cuentademo.info Open in urlscan Pro
66.225.241.56 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cuentademo.info/
Submission: On May 26 via automatic, source urlhaus (May 26th 2022, 5:01:37 pm UTC) — Scanned from DE

Summary HTTP 43 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 2 countries across 12 domains to perform 43 HTTP transactions. The main IP is 66.225.241.56, located in Chicago, United States and belongs to SERVERCENTRAL, US. The main domain is cuentademo.info.
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 8th 2022. Valid for: 3 months.

This is the only time cuentademo.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	66.225.241.56 66.225.241.56	23352 (SERVERCEN...) (SERVERCENTRAL)
1	35.201.118.58 35.201.118.58	15169 (GOOGLE) (GOOGLE)
8	2606:4700:20:... 2606:4700:20::681a:786	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:49b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:686	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	2606:4700:11:... 2606:4700:11::6817:850b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:5e1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.190.41.132 35.190.41.132	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
43	19

3 66.225.241.56 (Chicago, United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: priva26.privatednsorg.com

cuentademo.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.118.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.118.201.35.bc.googleusercontent.com

form.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::681a:786 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn01.jotfor.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.jotfor.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:49b8 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn02.jotfor.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:686 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn03.jotfor.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:11::6817:850b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

js.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
events.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:5e1 (United States)

ASN13335 (CLOUDFLARENET, US)

widgets-cache.jotform.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.41.132 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 132.41.190.35.bc.googleusercontent.com

files.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

redirector.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	jotfor.ms cdn01.jotfor.ms — Cisco Umbrella Rank: 21902 cdn02.jotfor.ms — Cisco Umbrella Rank: 21880 cdn03.jotfor.ms — Cisco Umbrella Rank: 22477 cdn.jotfor.ms — Cisco Umbrella Rank: 19252	576 KB
10	youtube.com www.youtube.com — Cisco Umbrella Rank: 91	753 KB
7	jotform.com 1 redirects form.jotform.com — Cisco Umbrella Rank: 19870 js.jotform.com — Cisco Umbrella Rank: 33528 www.jotform.com — Cisco Umbrella Rank: 23269 files.jotform.com — Cisco Umbrella Rank: 28166 events.jotform.com — Cisco Umbrella Rank: 21839	54 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 275	29 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 static.doubleclick.net — Cisco Umbrella Rank: 338	1 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	33 KB
3	cuentademo.info 1 redirects cuentademo.info	2 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	14 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 111	6 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 213	3 KB
1	googlevideo.com redirector.googlevideo.com — Cisco Umbrella Rank: 844	1 KB
1	jotform.io widgets-cache.jotform.io — Cisco Umbrella Rank: 827411	1019 B
43	12

	Domain	Requested by
10	www.youtube.com	widgets-cache.jotform.io www.youtube.com
6	cdn.jotfor.ms	form.jotform.com cdn01.jotfor.ms
4	jnn-pa.googleapis.com	www.youtube.com
3	js.jotform.com	form.jotform.com widgets-cache.jotform.io
3	cuentademo.info	1 redirects
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	cdn02.jotfor.ms	form.jotform.com
2	cdn01.jotfor.ms	form.jotform.com
1	www.google.com	www.youtube.com
1	events.jotform.com	cuentademo.info
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	redirector.googlevideo.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	fonts.gstatic.com	www.youtube.com
1	files.jotform.com	cuentademo.info
1	www.jotform.com	1 redirects
1	widgets-cache.jotform.io	cuentademo.info
1	cdn03.jotfor.ms	form.jotform.com
1	form.jotform.com	cuentademo.info
43	21

This site contains no links.

Subject Issuer	Validity	Valid
cuentademo.info cPanel, Inc. Certification Authority	`2022-04-08` - `2022-07-07`	3 months	crt.sh
*.jotform.com Sectigo RSA Domain Validation Secure Server CA	`2021-06-28` - `2022-06-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-17` - `2023-05-17`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://cuentademo.info/
Frame ID: 3220C4D7A6DCEE146F7EF73CCD014FA2
Requests: 3 HTTP requests in this frame

Frame: https://cdn01.jotfor.ms/themes/CSS/5e6b428acc8c4e222d1beb91.css
Frame ID: 7E9F3E3693500D15ED9C6DB39FA9817C
Requests: 15 HTTP requests in this frame

Frame: https://widgets-cache.jotform.io/221246850327049/5
Frame ID: 9CD1465D3A60BBB63BB1AE5952A21343
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/TaHwBigzGAc
Frame ID: 4322409F2D029159CEEFCDBF642F2493
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://cuentademo.info/ Page URL
https://cuentademo.info/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=7712999 HTTP 302
https://cuentademo.info/ Page URL

Detected technologies

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Page Statistics

43
Requests

95 %
HTTPS

83 %
IPv6

12
Domains

21
Subdomains

19
IPs

2
Countries

1470 kB
Transfer

4329 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cuentademo.info/ Page URL
https://cuentademo.info/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=7712999 HTTP 302
https://cuentademo.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://www.jotform.com/uploads/maow001/form_files/hosting_ecuador_logo.5b5b643c348522.59972670.png HTTP 302
https://files.jotform.com/jufs/maow001/form_files/hosting_ecuador_logo.5b5b643c348522.59972670.png?md5=DrzTaNdx0pjIPjRWERNsMw&expires=1653584504

Request Chain 24

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

43 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 /
cuentademo.info/ 1 KB
2 KB 852ms
109ms Document
text/html 66.225.241.56
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cuentademo.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.225.241.56 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva26.privatednsorg.com
Software: imunify360-webshield/1.18 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
cf-edge-cache: no-cache
content-type: text/html
date: Thu, 26 May 2022 17:01:32 GMT
last-modified: Thursday, 26-May-2022 17:01:32 GMT
server: imunify360-webshield/1.18

GET
H2

200

Primary Request / Show response
cuentademo.info/
Redirect Chain

https://cuentademo.info/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=7712999
https://cuentademo.info/

94 B
235 B

110ms
110ms

Document
text/html

66.225.241.56
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cuentademo.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.225.241.56 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva26.privatednsorg.com
Software: imunify360-webshield/1.18 /
Resource Hash: b7feac81caefa40f4ad25c5f901e843bb117e89f5f854f80bd971309beedc42e

Request headers

Referer: https://cuentademo.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 94
content-type: text/html
date: Thu, 26 May 2022 17:01:32 GMT
last-modified: Fri, 20 May 2022 03:08:07 GMT
server: imunify360-webshield/1.18

Redirect headers

content-length: 142
content-type: text/html
date: Thu, 26 May 2022 17:01:32 GMT
location: https://cuentademo.info
server: imunify360-webshield/1.18

GET
H2 200 221246850327049 Show response
form.jotform.com/jsform/ 31 KB
10 KB 235ms
140ms Script
text/javascript 35.201.118.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://form.jotform.com/jsform/221246850327049
Requested by: Host: cuentademo.info
URL: https://cuentademo.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.118.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.118.201.35.bc.googleusercontent.com
Software: CacheX v2.1 /
Resource Hash: c4cc015f89ca481f0c4c2b1e477fd619745104cac390ba9b6a8d5294c530aee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cuentademo.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 17:01:33 GMT
content-encoding: gzip
cache-hit: 1
server: CacheX v2.1
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 5e6b428acc8c4e222d1beb91.css
cdn01.jotfor.ms/themes/CSS/ Frame 7E9F 199 KB
36 KB 203ms
161ms Stylesheet
text/css 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.jotfor.ms/themes/CSS/5e6b428acc8c4e222d1beb91.css?
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/221246850327049
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58c9e2bb422691aa80bb96ce30c29cc3a553b751dfedad5eea65ed3cffdabed7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cuentademo.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 17:01:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-encoding: br
pragma: no-cache
last-modified: Thu, 26 May 2022 17:01:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h84IYG4rhcVFwdYRqARMlBIv%2FoIW4ppv9lRpm2JPjhBSMFmaGMJJEsfkLCxuUf7mdc7OyPLAwAwmWue5bCZeIfSW7Z1%2FXOSoPImQ9ZHx46K2TIM%2Br6RVgCiKCGn%2BMnub4bK9Ez0zBts9rYckfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: no-cache
x-form-cache: MISS-APP
cf-ray: 711812cdecfa9223-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 payment_styles.css
cdn02.jotfor.ms/css/styles/payment/ Frame 7E9F 65 KB
12 KB 240ms
183ms Stylesheet
text/css 2606:4700:20::ac43:49b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn02.jotfor.ms/css/styles/payment/payment_styles.css?3.3.33333
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/221246850327049
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1afebdee3b45086dc0157bdf74a88cc444be0c034976a057f6ed231a024d9ccb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cuentademo.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray: 711812cdfe03908b-FRA
date: Thu, 26 May 2022 17:01:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
last-modified: Wed, 11 May 2022 13:10:14 GMT
server: cloudflare
etag: W/"627bb5b6-103d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XV37NmBdhAVfirphYHTGeLT6E%2Bmtal%2FDVwbI%2Bf%2BO0z2aQjz2UQBlXWlzLikr0MhuItvYsz%2BAmursCXzervUbg41v0r30Hu6xftdSGyPu4JGpyb0nc5cXC4IX4YpbkvDJw%2BYnjA%2FK2HOWIuMuBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 payment_feature.css
cdn03.jotfor.ms/css/styles/payment/ Frame 7E9F 21 KB
4 KB 171ms
144ms Stylesheet
text/css 2606:4700:20::681a:686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn03.jotfor.ms/css/styles/payment/payment_feature.css?3.3.33333
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/221246850327049
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a563aa60395e445bac4f1baba89a0f12006b52c9ba8619f094ea8595d903346f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cuentademo.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray: 711812cdcbeb5b98-FRA
date: Thu, 26 May 2022 17:01:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
last-modified: Thu, 21 Apr 2022 18:26:55 GMT
server: cloudflare
etag: W/"6261a1ef-55e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k392DZ2tUhoYGW3YqLRJUgvw3miCwz0ZbY%2B3Tbew5Vftke8Dlfkq3HTANzXoGBAqE74Xbz3X4xVlZZUwHNohIUJn6pW2MV8p6X%2BGbz4GpQggXo8tt14T%2B4hdMxrPbsTaP2TED4519ibWGUjUYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 prototype.forms.js Show response
cdn01.jotfor.ms/static/ Frame 7E9F 126 KB
35 KB 184ms
143ms Script
application/x-javascript 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.jotfor.ms/static/prototype.forms.js
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/221246850327049
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83f2a7e755b2717d23a15a9dcca62cdc2fb1d2621c604f87726282371a25f1c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cuentademo.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray: 711812cdecfc9223-FRA
date: Thu, 26 May 2022 17:01:33 GMT
via: 1.1 google
cf-cache-status: REVALIDATED
last-modified: Thu, 26 May 2022 16:39:24 GMT
server: cloudflare
etag: W/"628fad3c-1f959"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65VsPEEzA1QH6Bkof3ugjz0H6w2Rs48yGB7D6flC26J8YD6L9CRqgyTbObz%2BjnmVLwWJcT2guWepVkDSW6Ff366hSKksMEJ5uK3DLJLrk9pnwhzBU3fna7X7wjWPt2zbR2YnjpZPqoWzEejaCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 jotform.forms.js Show response
cdn02.jotfor.ms/static/ Frame 7E9F 533 KB
141 KB 223ms
168ms Script
application/x-javascript 2606:4700:20::ac43:49b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn02.jotfor.ms/static/jotform.forms.js?3.3.33333
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/221246850327049
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8089fcc3b78376b05020b1206d36ece86cb09eca35f10476111868f0ed94cad0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cuentademo.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray: 711812cdfe07908b-FRA
date: Thu, 26 May 2022 17:01:33 GMT
via: 1.1 google
cf-cache-status: REVALIDATED
last-modified: Thu, 26 May 2022 16:39:24 GMT
server: cloudflare
etag: W/"628fad3c-853b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GxAAOYmSQsQy5rjSucuA8fxUBJrjRHunqQJZVldt%2BKfmJFJ6T7p6tCQP6ZdGAV1hKH5SaFhYkf0vlCCy%2FX%2BdIQ0nWYijaWBxRoGqfBMgl9MPi5jlXAalRqttxUriNmfzldW3VMsIvcGJt1I1ig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 postMessage.js Show response
js.jotform.com/vendor/ Frame 7E9F 6 KB
2 KB 189ms
146ms Script
application/x-javascript 2606:4700:11::6817:850b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.jotform.com/vendor/postMessage.js?3.3.33333
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/221246850327049
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:11::6817:850b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a880bd834d9154c43af000edf9ce579f9dbd886c97b830c15b675c35acbb9926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cuentademo.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 17:01:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-static: 1
last-modified: Tue, 07 Dec 2021 12:06:54 GMT
server: cloudflare
etag: W/"61af4e5e-16bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cf-ray: 711812cde9f29bec-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 WidgetsServer.js Show response
js.jotform.com/ Frame 7E9F 30 KB
10 KB 192ms
149ms Script
application/x-javascript 2606:4700:11::6817:850b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.jotform.com/WidgetsServer.js?v=1652992819039
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/221246850327049
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:11::6817:850b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 281b2fd15cfbfc80b53dd48cb1cd4f54c1667a5e0da7f6bce08a8ea6b7fca2c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cuentademo.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 17:01:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-static: 1
last-modified: Tue, 07 Dec 2021 12:06:57 GMT
server: cloudflare
etag: W/"61af4e61-794a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cf-ray: 711812cde9f99bec-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 smoothscroll.min.js Show response
cdn.jotfor.ms//js/vendor/ Frame 7E9F 5 KB
2 KB 203ms
151ms Script
application/x-javascript 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms//js/vendor/smoothscroll.min.js?v=3.3.33333
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/221246850327049
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49176b244de4b07d2a8a79cd8663a2fced053acc22b1807929521665d09f3e3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cuentademo.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 17:01:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-static: 2
last-modified: Tue, 07 Dec 2021 08:02:30 GMT
server: cloudflare
etag: W/"61af1516-13c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PRwmq4wjsIasyp5jEybYJZmRjM9wyJd59XcKkAbJK1iWVxGC4VkJ8A07IY2379mDbLUay37g1m1SIu6wfdMkQfQNYeuuVvga5R8D8qJPamtcq2MDaJXIj3NecFoPlhsdhZfPSvzlKCVYZDs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: no-cache
cf-ray: 711812cded4f9bbf-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 errorNavigation.js Show response
cdn.jotfor.ms//js/ Frame 7E9F 6 KB
2 KB 194ms
143ms Script
application/x-javascript 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms//js/errorNavigation.js?v=3.3.33333
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/221246850327049
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22f3c0bad20a824194399d60c1009b4e602260f8de243eec5319c695813a78cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cuentademo.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 17:01:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-static: 2
last-modified: Tue, 15 Mar 2022 13:07:37 GMT
server: cloudflare
etag: W/"62308f99-16c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V4cv6tSl%2F61sp8hnygr7zdLyIfIC3pwYVLsFBodopXZ1YSru%2BlXyaXyAlTxLL8kVlcC7er84xNiSvpc2L2o%2FCKl39cVpl3K%2FZypYPmNA3%2FiwCfhbuDM0iGoSrHyXVt3PBAozDmlqrguIph0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: no-cache
cf-ray: 711812cdfd519bbf-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 5 Show response
widgets-cache.jotform.io/221246850327049/ Frame 9CD1 1 KB
1019 B 192ms
141ms Document
text/html 2606:4700:20::681a:5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-cache.jotform.io/221246850327049/5
Requested by: Host: cuentademo.info
URL: https://cuentademo.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f051df21aef7e780f70d6a8b4279f8add6499c78a64c1e1223ff4f67d278fde

Request headers

Referer: https://cuentademo.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 711812cfae1592b4-FRA
content-encoding: br
content-type: text/html
date: Thu, 26 May 2022 17:01:34 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B3NxeFNbNZ9bWNalwKHjwr0EE8iGJGKWSWK0w2E82XmEKPNzNeoxUTDdEJRiZ4GsN%2FG4Zg3KhWy%2Fijm8%2FMl0B1n1K3OhpvAz8MZQrjeI8Y71kb4l1hkdn9T%2F8Np%2BnSFUkndpZALXT6PJPUftjDSBKLgIcpaOAg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 Inter-SemiBold.woff2
cdn.jotfor.ms/fonts/inter/fonts/ Frame 7E9F 88 KB
88 KB 165ms
148ms Font
text/html 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-SemiBold.woff2
Requested by: Host: cdn01.jotfor.ms
URL: https://cdn01.jotfor.ms/themes/CSS/5e6b428acc8c4e222d1beb91.css?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5115d063f4f808fc2970e842ee45561e768b711d50d61cb59430b5a96247b28

Request headers

Referer: https://cdn01.jotfor.ms/
Origin: https://cuentademo.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray: 711812cf7a979046-FRA
date: Thu, 26 May 2022 17:01:34 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
last-modified: Wed, 02 Feb 2022 09:14:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6yyepKiQu%2FsaNmle5C03o4HrECaSJbmOSZml987EvFcfuPEzFuohUXg6AtOiwvkbUhR1Crgev7oNQiJXn%2Bw85tbvwHyP3ajMHjt2DmqAf4P8%2Bwr1JoESaP5koTsA%2FuruUFHbTv1oiqzu%2FU0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 Inter-Medium.woff2
cdn.jotfor.ms/fonts/inter/fonts/ Frame 7E9F 87 KB
87 KB 164ms
148ms Font
text/html 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Medium.woff2
Requested by: Host: cdn01.jotfor.ms
URL: https://cdn01.jotfor.ms/themes/CSS/5e6b428acc8c4e222d1beb91.css?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d541e3936c89d10117581b2153619b370ec875729e5bae24000c547d06090e15

Request headers

Referer: https://cdn01.jotfor.ms/
Origin: https://cuentademo.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray: 711812cf7a9a9046-FRA
date: Thu, 26 May 2022 17:01:34 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
last-modified: Wed, 02 Feb 2022 09:14:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TwJSPZ2OYydMCYn6FgIH38nglBk4IPCOmdOM3OZoxbUs2f0UKjsNaEY24mAMTjKmyzqncArbnwVuokDgddYmkAD2dBEqm4dqXl13x5gWZO380V7ZfmcACXHRY3EAgywkbV%2BUTdYEq8y9TKI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 Inter-Regular.woff2
cdn.jotfor.ms/fonts/inter/fonts/ Frame 7E9F 81 KB
81 KB 149ms
138ms Font
text/html 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Regular.woff2
Requested by: Host: cdn01.jotfor.ms
URL: https://cdn01.jotfor.ms/themes/CSS/5e6b428acc8c4e222d1beb91.css?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 257897a5abe39df95df7900e51d84f4de85877513337efdf2e97e0ef36622ae2

Request headers

Referer: https://cdn01.jotfor.ms/
Origin: https://cuentademo.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray: 711812cf7a9b9046-FRA
date: Thu, 26 May 2022 17:01:34 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
last-modified: Wed, 02 Feb 2022 09:14:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jpATuLbhS25Zhr9iEe6AI85RXHDjsGsbaofNX8EsLtAuhLkM7oG4aSVTqMjxX0wtyc2ZWD955ebjwHYiGYa37nAaTzwygP4vCULNsbqWjq78XYzjdnv9TUh1j%2FJetAmABmLjCosMnv8kXM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 Inter-Bold.woff2
cdn.jotfor.ms/fonts/inter/fonts/ Frame 7E9F 88 KB
88 KB 158ms
147ms Font
text/html 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Bold.woff2
Requested by: Host: cdn01.jotfor.ms
URL: https://cdn01.jotfor.ms/themes/CSS/5e6b428acc8c4e222d1beb91.css?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8df72969c3354883c1393a95ddaf873e4377008a2f97f99a1d797feaaaa42a8a

Request headers

Referer: https://cdn01.jotfor.ms/
Origin: https://cuentademo.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray: 711812cf7a9c9046-FRA
date: Thu, 26 May 2022 17:01:34 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
last-modified: Wed, 02 Feb 2022 09:14:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w4b%2FykSLgQ2RKMV7kqMkLj1%2FFinH8Iof5nfPw2yZojzfHEs%2BASerf9%2BpYup%2FKcrEG44OYHjxSm4YXIg6QgFfvsPo7qLtcm34tzEiq5URYo8EzDsy%2FOiwBxSlren%2BDTdWycGuRZ9xSyWCAXI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

hosting_ecuador_logo.5b5b643c348522.59972670.png
files.jotform.com/jufs/maow001/form_files/ Frame 7E9F
Redirect Chain

https://www.jotform.com/uploads/maow001/form_files/hosting_ecuador_logo.5b5b643c348522.59972670.png
https://files.jotform.com/jufs/maow001/form_files/hosting_ecuador_logo.5b5b643c348522.59972670.png?md5=DrzTaNdx0pjIPjRWERNsMw&expires=1653584504

10 KB
11 KB

174ms
117ms

Image
application/octet-stream

35.190.41.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.jotform.com/jufs/maow001/form_files/hosting_ecuador_logo.5b5b643c348522.59972670.png?md5=DrzTaNdx0pjIPjRWERNsMw&expires=1653584504
Requested by: Host: cuentademo.info
URL: https://cuentademo.info/
Protocol: H2
Server: 35.190.41.132 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 132.41.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 24b0d5f4f13769eaea6f3d93e74da5efffce9df2d35555a2704317638cd53165

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cuentademo.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 17:01:34 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: OPTIONS, GET
content-type: application/octet-stream
access-control-allow-origin: *
content-disposition: attachment; filename="hosting_ecuador_logo.5b5b643c348522.59972670.png"
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, newrelic, traceparent, tracestate

Redirect headers

date: Thu, 26 May 2022 17:01:34 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
access-control-allow-origin: *
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
last-modified: Thu, 26 May 2022 17:01:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=600000;
content-type: text/html; charset=UTF-8
location: https://files.jotform.com/jufs/maow001/form_files/hosting_ecuador_logo.5b5b643c348522.59972670.png?md5=DrzTaNdx0pjIPjRWERNsMw&expires=1653584504
cache-control: no-cache
x-form-cache: MISS-APP
cf-ray: 711812cf9e709bec-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 JotFormCustomWidget.min.js Show response
js.jotform.com/ Frame 9CD1 52 KB
20 KB 144ms
143ms Script
application/x-javascript 2606:4700:11::6817:850b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.jotform.com/JotFormCustomWidget.min.js
Requested by: Host: widgets-cache.jotform.io
URL: https://widgets-cache.jotform.io/221246850327049/5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:11::6817:850b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f86c6eab5b31144c7a27df83be3826a38f5cb28d3923785a15815371aa9c587

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets-cache.jotform.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 17:01:34 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-static: 1
last-modified: Tue, 07 Dec 2021 12:06:57 GMT
server: cloudflare
etag: W/"61af4e61-d0ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cf-ray: 711812d098f29bec-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 TaHwBigzGAc Show response
www.youtube.com/embed/ Frame 4322 64 KB
28 KB 211ms
112ms Document
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/TaHwBigzGAc?

Requested by

Host: widgets-cache.jotform.io
URL: https://widgets-cache.jotform.io/221246850327049/5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d503e1c44125fb3750072a4cd6ea10dcd11292ba73b0e106c42356a22daf5495

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://widgets-cache.jotform.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Thu, 26 May 2022 17:01:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/d1783cbe/ Frame 4322 336 KB
46 KB 120ms
42ms Stylesheet
text/css 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d1783cbe/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TaHwBigzGAc?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff7cec7fbbb44902cb946b2d77bb28bfdfeb69d5c61837fe68c6b066281a9bc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/TaHwBigzGAc?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:02:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89925
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47343
x-xss-protection: 0
last-modified: Wed, 25 May 2022 00:16:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 25 May 2023 16:02:49 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/d1783cbe/www-embed-player.vflset/ Frame 4322 284 KB
87 KB 158ms
80ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d1783cbe/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TaHwBigzGAc?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6759eeea4a3e0dcc6883305b25d7aac20cb725231a29701e41340d6fa7b3410a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/TaHwBigzGAc?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:02:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89925
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89344
x-xss-protection: 0
last-modified: Wed, 25 May 2022 00:16:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 25 May 2023 16:02:49 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/d1783cbe/player_ias.vflset/de_DE/ Frame 4322 2 MB
530 KB 175ms
97ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d1783cbe/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TaHwBigzGAc?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10ba2921da7a426d858ab48706a1562f80a8c96c63ebd60a27c39c2c0817355e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/TaHwBigzGAc?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:02:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89925
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 542859
x-xss-protection: 0
last-modified: Wed, 25 May 2022 00:16:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 25 May 2023 16:02:49 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/d1783cbe/fetch-polyfill.vflset/ Frame 4322 9 KB
3 KB 156ms
79ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d1783cbe/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TaHwBigzGAc?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/TaHwBigzGAc?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:02:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89925
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 25 May 2022 00:16:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 25 May 2023 16:02:49 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4322 15 KB
16 KB 124ms
39ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TaHwBigzGAc?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 193409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 24 May 2023 11:18:05 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 4322
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

125ms
46ms

XHR
application/json

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TaHwBigzGAc?

Protocol

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4f7b6e553a2267e77368318369e16770b10c011def09b92bf7e3ea94deeb467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 17:01:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 26 May 2022 17:01:35 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 4322 29 B
589 B 120ms
36ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d1783cbe/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 16:54:57 GMT
x-content-type-options: nosniff
age: 398
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 26 May 2022 17:09:57 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 139ms
49ms Preflight
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 26 May 2022 17:01:35 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4322 62 KB
29 KB 134ms
55ms XHR
application/json+protobuf 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d1783cbe/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

65698f83200e639881be9f7be6ce76c4f3bca47ec31d9a51425c3307fbb57800

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 26 May 2022 17:01:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 29358
x-xss-protection: 0

GET
H2 200 initplayback Show response
redirector.googlevideo.com/ Frame 4322 530 B
1 KB 147ms
46ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://redirector.googlevideo.com/initplayback?source=youtube&orc=1&oeis=1&ip=2a03%3A1b20%3A6%3Af011%3A0%3A0%3A0%3A6e&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=11000&oavd=11000&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odeak=1&odepv=1&osfc=1&pxtags=Cg4KAnR4EggyNDE5NjQ0Ng&rxtags=Cg4KAnR4EggyNDE5NjQ0Ng%2CCg4KAnR4EggyNDE5NjQ0Nw%2CCg4KAnR4EggyNDE5NjQ0OA%2CCg4KAnR4EggyNDE5NjQ0OQ%2CCg4KAnR4EggyNDE5NjQ1MA&alr=yes&id=37759

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d1783cbe/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ClientMapServer /

Resource Hash

be398162e4fda9c83244cc5b186fef35cfd9cc81c5f565668e70f0c03e961a01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 17:01:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 320
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/d1783cbe/player_ias.vflset/de_DE/ Frame 4322 119 KB
37 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d1783cbe/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d1783cbe/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de8571efbf0aea75892c4aca0fe97881568ca123b8de9a1f94ccd2d5d274c024

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/TaHwBigzGAc?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:04:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89834
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37816
x-xss-protection: 0
last-modified: Wed, 25 May 2022 00:16:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 25 May 2023 16:04:20 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/d1783cbe/player_ias.vflset/de_DE/ Frame 4322 27 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d1783cbe/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d1783cbe/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb1023bea6522f4625d8873a27b30d42cea04e431fad965ff6704edf98bbd771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/TaHwBigzGAc?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 16:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89923
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8040
x-xss-protection: 0
last-modified: Wed, 25 May 2022 00:16:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 25 May 2023 16:02:51 GMT

GET
DATA 200
OK truncated
/ Frame 4322 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLR2-IBUU6a0A5NoWQzBLrD5aJe6gHn8x_sR4b0N=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 4322 3 KB
3 KB 337ms
248ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLR2-IBUU6a0A5NoWQzBLrD5aJe6gHn8x_sR4b0N=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TaHwBigzGAc?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1e7e4d23084e2377fb9e2319a5d034ab3faf2894b976a223ae3f5be089f9a78e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 17:01:35 GMT
x-content-type-options: nosniff
server: fife
etag: "v40"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2622
x-xss-protection: 0
expires: Fri, 27 May 2022 17:01:35 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/TaHwBigzGAc/ Frame 4322 5 KB
6 KB 217ms
130ms Image
image/webp 2a00:1450:4001:802::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/TaHwBigzGAc/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TaHwBigzGAc?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecac7957938750a3f7ee2b980a8076d4380e32d76e49f60effcea5645ebde5ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 17:01:35 GMT
x-content-type-options: nosniff
server: sffe
etag: "1599153700"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5158
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 May 2022 19:01:35 GMT

GET
H2 204 /
events.jotform.com/jsform/221246850327049/ Frame 7E9F 0
196 B 158ms
146ms Image
text/plain 2606:4700:11::6817:850b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.jotform.com/jsform/221246850327049/?ref=&res=1600x1200&eventID=1653584495010_221246850327049_Hgv5ieD&loc=https%253A%252F%252Fcuentademo.info%252F
Requested by: Host: cuentademo.info
URL: https://cuentademo.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:11::6817:850b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cuentademo.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 May 2022 17:01:35 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
last-modified: Thu, 26 May 2022 13:01:35 GMT
server: cloudflare
access-control-allow-headers: origin, content-type, accept
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 711812d5ef119bec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 4322 4 KB
3 KB 141ms
54ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d1783cbe/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 17:01:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 26 May 2022 17:01:35 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/102/ Frame 4322 52 KB
15 KB 118ms
39ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/102/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0bc3be07587388188143cb937f57c41c1921c60d0ad0c1a278c9099b6fc26a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 12:21:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15092
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 15:13:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 27 May 2022 12:21:48 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4322 98 B
142 B 51ms
50ms XHR
application/json+protobuf 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d1783cbe/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

568992433f42fbb8518c1e773bd1249631aa525e4ff22a913096f018adc126ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 26 May 2022 17:01:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 47ms
47ms Preflight
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 26 May 2022 17:01:35 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 get Show response
www.youtube.com/youtubei/v1/att/ Frame 4322 19 KB
14 KB 65ms
65ms XHR
application/json 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/att/get?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d1783cbe/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

e842482e7490765cf117643205d62c014e7751161f172be427c1bee5fb8726b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/TaHwBigzGAc?
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20220524.01.00
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
X-Goog-Visitor-Id: CgtXUzJrR1dMcFRZQSju5L6UBg%3D%3D
Content-Type: application/json

Response headers

date: Thu, 26 May 2022 17:01:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14017
x-xss-protection: 0
expires: Thu, 26 May 2022 17:01:35 GMT

GET
H2 200 EsymvScChCGIZdhdrFUjr5i0tdGa2JS0JczF6sa7GEY.js Show response
www.google.com/js/th/ Frame 4322 35 KB
14 KB 124ms
41ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/EsymvScChCGIZdhdrFUjr5i0tdGa2JS0JczF6sa7GEY.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d1783cbe/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12cca6bd270284218865d85dac5523af98b4b5d19ad894b425ccc5eac6bb1846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 20 May 2022 07:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 553214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13604
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 May 2023 07:21:22 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 4322 0
9 B 39ms
39ms Image
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?MHsBKQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/TaHwBigzGAc?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 17:01:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 4322 28 B
54 B 53ms
53ms XHR
application/json 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d1783cbe/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/TaHwBigzGAc?
X-YouTube-Client-Version: 1.20220524.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtXUzJrR1dMcFRZQSju5L6UBg%3D%3D
X-YouTube-Ad-Signals: dt=1653584494871&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C587%2C350&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 26 May 2022 17:01:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 26 May 2022 17:01:37 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cuentademo.info/	1970-01-20 04:02:56	Name: wschkid Value: c7c210bfadbf0b9baa749b850ad56f8db362c252.1653670892.1
.jotform.com/	1970-01-20 04:02:56	Name: JOTFORM_SESSION Value: 8obbbs42lj5608nqhn31mrk791
.jotform.com/	1970-01-20 04:04:22	Name: userReferer Value: https%3A%2F%2Fcuentademo.info%2F
.jotform.com/	1970-01-20 04:04:22	Name: theme Value: tile-black
.jotform.com/	1970-01-20 04:04:22	Name: guest Value: guest_a2cb17fc0ddc7d4e
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: OJk3iy1cWjI
.youtube.com/	1970-01-20 07:38:56	Name: VISITOR_INFO1_LIVE Value: WS2kGWLpTYA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jotfor.ms
cdn01.jotfor.ms
cdn02.jotfor.ms
cdn03.jotfor.ms
cuentademo.info
events.jotform.com
files.jotform.com
fonts.gstatic.com
form.jotform.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
js.jotform.com
redirector.googlevideo.com
static.doubleclick.net
widgets-cache.jotform.io
www.google.com
www.gstatic.com
www.jotform.com
www.youtube.com
yt3.ggpht.com
2606:4700:11::6817:850b
2606:4700:20::681a:5e1
2606:4700:20::681a:686
2606:4700:20::681a:786
2606:4700:20::ac43:49b8
2a00:1450:4001:800::200e
2a00:1450:4001:802::2016
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2003
2a00:1450:4001:811::2004
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2003
35.190.41.132
35.201.118.58
66.225.241.56
0f86c6eab5b31144c7a27df83be3826a38f5cb28d3923785a15815371aa9c587
10ba2921da7a426d858ab48706a1562f80a8c96c63ebd60a27c39c2c0817355e
12cca6bd270284218865d85dac5523af98b4b5d19ad894b425ccc5eac6bb1846
1afebdee3b45086dc0157bdf74a88cc444be0c034976a057f6ed231a024d9ccb
1e7e4d23084e2377fb9e2319a5d034ab3faf2894b976a223ae3f5be089f9a78e
22f3c0bad20a824194399d60c1009b4e602260f8de243eec5319c695813a78cd
24b0d5f4f13769eaea6f3d93e74da5efffce9df2d35555a2704317638cd53165
257897a5abe39df95df7900e51d84f4de85877513337efdf2e97e0ef36622ae2
281b2fd15cfbfc80b53dd48cb1cd4f54c1667a5e0da7f6bce08a8ea6b7fca2c4
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
49176b244de4b07d2a8a79cd8663a2fced053acc22b1807929521665d09f3e3a
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4f051df21aef7e780f70d6a8b4279f8add6499c78a64c1e1223ff4f67d278fde
568992433f42fbb8518c1e773bd1249631aa525e4ff22a913096f018adc126ff
58c9e2bb422691aa80bb96ce30c29cc3a553b751dfedad5eea65ed3cffdabed7
65698f83200e639881be9f7be6ce76c4f3bca47ec31d9a51425c3307fbb57800
6759eeea4a3e0dcc6883305b25d7aac20cb725231a29701e41340d6fa7b3410a
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
8089fcc3b78376b05020b1206d36ece86cb09eca35f10476111868f0ed94cad0
83f2a7e755b2717d23a15a9dcca62cdc2fb1d2621c604f87726282371a25f1c1
8df72969c3354883c1393a95ddaf873e4377008a2f97f99a1d797feaaaa42a8a
a563aa60395e445bac4f1baba89a0f12006b52c9ba8619f094ea8595d903346f
a880bd834d9154c43af000edf9ce579f9dbd886c97b830c15b675c35acbb9926
b7feac81caefa40f4ad25c5f901e843bb117e89f5f854f80bd971309beedc42e
be398162e4fda9c83244cc5b186fef35cfd9cc81c5f565668e70f0c03e961a01
c0bc3be07587388188143cb937f57c41c1921c60d0ad0c1a278c9099b6fc26a6
c4cc015f89ca481f0c4c2b1e477fd619745104cac390ba9b6a8d5294c530aee3
c4f7b6e553a2267e77368318369e16770b10c011def09b92bf7e3ea94deeb467
c5115d063f4f808fc2970e842ee45561e768b711d50d61cb59430b5a96247b28
d503e1c44125fb3750072a4cd6ea10dcd11292ba73b0e106c42356a22daf5495
d541e3936c89d10117581b2153619b370ec875729e5bae24000c547d06090e15
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de8571efbf0aea75892c4aca0fe97881568ca123b8de9a1f94ccd2d5d274c024
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e842482e7490765cf117643205d62c014e7751161f172be427c1bee5fb8726b2
eb1023bea6522f4625d8873a27b30d42cea04e431fad965ff6704edf98bbd771
ecac7957938750a3f7ee2b980a8076d4380e32d76e49f60effcea5645ebde5ba
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ff7cec7fbbb44902cb946b2d77bb28bfdfeb69d5c61837fe68c6b066281a9bc5

cuentademo.info Open in urlscan Pro 66.225.241.56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

95 %HTTPS

83 %IPv6

12 Domains

21 Subdomains

19 IPs

2 Countries

1470 kBTransfer

4329 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

cuentademo.info Open in urlscan Pro
66.225.241.56 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

95 %
HTTPS

83 %
IPv6

12
Domains

21
Subdomains

19
IPs

2
Countries

1470 kB
Transfer

4329 kB
Size

7
Cookies

43 HTTP transactions
1 data transactions