuOtEgvTU2wF&gir=yes&clen=814086&otfp=1&dur=28.533&lmt=1607253251645025&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6216222&n=A3YEFd-ckJIuLQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgKFfykomNgcT8igEeJu9Gw7IEitdNqsewjarbPMDYWrgCIDXcHxtXu234WJhv4UYig-PPTK9irXybiURjwlXnvi1i&alr=yes&cpn=fAhpczl_-26eBiwK&cver=1.20210512.1.1&redirect_counter=1&cm2rm=sn-4g5elk7z&cms_redirect=yes&mh=mU&mm=34&mn=sn-4g5e6nl7&ms=ltu&mt=1621109785&mv=m&mvi=4&pl=47&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIge-KQeN6LFYefzRU8C-vAfH5hnxds28QTl7VB4Mp1gK8CIQCGXCslgmmqzABrGRauFk8MuWyQ8iyI2yeqlx_JVI-Omg%3D%3D&range=116474-232102&rn=6&rbuf=4251

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:4f::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

bfdb62e0cca3f919dbfc44d1f64e7fd9bfcaf1b3c3ae148466a6be7dda4ead08

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:47 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115629
client-protocol: quic
last-modified: Sun, 06 Dec 2020 11:14:11 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Sat, 15 May 2021 20:19:47 GMT

GET
H3-29 200 videoplayback Show response
r4---sn-4g5e6nl7.googlevideo.com/ Frame 0893 125 KB
125 KB 343ms
343ms XHR
audio/webm 2a00:1450:4001:4f::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5e6nl7.googlevideo.com/videoplayback?expire=1621131586&ei=4iygYOqcGNKy1gLsmaJQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AGcvJbqdE8fCQd-rNMWFIDMoHfq_PqazLxfnJrpQmDOF&itag=251&source=youtube&requiressl=yes&vprv=1&mime=audio%2Fwebm&ns=HNylxdz7YGDlzuOtEgvTU2wF&gir=yes&clen=507934&otfp=1&dur=28.561&lmt=1607253243233460&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=A3YEFd-ckJIuLQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgH-9pvjpXm_QAamX7DJJiKT-L7D8jOr1jGOzDeguEtakCIQCyKKuzo7-BX3l2VeXZk2qZDzDWxvbIazocpaInJ_G6TA%3D%3D&alr=yes&cpn=fAhpczl_-26eBiwK&cver=1.20210512.1.1&redirect_counter=1&cm2rm=sn-4g5elk7z&cms_redirect=yes&mh=mU&mm=34&mn=sn-4g5e6nl7&ms=ltu&mt=1621109785&mv=m&mvi=4&pl=47&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgKU4B9s1pt-xcE3-IMHOW11OX2J85rJxDOA2zH8OFyQUCIB2-opIs2iBSD8fQRGwA0t4z1BZIVOsm9SNxo7p0EYk8&range=131382-259186&rn=7&rbuf=7163

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:4f::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0c059e2230187440e768a4903dcfb293f2de97d5e227df92fe97b575ffb2e155

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:47 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127805
client-protocol: quic
last-modified: Sun, 06 Dec 2020 11:14:03 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Sat, 15 May 2021 20:19:47 GMT

GET
H3-29 200 videoplayback Show response
r4---sn-4g5e6nl7.googlevideo.com/ Frame 0893 445 KB
445 KB 46ms
45ms XHR
video/mp4 2a00:1450:4001:4f::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5e6nl7.googlevideo.com/videoplayback?expire=1621131586&ei=4iygYOqcGNKy1gLsmaJQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AGcvJbqdE8fCQd-rNMWFIDMoHfq_PqazLxfnJrpQmDOF&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=HNylxdz7YGDlzuOtEgvTU2wF&gir=yes&clen=814086&otfp=1&dur=28.533&lmt=1607253251645025&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6216222&n=A3YEFd-ckJIuLQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgKFfykomNgcT8igEeJu9Gw7IEitdNqsewjarbPMDYWrgCIDXcHxtXu234WJhv4UYig-PPTK9irXybiURjwlXnvi1i&alr=yes&cpn=fAhpczl_-26eBiwK&cver=1.20210512.1.1&redirect_counter=1&cm2rm=sn-4g5elk7z&cms_redirect=yes&mh=mU&mm=34&mn=sn-4g5e6nl7&ms=ltu&mt=1621109785&mv=m&mvi=4&pl=47&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIge-KQeN6LFYefzRU8C-vAfH5hnxds28QTl7VB4Mp1gK8CIQCGXCslgmmqzABrGRauFk8MuWyQ8iyI2yeqlx_JVI-Omg%3D%3D&range=232103-687713&rn=8&rbuf=7881

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:4f::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

2a2d701efba2a136b09582be7dadb61f9069ae37f1245c2edfa209ddc67819a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:47 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 455611
client-protocol: quic
last-modified: Sun, 06 Dec 2020 11:14:11 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Sat, 15 May 2021 20:19:47 GMT

GET
H/1.1 200
OK videoplayback Show response
r4---sn-4g5e6nl7.googlevideo.com/ Frame 0893 202 KB
204 KB 363ms
363ms XHR
audio/webm 2a00:1450:4001:4f::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5e6nl7.googlevideo.com/videoplayback?expire=1621131586&ei=4iygYOqcGNKy1gLsmaJQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AGcvJbqdE8fCQd-rNMWFIDMoHfq_PqazLxfnJrpQmDOF&itag=251&source=youtube&requiressl=yes&vprv=1&mime=audio%2Fwebm&ns=HNylxdz7YGDlzuOtEgvTU2wF&gir=yes&clen=507934&otfp=1&dur=28.561&lmt=1607253243233460&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=A3YEFd-ckJIuLQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgH-9pvjpXm_QAamX7DJJiKT-L7D8jOr1jGOzDeguEtakCIQCyKKuzo7-BX3l2VeXZk2qZDzDWxvbIazocpaInJ_G6TA%3D%3D&alr=yes&cpn=fAhpczl_-26eBiwK&cver=1.20210512.1.1&redirect_counter=1&cm2rm=sn-4g5elk7z&cms_redirect=yes&mh=mU&mm=34&mn=sn-4g5e6nl7&ms=ltu&mt=1621109785&mv=m&mvi=4&pl=47&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgKU4B9s1pt-xcE3-IMHOW11OX2J85rJxDOA2zH8OFyQUCIB2-opIs2iBSD8fQRGwA0t4z1BZIVOsm9SNxo7p0EYk8&range=259187-466525&rn=9&rbuf=11620

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:4f::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

fe912f357759c1d9f44bc7e1f9b7f5b62f5dc8fc5509daabbbd4f99b27fe0263

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 15 May 2021 20:19:50 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 207339
Last-Modified: Sun, 06 Dec 2020 11:14:03 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21296
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Sat, 15 May 2021 20:19:50 GMT

POST
H2 204 atr Show response
www.youtube.com/api/stats/ Frame 0893 0
191 B 16ms
16ms XHR
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=fAhpczl_-26eBiwK&docid=9ZFy7_ZXHRo&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F9ZFy7_ZXHRo%3Fcontrols%3D1%26rel%3D0%26playsinline%3D0%26modestbranding%3D0%26autoplay%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fpfclaim.com%26widgetid%3D1&cmt=4.58&ei=4iygYOqcGNKy1gLsmaJQ&fmt=134&fs=0&rt=5.396&of=-_xhI4eL4MjOL53E0nwGhA&euri=https%3A%2F%2Fpfclaim.com%2F&lact=5422&cl=373643914&mos=1&vm=CAEQABgEKiBkbUhLZnNkTEg4b0h6MXBvX2F1Sm9USmdvZ2VsOXdGSDoyQU9HdF9PSWU4dzNzOHkyaDNNT0l1SVlKb1lHYzY3QldPcU93RHNOam5MWXBpekJKR3c&volume=100&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210512.1.1&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&splay=1&hl=en_US&cr=DE&len=28.561&fexp=23748147%2C23858057%2C23940237%2C23969934%2C23983296%2C23995927%2C24001373%2C24004644%2C24007246%2C24019954%2C24027395%2C24027749%2C24035275%2C24040786%2C24042868&afmt=251&muted=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1
X-YouTube-Client-Version: 1.20210512.1.1
X-YouTube-Time-Zone: Europe/Berlin
X-YouTube-Ad-Signals: dt=1621109986256&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C550%2C309&vis=1&wgl=true&ca_type=image&bid=ANyPxKo75sfWQe_GPbQf3-pUjSWVb7Q4fRHobHC5Ygsz7MPR-G4MyvCClX9vxgUzEgY6Uf5qA12EEjuA1Kti0fW80IXEL4ZC5Q

Response headers

pragma: no-cache
date: Sat, 15 May 2021 20:19:51 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 watchtime
www.youtube.com/api/stats/ Frame 0893 0
19 B 15ms
15ms Image
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=fAhpczl_-26eBiwK&docid=9ZFy7_ZXHRo&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F9ZFy7_ZXHRo%3Fcontrols%3D1%26rel%3D0%26playsinline%3D0%26modestbranding%3D0%26autoplay%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fpfclaim.com%26widgetid%3D1&cmt=5.184&ei=4iygYOqcGNKy1gLsmaJQ&fmt=134&fs=0&rt=6.001&of=-_xhI4eL4MjOL53E0nwGhA&euri=https%3A%2F%2Fpfclaim.com%2F&lact=6026&cl=373643914&state=playing&vm=CAEQABgEKiBkbUhLZnNkTEg4b0h6MXBvX2F1Sm9USmdvZ2VsOXdGSDoyQU9HdF9PSWU4dzNzOHkyaDNNT0l1SVlKb1lHYzY3QldPcU93RHNOam5MWXBpekJKR3c&volume=100%2C100&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210512.1.1&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&splay=1&hl=en_US&cr=DE&len=28.561&rtn=16&afmt=251&idpj=-5&ldpj=-11&rti=6&size=550%3A309&inview=1&st=0%2C0.161&et=0.06%2C5.184&muted=1%2C1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 May 2021 20:19:52 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r4---sn-4g5e6nl7.googlevideo.com/ Frame 0893 123 KB
124 KB 50ms
50ms XHR
video/mp4 2a00:1450:4001:4f::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5e6nl7.googlevideo.com/videoplayback?expire=1621131586&ei=4iygYOqcGNKy1gLsmaJQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AGcvJbqdE8fCQd-rNMWFIDMoHfq_PqazLxfnJrpQmDOF&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=HNylxdz7YGDlzuOtEgvTU2wF&gir=yes&clen=814086&otfp=1&dur=28.533&lmt=1607253251645025&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6216222&n=A3YEFd-ckJIuLQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgKFfykomNgcT8igEeJu9Gw7IEitdNqsewjarbPMDYWrgCIDXcHxtXu234WJhv4UYig-PPTK9irXybiURjwlXnvi1i&alr=yes&cpn=fAhpczl_-26eBiwK&cver=1.20210512.1.1&redirect_counter=1&cm2rm=sn-4g5elk7z&cms_redirect=yes&mh=mU&mm=34&mn=sn-4g5e6nl7&ms=ltu&mt=1621109785&mv=m&mvi=4&pl=47&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIge-KQeN6LFYefzRU8C-vAfH5hnxds28QTl7VB4Mp1gK8CIQCGXCslgmmqzABrGRauFk8MuWyQ8iyI2yeqlx_JVI-Omg%3D%3D&range=687714-814085&rn=10&rbuf=18253

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:4f::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

681f07e8c9df6680b29ad6b10b585f35130b8c921360417803fe92ca6665e30d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 15 May 2021 20:19:55 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 126372
Last-Modified: Sun, 06 Dec 2020 11:14:11 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21291
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Sat, 15 May 2021 20:19:55 GMT

GET
H3-29 200 videoplayback Show response
r4---sn-4g5e6nl7.googlevideo.com/ Frame 0893 40 KB
40 KB 332ms
331ms XHR
audio/webm 2a00:1450:4001:4f::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5e6nl7.googlevideo.com/videoplayback?expire=1621131586&ei=4iygYOqcGNKy1gLsmaJQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AGcvJbqdE8fCQd-rNMWFIDMoHfq_PqazLxfnJrpQmDOF&itag=251&source=youtube&requiressl=yes&vprv=1&mime=audio%2Fwebm&ns=HNylxdz7YGDlzuOtEgvTU2wF&gir=yes&clen=507934&otfp=1&dur=28.561&lmt=1607253243233460&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=A3YEFd-ckJIuLQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgH-9pvjpXm_QAamX7DJJiKT-L7D8jOr1jGOzDeguEtakCIQCyKKuzo7-BX3l2VeXZk2qZDzDWxvbIazocpaInJ_G6TA%3D%3D&alr=yes&cpn=fAhpczl_-26eBiwK&cver=1.20210512.1.1&redirect_counter=1&cm2rm=sn-4g5elk7z&cms_redirect=yes&mh=mU&mm=34&mn=sn-4g5e6nl7&ms=ltu&mt=1621109785&mv=m&mvi=4&pl=47&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgKU4B9s1pt-xcE3-IMHOW11OX2J85rJxDOA2zH8OFyQUCIB2-opIs2iBSD8fQRGwA0t4z1BZIVOsm9SNxo7p0EYk8&range=466526-507933&rn=11&rbuf=18282

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:4f::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

361e457654b70d7e12478b2666d25c8557eb31364108b026ca74443a003eff6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 20:19:55 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41408
client-protocol: quic
last-modified: Sun, 06 Dec 2020 11:14:03 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21291
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Sat, 15 May 2021 20:19:55 GMT

POST
H2 204 qoe
www.youtube.com/api/stats/ Frame 0893 0
56 B 14ms
14ms Ping
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=134&afmt=251&cpn=fAhpczl_-26eBiwK&ei=4iygYOqcGNKy1gLsmaJQ&el=embedded&docid=9ZFy7_ZXHRo&ns=yt&fexp=23748147%2C23858057%2C23940237%2C23969934%2C23983296%2C23995927%2C24001373%2C24004644%2C24007246%2C24019954%2C24027395%2C24027749%2C24035275%2C24040786%2C24042868&cl=373643914&seq=2&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210512.1.1&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&cat=otfp&cmt=0.777:0.001,0.849:0.033,1.599:0.783,10.001:9.185&vps=0.777:B,0.849:PL,10.001:PL&user_intent=0.14&bwm=10.001:1324093:2.280&bwe=10.001:713019&bat=10.001:1:1&bh=10.001:28.533&df=10.001:0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2ff0586/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 15 May 2021 20:19:56 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 0893 28 B
56 B 22ms
21ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2ff0586/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/9ZFy7_ZXHRo?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Fpfclaim.com&widgetid=1
X-YouTube-Client-Version: 1.20210512.1.1
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgszVmRFcVpyZG14WSji2YCFBg%3D%3D
X-YouTube-Ad-Signals: dt=1621109986186&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C550%2C309&vis=1&wgl=true&ca_type=image&bid=ANyPxKo75sfWQe_GPbQf3-pUjSWVb7Q4fRHobHC5Ygsz7MPR-G4MyvCClX9vxgUzEgY6Uf5qA12EEjuA1Kti0fW80IXEL4ZC5Q

Response headers

date: Sat, 15 May 2021 20:19:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Sat, 15 May 2021 20:19:56 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: localhost
URL: http://localhost/wordpress/pfclaim.com/wp-content/uploads/2020/10/bg-01-free-img.jpg

Verdicts & Comments Add Verdict or Comment

139 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: ZZCXZ4HwTtE
.doubleclick.net/	1970-01-20 03:40:05	Name: IDE Value: AHWqTUlOwM_lwDITBpBn9lm0eKB5yd8tGxgQeafJ6_qGbJ20TjoEkMeO-Zj4D70d
.pfclaim.com/	1970-01-19 20:28:05	Name: _fbp Value: fb.1.1621109986007.1658411717
.youtube.com/	1970-01-19 22:37:41	Name: VISITOR_INFO1_LIVE Value: 3VdEqZrdmxY
.pfclaim.com/	1970-01-20 03:40:05	Name: __gads Value: ID=8795c366fc22279c-224ef23312c80025:T=1621109985:RT=1621109985:S=ALNI_MaUAIItffUAT2s_TX5sr3-EFu0x_Q

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
check-primeprize.life
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
localhost
pagead2.googlesyndication.com
partner.googleadservices.com
pfclaim.com
r4---sn-4g5e6nl7.googlevideo.com
static.doubleclick.net
static.getbutton.io
tpc.googlesyndication.com
translate.google.com
translate.googleapis.com
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
localhost
103.53.42.63
142.250.181.226
2a00:1450:4001:4f::a
2a00:1450:4001:800::2002
2a00:1450:4001:803::2001
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::2016
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:813::200e
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a03:2880:f016:14:face:b00c:0:3
2a03:2880:f116:83:face:b00c:0:25de
5.101.45.5
78.46.57.120
003dea4599f21be132b79f98d721b9504c4d902e2008534503f20e519cecf472
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0113a75603e4bbb9ba3ae05c81e4372d168e42371b3c50b7feea3952ae3c9f25
02e442346454529edd7839418232f9bb8008194bcd5ac74942a74c0aec488736
07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847
0c059e2230187440e768a4903dcfb293f2de97d5e227df92fe97b575ffb2e155
0ce51090b148a45a0e3d652719ed6ef7f1a38e5d272dbf874f86a49664e897a3
0f2408d274b2e81505cf5c1b84d9f0d583282490834abfe22710e697342c05e4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
1ada5259a5ac61a7d68315f7efa6b98d61d2d0478df0545869c880afeaa67dcd
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1cb1bc4fbffa8eb9b983009e7bce67aa8673567e64ebec77461688c49194917a
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1ff59d970125b2831145ca3cd76004136b257ddcf225198c013dbd4d73e3f1ef
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
222fa862b999d12207421987b43958f1a825a7f3c8dd7e1df25764b7ed52a566
226456d9a9eef8f0831b6b181be100a49cbaec1651a8bd45d7d0cc897d161538
23bab5a05182506187ce6943078fb7da525eeb9f89d82e2708cb3ca4ab8b4f0e
259ebdf187e859665884fe20be65c41a044a3ad0b9ea89b1ad8a791edd459e18
2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb
2a2d701efba2a136b09582be7dadb61f9069ae37f1245c2edfa209ddc67819a7
2d277e0d37fc7c0cc9f20d02ca3e1a66e06eaf3851d527b3a57ae672291e454e
2f6c4fb313105474d3aefa4e76032398930d0d887adb21c8bd266fc4112c0c91
30a949187cdd1c73e43b3bdee9398a9ae27f403a9481999fc9f5f946d8af0079
34c7b1b793b1126a1d4a6e450768cecad79b198bb0ce6f28f748e63977fe746b
359cf0cdca67afb12bea10cedc087a424e33b90247f2dab53e369cd7ac6e5616
361e457654b70d7e12478b2666d25c8557eb31364108b026ca74443a003eff6e
3730079c1215117fdc977b203b5f16a8a0a28af20d5a4be3541dd1921cc3e97c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41201af572f8368217fa68c5f3c2d90ce71c4204935cbd643f07c43e3ef91329
44d5b6790b073eb9211de1f8c14c9f2701138bf8e4c11726a8fbcb81f11e74b6
492212b35683c40750df1cc93b455cf483d36d41730ef8eccd35c691db7c2ec4
4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580
5195b5533eaad9e23ee9c1ad9dd017b4f0fca8d54921a3f045858eaf4145689d
5a86028255e0c2cda78faf897a3e43751e1a821156b9e1433e9d6b25285ab89e
5a8c623b34dcf729895c3bc9b6e261796bbad69555a21ad6d2f9b4e7bc27b6e7
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5cc51c7c1d6a55dc74d71897f5568a5fa02e5198d230d51f4ec9d5f8b5a39ecb
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
62c2aafc4d87c9187996f40a2f23df9710d98ade7366818aedc6233acfe97614
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
66f661926ae6c1e13c6b2169733476eb03b9be46e333e5f81eab69a5b0d27ace
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
681f07e8c9df6680b29ad6b10b585f35130b8c921360417803fe92ca6665e30d
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
69700b40e2ff9cdb7596e63fa62d5a949b92790799bb6aac658cda48b984769a
69fc0168712e7c005668ea9dc7de0f30fde8e7d2e88dda6b6148bd8d61176326
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9
6cf44060daba3f2456fba079d64c297e7775debdbad4c7776310d544b264a69c
6d7c73e67cbb5215d633ce9ad65f0c0377004621fce62982568024178ac4b589
6eefc13f4d9832e74173dea423bca495ceb7f4cbb888a19434d71a9bc0f69cb7
6f6612e47f607a1b47e6fd1c081b1a8b7c588df2a2ca7d9cdd488a3af23c50c9
72ac73702737f6975b3395a0802d6b37d88e8af2bc276158313c3e87cec447f1
758af520af740958167ad867622e499b689a3299fa395f5697ad775f8b9ae4ea
78c1c081892df7e2413371338f462682dd3311560322d0bf3382adf9a5ec023b
794aa1a90e23922b4ef3fbe52fcd7ef230f742cf3da29854b72cdb99af429cda
837a95eb9a851189f901a9bf2634d43de755cbb018b8a65e1e5cbd479ac49889
868a14b941d5c48427f049e2c7608ccef4c9223f47af1fb3e1fdbdcb16abfc55
8a3820962c15d26c4cdc9eff4f8c66ed29f96e353b7893285cb14962d6a6956d
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8d10b47ba3b70604a77d86f4fd42fa6e540860356064fa3e4ae1dbe259ce8d8d
944fd05e2917f55df839eb3c2535902e7640bf270adf47b1f13fb025e1e0eecb
97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264
9a7ef1796272e0fc4f260e33d90c0a1a1cbd8f72202ffcdabc9d8be9aac47cbc
9be30422afde4bcdc130ea9dee19f1d734266e10ed6d4147cca23c4d0b6080fc
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
a108c6e4eb1fb5af4b73b76a38266cb41795703940848306f572c5028c206071
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a71c859cce43b641546f7475be75cfd9a436271a7f10f375df46bbff0607bb81
a7312ea0271e0ce821ec59d1d5ad02970981c391ea89510dcbfb8f50323a441f
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
afd0c014bb79e7d2ab97165019f02f95d23a87661507e4ceaf161d2d9120461c
b0339e19a08cc85a40d74bf36e130092335a38ab6cca80b1e48b614f71516cfb
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
b3eab180b52c8f1e78b86009b212313cf54412e97d9b5b20108ce1e8ba554886
b6f7044498486ddeacef65e62a83f545cf15ae7ca51b18f1c0026f5174badc73
b87c086edf82604a1a5d4892ea8b121d480c6570d0ab7be8464322312e60c2a7
bb3a816a6879bac21f65d25271263c6b2cf1da10fbb403aeebe798343805d7c3
bfdb62e0cca3f919dbfc44d1f64e7fd9bfcaf1b3c3ae148466a6be7dda4ead08
c3425fc9fa50d53a2ac2588494a86807c2c3c6f481125bf5a2effdc516e11c77
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c787cecd58d57330197fb375cb0fae95c678e6cafa96ce23215233aebf7e4109
ca537b74a51c73d56a401ea7d361ad32f692558ab321b86a8fb0979f2927712c
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc534dad396f0c41edc978be0a4c460f3842b921742030f5f737e77bc340a312
ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d
cfb62d0ee56f68d7f6c106f7b52b659906631372992c1c6c39a38d2c698b7f9f
d668957728376a7b83603ba42c9aa74ec427d3279bfbccff1524a23382e1876d
d6cc1fa1b35dd4dcc7642bb3dd17e0cada9ca50654a6ba34dde64804334d1ce7
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d92b9a2423c564eda57a51dfe20565cbd27eb1d6489bf940e15d88a2142c4054
dde43be42372edb6fd60042c0e06c276bd756912ece00b51f824508402b31044
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
df655226bb22e7dc2c0fa754267b86f3917f844024dc597d8e3cec3830c66051
e2ba34d1b1dcbbecb347fbfd6cdc7dc3ce039a10480def8b371fad59fc6e4caa
e36eaa6e7cebbd4138dfb008ee3d53ab8195f45953b0f4f27d0d8156ab059021
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e407d9e744eecd15c7ba5fced7e45858758cfaf57cceec4255dd2ac110121e19
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef32867be98f1832f9b1bf55f59dc99c403d22a407e74aa9e47e50c81f555702
f0d8d12c77ae0388234c73397954ff2118444306deb7bd865f766351a5d68f2d
f3020e3b6982bbd769fdc9f40fe9e40ed2b95c05ef8911a26c360fd6c1ce9cf9
f3d3e4b6c0772fd114f620c3e15f30f184234ac2c0d1b9b3a69a44e3a26eface
f59fde434aeff5db9cfec1844cb9989651140ea2f38defbe4fd0eaf163e29053
f8d00356859998784bda26e1d14f2d981515921b96ded50d5d6f6f0e75bac15c
f9f3096bd2f451b354c8471fd67b29884d31ab8d0779b2c9147ebf9df0283ba5
fda3035030d3843c2751dc0da65fb802230ec00a4008aeed83ddddc7b97cbc93
fdcd3b78b9cbefaf0b0b77d15b997098755f13656b50b9890aa094431e828116
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
fe912f357759c1d9f44bc7e1f9b7f5b62f5dc8fc5509daabbbd4f99b27fe0263

pfclaim.com Open in urlscan Pro 103.53.42.63 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

124 Requests

99 %HTTPS

82 %IPv6

18 Domains

24 Subdomains

23 IPs

5 Countries

3957 kBTransfer

7738 kBSize

5 Cookies

4 Outgoing links

Redirected requests

124 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pfclaim.com Open in urlscan Pro
103.53.42.63 Public Scan

Screenshot
Live screenshot

Full Image

124
Requests

99 %
HTTPS

82 %
IPv6

18
Domains

24
Subdomains

23
IPs

5
Countries

3957 kB
Transfer

7738 kB
Size

5
Cookies

124 HTTP transactions
3 data transactions